get-capec 1.9.3

Tools for CVE managing, exploring and collect some data about their weaknesses and classifications
docs.rs failed to build get-capec-1.9.3
Please check the build logs for more information.
See Builds for ideas on how to fix a failed build, or Metadata for how to configure docs.rs builds.
If you believe this is docs.rs' fault, open an issue.

Tyr - get-capec

Installation

cargo install get-capec

Purpose

This command line utility explore the list of CAPEC according to the cwe id.

Initialisation

You must initialize the CAPEC database first. This database will be installed into you <home_directory>/.tyr directory. If this directory doesn't exist it will be created automatically.

From a console run the following command first to test your internet connection:

$ get-capec check

Check mitre domain: Capec
        Test: https://capec.mitre.org/data/csv/282.csv.zip... valid
        Test: https://capec.mitre.org/data/csv/283.csv.zip... valid
        Test: https://capec.mitre.org/data/csv/284.csv.zip... valid
        Test: https://capec.mitre.org/data/csv/483.csv.zip... valid
        Test: https://capec.mitre.org/data/csv/553.csv.zip... valid
        Test: https://capec.mitre.org/data/csv/683.csv.zip... valid
        Test: https://capec.mitre.org/data/csv/703.csv.zip... valid
        Test: https://capec.mitre.org/data/csv/1000.csv.zip... valid
        Test: https://capec.mitre.org/data/csv/2000.csv.zip... valid

This command test the availability of each CSV file that will be used for your internal database.

Afterward, run the following command:

$ get-capec refresh

Successfully created MITRE 'capec' table
Source file downloaded successfully: 282.csv
        CAPEC table: 77/77 - 100.00%
CAPEC data injected into SQLite database successfully.
Operation completed successfully: 282.csv.zip

Source file downloaded successfully: 283.csv
        CAPEC table: 197/197 - 100.00%
CAPEC data injected into SQLite database successfully.
Operation completed successfully: 283.csv.zip

Source file downloaded successfully: 284.csv
        CAPEC table: 341/341 - 100.00%
CAPEC data injected into SQLite database successfully.
Operation completed successfully: 284.csv.zip

Source file downloaded successfully: 483.csv
        CAPEC table: 56/56 - 100.00%
CAPEC data injected into SQLite database successfully.
Operation completed successfully: 483.csv.zip

Source file downloaded successfully: 553.csv
        CAPEC table: 23/23 - 100.00%
CAPEC data injected into SQLite database successfully.
Operation completed successfully: 553.csv.zip

Source file downloaded successfully: 683.csv
        CAPEC table: 51/51 - 100.00%
CAPEC data injected into SQLite database successfully.
Operation completed successfully: 683.csv.zip

Source file downloaded successfully: 703.csv
        CAPEC table: 46/46 - 100.00%
CAPEC data injected into SQLite database successfully.
Operation completed successfully: 703.csv.zip

Source file downloaded successfully: 1000.csv
        CAPEC table: 559/559 - 100.00%
CAPEC data injected into SQLite database successfully.
Operation completed successfully: 1000.csv.zip

Source file downloaded successfully: 2000.csv
        CAPEC table: 615/615 - 100.00%
CAPEC data injected into SQLite database successfully.
Operation completed successfully: 2000.csv.zip

Each archive file is downloaded and injected into your local sqlite database.

You're ready to go !

Additional checking

You can check your local database with the following command:

$ get-capec check --db

Database successfully found!

If you have no database, you'll get this status:

$ get-capec check --db

Database does not exist!

Explore

To explore a CAPEC :

get-capec id CAPEC-2
[ CAPEC-22 ]
 ︎-> Name: Exploiting Trust in Client (Abstraction: Meta. Status: Draft.)

    [ Consequences ]
     [ Scope ]
      - Confidentiality
      - Integrity
      - Availability
      [ Technical impact ]
...
 [ Weaknesses ]
   - CWE-20 - Improper Input Validation
   - CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
   - CWE-287 - Improper Authentication
   - CWE-290 - Authentication Bypass by Spoofing
   - CWE-693 - Protection Mechanism Failure

Search by criteria

To search some CAPEC according to criteria :

$ get-capec search 'description = HTTP or Java'

 [ CAPEC-31 ]
 ︎-> Name: Accessing/Intercepting/Modifying HTTP Cookies (Abstraction: Detailed. Status: Draft.)

    [ Description ]
      - This attack relies on the use of HTTP Cookies to store credentials, state information and other critical data on client systems. There are several different forms of this attack. The first form of this attack involves accessing HTTP Cookies to mine for potentially sensitive data contained therein. The second form involves intercepting this data as it is transmitted from client to server. This intercepted information is then used by the adversary to impersonate the remote user/session. The third form is when the cookie's content is modified by the adversary before it is sent back to the server. Here the adversary seeks to convince the target server to operate on this falsified information.
...
 [ CAPEC-614 ]
 ︎-> Name: Rooting SIM Cards (Abstraction: Detailed. Status: Draft.)

    [ Description ]
      - SIM cards are the de facto trust anchor of mobile devices worldwide. The cards protect the mobile identity of subscribers, associate devices with phone numbers, and increasingly store payment credentials, for example in NFC-enabled phones with ...

Capec's schema

CAPEC's schema allows to view the list of associated CWE and CVE for a CAPEC's id.

Shows the capec's schema:

$ get-capec capec-1 --schema
Search cve for cwe: CWE-1327
CAPEC-1
├─ CWE-276 - Incorrect Default Permissions
│  ├─ CVE-1999-0426
│  ├─ CVE-2001-0497
│  ├─ CVE-2002-1713
│  ├─ CVE-2002-1844
│  ├─ CVE-2004-1778
...
│  ├─ CVE-2025-26621
│  ├─ CVE-2025-3982
│  └─ CVE-2025-5150
└─ CWE-1327 - Binding to an Unrestricted IP Address

Mitre Att&ck identifications

To get the list of Mitre Att&ck identifications for a CAPEC uses the --taxonomy --mitre options:

get-capec capec-13 --taxonomy --mitre

[ CAPEC-13 ]
 ︎-> Name: Subverting Environment Variable Values (Abstraction: Detailed. Status: Stable.)
 [ Mitre Att&ck ]
  > 1562.003
  > 1574.006
  > 1574.007

These ids can be exploited with the get-mitre command.

Other

To explore all options run get-capec help

Authors and acknowledgment

Help will be appreciated. All tools will be developed with rust technology.

License

This project is under MIT license.

Project status

This project is under development and all contributions are welcome.

These tools are provided without any guaranties.