From 27c143fdea934d716dfbc50c22168c747f6e4d7c Mon Sep 17 00:00:00 2001
From: Matthew Iverson <matthew@noreply.localhost>
Date: Sat, 30 Nov 2024 00:53:20 -0500
Subject: [PATCH] Upload files to "Modules/Knowledge/MITRE"

---
 .../Knowledge/MITRE/mitre_attack_framework.py | 27 +++++++++++++++++++
 .../Knowledge/MITRE/summiting_the_pyramid.py  | 27 +++++++++++++++++++
 2 files changed, 54 insertions(+)
 create mode 100644 Modules/Knowledge/MITRE/mitre_attack_framework.py
 create mode 100644 Modules/Knowledge/MITRE/summiting_the_pyramid.py

diff --git a/Modules/Knowledge/MITRE/mitre_attack_framework.py b/Modules/Knowledge/MITRE/mitre_attack_framework.py
new file mode 100644
index 0000000..44b62fd
--- /dev/null
+++ b/Modules/Knowledge/MITRE/mitre_attack_framework.py
@@ -0,0 +1,27 @@
+def get_content():
+    """
+    Returns structured content for the MITRE ATT&CK Framework.
+    """
+    return [
+        {
+            "title": "Overview",
+            "content": """
+- Framework for categorizing adversary tactics and techniques.
+- Based on real-world observations.
+            """
+        },
+        {
+            "title": "Persistence Categories",
+            "content": """
+- Registry Keys, Scheduled Tasks.
+- Services, Startup Folders.
+            """
+        },
+        {
+            "title": "Application",
+            "content": """
+- Helps identify TTPs used in attacks.
+- Aligns defensive strategies with adversary behavior.
+            """
+        }
+    ]
diff --git a/Modules/Knowledge/MITRE/summiting_the_pyramid.py b/Modules/Knowledge/MITRE/summiting_the_pyramid.py
new file mode 100644
index 0000000..44910f8
--- /dev/null
+++ b/Modules/Knowledge/MITRE/summiting_the_pyramid.py
@@ -0,0 +1,27 @@
+def get_content():
+    """
+    Returns structured content for MITRE's "Summit the Pyramid" framework.
+    """
+    return [
+        {
+            "title": "MITRE's Summit the Pyramid",
+            "content": """
+- A framework to prioritize and address threats effectively.
+- Aligns detection and response efforts with adversarial TTPs.
+            """
+        },
+        {
+            "title": "Threat-Informed Defense",
+            "content": """
+- Know your threats to focus detection efforts.
+- Be realistic about available log sources and noise levels.
+            """
+        },
+        {
+            "title": "Additional Resources",
+            "content": """
+- [Red Canary: Threat Detection Report](https://redcanary.com/threat-detection-report/trends/by-industry/)
+- Summit the Pyramid focuses on actionable defense strategies.
+            """
+        }
+    ]