Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for mitre attack
mitre-attack
x
105 search results found
Kubescape
āĀ
9,681
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
Atomic Red Team
āĀ
8,648
Small and highly portable detection tests based on MITRE's ATT&CK.
Caldera
āĀ
4,930
Automated Adversary Emulation Platform
Redteam Tools
āĀ
4,019
Tools and Techniques for Red Team / Penetration Testing
Sysmon Modular
āĀ
2,364
A repository of sysmon configuration modules
Evtx Attack Samples
āĀ
2,124
Windows Events Attack Samples
Certified Kubernetes Security Specialist
āĀ
1,911
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
Attack Navigator
āĀ
1,791
Web app that provides basic navigation and annotation of ATT&CK matrices
Stratus Red Team
āĀ
1,539
āļø ā” Granular, Actionable Adversary Emulation for the Cloud
Adversary_emulation_library
āĀ
1,419
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Shuffle
āĀ
1,241
Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
Digital Forensics Guide
āĀ
1,232
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Threathunting
āĀ
1,088
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Sentinel Attack
āĀ
1,038
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Attack Tools
āĀ
977
Utilities for MITREā¢ ATT&CK
Bluespawn
āĀ
912
An Active Defense and EDR software to empower Blue Teams
Incident Playbook
āĀ
907
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
Awesome Soc
āĀ
906
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Open Source Security Guide
āĀ
795
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
Atomic Threat Coverage
āĀ
740
Actionable analytics designed to combat threats
Attack Scripts
āĀ
556
Scripts and a (future) library to improve users' interactions with the ATT&CK content
Kubehound
āĀ
552
Kubernetes Attack Graph
Auditd Attack
āĀ
533
A Linux Auditd rule set mapped to MITRE's Attack Framework
Sysmon Config
āĀ
529
Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
Attack Flow
āĀ
470
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
Attack Website
āĀ
440
MITRE ATT&CK Website
Attack Control Framework Mappings
āĀ
427
Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
Atc React
āĀ
392
A knowledge base of actionable Incident Response techniques
Evtx To Mitre Attack
āĀ
370
Set of EVTX samples (>270) mapped to MITRE Att@k tactic and techniques to measure your SIEM coverage or developed new use cases.
Vulnrepo
āĀ
364
VULNRĪPO - Free vulnerability report generator and repository end-to-end encrypted. Complete templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, issues import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, methodologies and much more!
Mitreattack Python
āĀ
322
A python module for working with ATT&CK
Tram
āĀ
306
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CKĀ®.
Connectors
āĀ
300
OpenCTI Connectors
Attackdatamap
āĀ
279
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Elemental
āĀ
255
Elemental - An ATT&CK Threat Library
Malwless
āĀ
244
Test Blue Team detections without running any attack.
Security Stack Mappings
āĀ
241
This project empowers defenders with independent data on which native security controls of leading technology platforms areĀ mostĀ useful inĀ defending against the adversary TTPs they care about.
Chain Reactor
āĀ
229
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Sigma Detection Rules
āĀ
229
Set of SIGMA rules (>320) mapped to MITRE Att@k tactic and techniques
Attack_to_cve
āĀ
181
A methodology for mapping MITRE ATT&CK techniques to vulnerability records to describe the impact of a vulnerability.
Invoke Apex
āĀ
175
A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Litmus_test
āĀ
168
Detecting ATT&CK techniques & tactics for Linux
Atomic Red Team Intelligence C2
āĀ
163
ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Caldera Ot
āĀ
161
MITRE Calderaā¢ for OT Plugins & Capabilities
Misp Maltego
āĀ
145
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
Edr Test
āĀ
124
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
Cti Blueprints
āĀ
116
CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.
Purpleteam
āĀ
106
Purpleteam scripts simulation & Detection - trigger events for SOC detections
Ransomwares Ttp
āĀ
105
RepositĆ³rio criado para compartilhar TTPS, Ferramentas, IOCs e detalhes de operaƧƵes de Ransomwares com base em informaƧƵes coletadas em fontes abertas e fechadas, visando disponibilizar para a comunidade em geral.
Top Attack Techniques
āĀ
99
Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques.
Ezemu
āĀ
93
See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
Attack2jira
āĀ
92
attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
Insider Threat Ttp Kb
āĀ
82
The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
Controlcompass.github.io
āĀ
76
Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
Auditd Attack
āĀ
72
A Linux Auditd rule set mapped to MITRE's Attack Framework
Adversaryemulation
āĀ
70
MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository
Allthingstimesketch
āĀ
69
This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
Os Cfdb
āĀ
66
Open Source - Common Findings DataBase (JSON & MD)
Attack_to_veris
āĀ
59
The principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.
Attack Powered Suit
āĀ
58
ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CKĀ® knowledge base at your fingertips with text search, context menus, and ATT&CK Navigator integration.
S2an
āĀ
51
S2AN - Mapper of Sigma Rules ā”ļø MITRE ATT&CK
Attacker Group Predictor
āĀ
48
Tool to predict attacker groups from the techniques and software used
Sysflow
āĀ
44
SysFlow documentation and issues tracker
Engage
āĀ
34
MITRE Engageā¢ is a framework for conducting Denial, Deception, and Adversary Engagements.
Aws Attack
āĀ
32
AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, Pacu.
Threathunting Keywords Sigma Rules
āĀ
32
Sigma detection rules for hunting with the threathunting-keywords project
Adversarial Threat Modelling
āĀ
31
Supporting material for my presentation "Adversarial Threat Modelling ā A Practical Approach to Purple Teaming in the Enterprise"
Cycat Service
āĀ
26
CyCAT.org API back-end server including crawlers
Atlas Data
āĀ
26
ATLAS tactics, techniques, and case studies data
Threat Hunting With Splunk
āĀ
23
Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
Attack Threat_intel
āĀ
23
Graph Representation of MITRE ATT&CK's CTI data
Hachi
āĀ
22
This tool maps a file's behavior on MITRE ATT&CK matrix.
Sightings_ecosystem
āĀ
22
This project aims to fundamentally advance our collective ability to see threat activity across organizational, platform, vendor and geographical boundaries.
Sag
āĀ
22
An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
Nsm Attack
āĀ
21
Mapping NSM rules to MITRE ATT&CK
Zenith
āĀ
21
ZĆ©nith is a multi-lingual cybersecurity AI NLP security verification chatbot in development that references the MITRE ATT&CK Framework, OSCP solution guides, and current cyber ops TTP to assist companies with the ongoing issue of ransomware attacks on their systems. Zenith is designed to source information from open-source intelligence platforms to relay situationally relevant intelligence and achieve cyber objectives through automated processes.
Website
āĀ
20
ATT&CK Evaluations Website
Akamaru
āĀ
20
Sniffing out well-known threat groups
Cti Stix Diamond Activity Attack Graph
āĀ
17
STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling
Edrevals
āĀ
16
Compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard Spider + Sandworm)
Cloud Analytics
āĀ
16
Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as well as a blueprint for how others can create and use cloud analytics effectively.
Mitrecnd.github.io
āĀ
13
MITRE Shield website
Attckr
āĀ
13
āļøMITRE ATT&CK Machinations in R
Atomic Harness
āĀ
13
A tool to run and validate telemetry for Atomic Red Team tests
Summiting The Pyramid
āĀ
12
Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research includes a scoring model, methodology, and worked examples.
Bev4
āĀ
12
BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detections via yaml files
Whathitme
āĀ
11
WhatHitMe is a Python3 tool which provides the possible Groups and their attributed Campaigns that may have attacked you in an incident, based on specific Techniques and Software you have identified (MITRE ATT&CK). It supports both enterprise, mobile and ICS matrixes. It also provides searches to known sources for these Groups for insight!
Mitrecve
āĀ
10
Get all cve corresponding to a specific keyword or a list of keywords from the mitre database (https://cve.mitre.org/)
Easyhunting
āĀ
10
Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way
Attack Sync
āĀ
9
ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CKĀ® version updates into their internal systems and processes.
Mitre2datatables
āĀ
9
Bring Your Own Mitre Att&ck Ā© Matrix !
Attack Seaman
āĀ
7
Visual Editor for MITREā¢ ATT&CK Knowledge Base - MITREā¢ ATT&CK ē„čÆåŗåÆč§åē¼č¾å·„å ·
Automated Reconator
āĀ
7
Enterpriseattack
āĀ
7
A lightweight Python module to interact with the Mitre Att&ck Enterprise dataset.
Detectionnavigator
āĀ
6
Incident Reports
āĀ
6
ćµć¤ćć¼ę»ęč¢«å®³ć«äæćę å ±ć®å ¬éę å ±ć¾ćØć
Mitreevalsdb
āĀ
6
MITRE Evaluations Database
Redpill
āĀ
6
Mitre Framework Based Quantitative Risk Simulation
Chinese State Sponsored Cyber Operations Observed Ttps
āĀ
6
Supporting files for the Chinese State-Sponsored Cyber Operations: Observed TTPs Cybersecurity Advisory. #nsacyber
Deepsecurity 2 Attck
āĀ
6
Pull your DS rules and build a ATT&CK matrix
1-100 of 105 search results
Next >
Privacy
Ā |Ā
About
Ā |Ā
Terms
Ā |Ā
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source.Ā All rights reserved.