search

center-for-threat-informed-defense / tram

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
https://ctid.mitre-engenuity.org/our-work/tram/
Apache License 2.0
435 stars 93 forks source link

Using the API to Upload reports #211

Open JWeasy opened 7 months ago

JWeasy commented 7 months ago

Is it possible to use the API to upload a report to TRAM? Thanks in advance for any support.

The only API documentation I see is here: https://github.com/center-for-threat-informed-defense/tram/wiki/Developers#making-api-calls

mehaase commented 6 months ago

Not really. The API support was an after thought and doesn't expose all of the functionality in TRAM. We have helped some people build an automated submission/result system but it requires using username/password credential to login, and then scraping the HTML to extract the csrfmiddlewaretoken and using the HTTP headers to obtain the sessionid and csrftoken cookies. It's... not for the faint of heart.

I'll leave this issue open to keep track of this desire to see this feature added to the API. If anybody else wants to voice support for this request, please put a thumbs up on the OP.