Upload files to "Modules/Knowledge/MITRE"

Modules/Knowledge/MITRE/mitre_attack_framework.py

@@ -0,0 +1,27 @@
+def get_content():
+    """
+    Returns structured content for the MITRE ATT&CK Framework.
+    """
+    return [
+        {
+            "title": "Overview",
+            "content": """
+- Framework for categorizing adversary tactics and techniques.
+- Based on real-world observations.
+            """
+        },
+        {
+            "title": "Persistence Categories",
+            "content": """
+- Registry Keys, Scheduled Tasks.
+- Services, Startup Folders.
+            """
+        },
+        {
+            "title": "Application",
+            "content": """
+- Helps identify TTPs used in attacks.
+- Aligns defensive strategies with adversary behavior.
+            """
+        }
+    ]

Modules/Knowledge/MITRE/summiting_the_pyramid.py

@@ -0,0 +1,27 @@
+def get_content():
+    """
+    Returns structured content for MITRE's "Summit the Pyramid" framework.
+    """
+    return [
+        {
+            "title": "MITRE's Summit the Pyramid",
+            "content": """
+- A framework to prioritize and address threats effectively.
+- Aligns detection and response efforts with adversarial TTPs.
+            """
+        },
+        {
+            "title": "Threat-Informed Defense",
+            "content": """
+- Know your threats to focus detection efforts.
+- Be realistic about available log sources and noise levels.
+            """
+        },
+        {
+            "title": "Additional Resources",
+            "content": """
+- [Red Canary: Threat Detection Report](https://redcanary.com/threat-detection-report/trends/by-industry/)
+- Summit the Pyramid focuses on actionable defense strategies.
+            """
+        }
+    ]