CVE2CAPEC
Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated daily. Showcased at BlackHat Europe 2025 Arsenal.
Install / Use
/learn @Galeax/CVE2CAPECREADME
<a name="readme-top"></a>
<div align="center"> <h1 align="center">CVE2CAPEC</h1> <p align="center"> <a href="https://www.python.org/"><img src="https://img.shields.io/badge/Python-v3.11.9-blue?style=for-the-badge&logo=Python"></a> <a href="https://github.com/Galeax/CVE2CAPEC"><img src="https://img.shields.io/badge/Github-35495E?logo=GitHub&style=for-the-badge"></a> <a href="https://galeax.github.io/CVE2CAPEC/"><img src="https://img.shields.io/badge/github%20pages-121013?style=for-the-badge&logo=github&logoColor=white"></a> <br/><br/> Get CVE, CWE, CAPEC, MITRE ATT&CK and MITRE D3FEND Techniques data automatically. <br/> Try it online at <a href="https://galeax.github.io/CVE2CAPEC/">https://galeax.github.io/CVE2CAPEC/</a>. </p> </div> <!-- TABLE OF CONTENTS --> <details> <summary>Table of contents</summary> <ol> <li><a href="#introduction">Introduction</a></li> <li> <a href="#installation">Installation</a> </li> <li><a href="#usage">Usage</a> <ul> <li><a href="#update-databases">Update databases</a></li> <li><a href="#get-new-cves">Get new CVEs</a></li> <li><a href="#license">License</a></li> <li><a href="#contact">Contact</a></li> </ul> </li> </ol> </details>Explore this repo data with our MITRE ATT&CK and MITRE D3FEND generator
Data generated by this project also serve the interactive MITRE ATT&CK and MITRE D3FEND generator available at <a href="https://galeax.github.io/CVE2CAPEC/">https://galeax.github.io/CVE2CAPEC/</a>.
<img src="docs/cve2capec-lowdef.gif">
<p style="text-align:center;"><a href="docs/cve2capec.gif" style="color:#aaaaaa;">click here for HD version</a></p>Introduction
This project allows you to manage get all new CVE with their CWE, CAPEC, MITRE ATT&CK and MITRE D3FEND Techniques.
All CVE data are stored in database folder.
CVE2CAPEC does not need to be run by yourself.
In fact, github actions update the database every day at 00:05 UTC so you can get the new CVE with all their data in results/new_cves.jsonl.
However, if you want to run this project by your own :
Installation
git clone https://github.com/Galeax/CVE2CAPEC.git
cd CVE2CAPEC
pip install -r requirements.txt
Update databases
python update_capec_db.py
python update_cwe_db.py
python update_technique_db.py
python update_defend_db.py
Build the CVE - CWE - CAPEC - MITRE ATT&CK - MITRE D3FEND Techniques links
1. Get new CVEs
python retrieve_cve.py
2. Get CWEs from new CVEs
python cve2cwe.py
3. Get CAPECs from CWEs
python cwe2capec.py
4. Get MITRE ATT&CK Techniques from CAPECs
python capec2technique.py
4. Get MITRE D3FEND Techniques from MITRE ATT&CK Techniques
python technique2defend.py
License
This project is released under the GNU General Public License version 3 (the GPL).
For commercial use where you need to not be using the GPL, please contact us at contact [AT] galeax.com for additional options.
Contact
Made with ❤️ in 🇫🇷 by <a href="https://galeax.com"><img src="https://galeax.com/wp-content/uploads/2024/01/logo_galeax_blue-e1705315482396.png" width=25%>
Related Skills
feishu-drive
342.5k|
things-mac
342.5kManage Things 3 via the `things` CLI on macOS (add/update projects+todos via URL scheme; read/search/list from the local Things database)
clawhub
342.5kUse the ClawHub CLI to search, install, update, and publish agent skills from clawhub.com
postkit
PostgreSQL-native identity, configuration, metering, and job queues. SQL functions that work with any language or driver
