MITREAttackRagger is a simple Retrieval Augmented Generation (RAG) tool that provides detailed MITRE ATT&CK threat group intelligence with credible references using GPT-4o Mini and OpenSearch.
A simple RAG demonstration ATT&CK CTI(Cyber Threat Intelligence) information
This tool is designed for cybersecurity analysts and threat intelligence professionals who need quick, accurate answers about threat actor techniques based on MITRE ATT&CK framework data. It facilitates threat hunting and security automation by enabling Q&A style retrieval of cyber threat intelligence with verifiable sources.
The tool relies on OpenSearch or Amazon OpenSearch Service as a backend vector database and uses the GPT-4o Mini model for generation; users should ensure these services are properly configured. It is primarily a demonstration and may require customization for production use.
User question: Which techniques are used by the North Korean threat actor?
Example query demonstrating how to retrieve all techniques used by a specific threat actor (Lazarus Group) with detailed descriptions and references.