Last active
May 2, 2018 22:53
-
-
Save jpbruckler/6cd6e9f0a0fdf631a74983f3ceb57da2 to your computer and use it in GitHub Desktop.
Opens MITRE ATT&CK T-Code in your browser
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Open-MITRE | |
| { | |
| <# | |
| .SYNOPSIS | |
| Opens MITRE ATT&CK wiki page for the given T code in the default browser. | |
| .DESCRIPTION | |
| For a given technique code (Tnnnn), opens the wiki page for the corresponding | |
| MITRE ATT&CK technique in the default browser. | |
| .PARAMETER TechniqueCode | |
| The ATT&CK technique code. This can either be a 4 digit number, or the fully | |
| qualified technique ID (e.g. T1120) of a documented MITRE ATT&CK technique. | |
| The leading T can be left off, it will be added by the function if missing. | |
| .INPUTS [String[]] | |
| .OUTPUTS void | |
| .EXAMPLE | |
| PS C:\> Open-MITRE -TechniqueCode T1120 | |
| The above example will open a tab in the default browser to https://attack.mitre.org/wiki/Technique/T1120. | |
| .EXAMPLE | |
| PS C:\> 1110..1120 | Open-MITRE | |
| The above example will open up 10 tabs, 1 for each T code. Note that the T is left | |
| off the technique code. | |
| #> | |
| param( | |
| [Parameter( Mandatory, | |
| ValueFromPipeline )] | |
| [Alias('TCode')] | |
| [string] $TechniqueCode | |
| ) | |
| process { | |
| if (-not ($TechniqueCode.StartsWith('T'))) { | |
| $TechniqueCode = 'T{0}' -f $TechniqueCode | |
| } | |
| $url = ('https://attack.mitre.org/wiki/Technique/{0}' -f $TechniqueCode) | |
| Start-Process $url | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment