13 results found Sort:

cyb3rxp
awesome-soc cyb3rxp
215
1.3k
cc0-1.0
36
A collection of sources of documentation, as well as field best practices, to build/run a SOC
soa soc tip ttp cert siem sirp soar csirt detection management purpleteam architecture mitre-attack risk-management incident-response
Created 2022-08-23
803 commits to main branch, last one 15 days ago
cisagov
decider cisagov
126
1.2k
other
31
A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
ttp cybersecurity
Created 2023-02-15
207 commits to develop branch, last one 9 days ago
vectra-ai-research
MAAD-AF vectra-ai-research
55
368
gpl-3.0
16
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
ttp mitre azuread entra-id red-team security microsoft powershell microsoft365 cloud-security microsoft-graph security-testing adversary-emulation cloud-administration microsoft-azure-security identity-access-management
Created 2023-02-09
72 commits to main branch, last one 4 months ago
crocodyli
ThreatActors-TTPs crocodyli
34
252
unknown
11
Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.
ttp malware ransomware threat-acto mitre-attack ransomware-group threat-intelligence
Created 2023-07-28
308 commits to main branch, last one 11 days ago
vectra-ai-research
Halberd vectra-ai-research
24
242
gpl-3.0
7
Halberd : Multi-Cloud Attack Platform
aws gcp ttp m365 azure azuread redteam entra-id microsoft mitre-attack redteam-tools blueteam-tools cloud-security security-tools security-testing offensive-security
Created 2024-03-06
429 commits to main branch, last one 4 days ago
prodaft
malware-ioc prodaft
23
214
apache-2.0
21
This repository contains indicators of compromise (IOCs) of our various investigations.
apt ioc ttp malware ransomware threatintel cybersecurity threat-hunting malware-research malware-detection threatintelligence threat-intelligence
Created 2020-08-04
116 commits to master branch, last one about a month ago
0xsyr0
Red-Team-Playbooks 0xsyr0
60
201
gpl-3.0
4
This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.
ttp redteam playbook offensive-security penetration-testing offensive-methodology
Created 2021-12-09
217 commits to master branch, last one 7 days ago
curated-intel
Log4Shell-IOCs curated-intel
36
182
unknown
24
A collection of intelligence about Log4Shell and its exploitation activity.
cti ioc ttp java log4j m8220 mirai log4j2 swrort kinsing muhstik khonsari kirabash log4shell sitesloader threatintel cobalt-strike cybersecurity cve-2021-44228 threatintelligence
Created 2021-12-12
211 commits to main branch, last one 2 years ago
vlegoy
rcATT vlegoy
36
118
mit
6
A python app to predict Att&ck tactics and techniques from cyber threat reports
ttp attack cyber-threat-intelligence multi-label-classification
Created 2019-09-07
41 commits to master branch, last one 4 years ago
Galeax
CVE2CAPEC Galeax
14
70
mit
3
Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.
cve cwe ttp cves capec infosec mitre-cwe mitre-capec infosectools mitre-attack cybersecurity mitre-attack-db mitre-attack-navigator
Created 2024-10-18
426 commits to main branch, last one a day ago
everettsouthwick
trusted-traveler-scheduler everettsouthwick
13
57
gpl-3.0
0
Python script for periodically fetching appointment dates from the Trusted Traveler Program API for Global Entry, Nexus, SENTRI, and FAST, with notifications to the user when new appointments are disc...
cbp ttp fast entry nexus docker global python sentri program trusted traveler globalentry global-entry trusted-traveler trusted-traveler-program
Created 2023-02-20
136 commits to main branch, last one 2 months ago
knight0x07
DarkGate-Install-Script-via-DNS-TXT-Record knight0x07
6
41
mit
4
PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
dns poc ttp infosec malware darkgate threatintel cybersecurity threat-hunting malware-analysis malware-development reverse-engineering threat-intelligence
Created 2023-12-15
7 commits to main branch, last one about a year ago
tstromberg
ttp-bench tstromberg
3
39
apache-2.0
4
Adversary emulation for EDR/SIEM testing (macOS/Linux)
edr ids ioc ttp security benchmark intrusion
Created 2022-03-02
72 commits to main branch, last one about a year ago