This repository is part of a larger Adversary Simulation project. The main page includes some installation guidance and information about other components. Please refer there for more information.
This Splunk App is intended to implement the ATT&CK navigator inside of Splunkweb as an "app". It also includes a REST handler to read and update the "Custom Context Menu Options"
GET example (read)
curl -k -u 'admin:changeme' https://localhost:8089/services/app_config
POST example (update)
curl -k -u 'admin:changeme' https://localhost:8089/services/app_config -d '[{"label" : "splunkonline" , "url" : "https://www.splunk.com"},{"label" : "simulate attck", "url" : "/splunkd/__raw/services/run_simulation?attack=~Technique_Name~&id=~Technique_ID~"}]'