Trending repositories for topic mitre-attack

KQL Queries. Microsoft Defender, Microsoft Sentinel

Small and highly portable detection tests based on MITRE's ATT&CK.

Tools and Techniques for Red Team / Penetration Testing

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes ...

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

A python module for working with ATT&CK

Automated Adversary Emulation Platform

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows f...

A collection of sources of documentation, as well as field best practices, to build/run a SOC

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or maki...

Windows Events Attack Samples

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

KQL Queries. Microsoft Defender, Microsoft Sentinel

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

A python module for working with ATT&CK

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows f...

Small and highly portable detection tests based on MITRE's ATT&CK.

Tools and Techniques for Red Team / Penetration Testing

A collection of sources of documentation, as well as field best practices, to build/run a SOC

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or maki...

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes ...

Windows Events Attack Samples

Automated Adversary Emulation Platform

Small and highly portable detection tests based on MITRE's ATT&CK.

Automated Adversary Emulation Platform

Tools and Techniques for Red Team / Penetration Testing

KQL Queries. Microsoft Defender, Microsoft Sentinel

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes ...

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

A python module for working with ATT&CK

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

Windows Events Attack Samples

A repository of sysmon configuration modules

Halberd : Multi-Cloud Attack Tool

OpenCTI Connectors

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or maki...

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

A collection of sources of documentation, as well as field best practices, to build/run a SOC

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

KQL Queries. Microsoft Defender, Microsoft Sentinel

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

Sigma detection rules for hunting with the threathunting-keywords project

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

Halberd : Multi-Cloud Attack Tool

A python module for working with ATT&CK

OpenCTI Connectors

Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques

MITRE Caldera™ for OT Plugins & Capabilities

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Automated Adversary Emulation Platform

Small and highly portable detection tests based on MITRE's ATT&CK.

Tools and Techniques for Red Team / Penetration Testing

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows f...

Windows Events Attack Samples

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

A collection of sources of documentation, as well as field best practices, to build/run a SOC

Tools and Techniques for Red Team / Penetration Testing

Small and highly portable detection tests based on MITRE's ATT&CK.

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes ...

Automated Adversary Emulation Platform

A collection of sources of documentation, as well as field best practices, to build/run a SOC

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

KQL Queries. Microsoft Defender, Microsoft Sentinel

Halberd : Multi-Cloud Attack Tool

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Tool for building Kubernetes attack paths

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

Windows Events Attack Samples

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

A repository of sysmon configuration modules

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

A python module for working with ATT&CK

OpenCTI Connectors

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

ATT&CK Evaluations Library

TIE is a machine learning model for inferring associated MITRE ATT&CK techniques from previously observed techniques.

Halberd : Multi-Cloud Attack Tool

KQL Queries. Microsoft Defender, Microsoft Sentinel

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

Purpleteam scripts simulation & Detection - trigger events for SOC detections

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

A python module for working with ATT&CK

OpenCTI Connectors

MITRE Caldera™ for OT Plugins & Capabilities

A collection of sources of documentation, as well as field best practices, to build/run a SOC

Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques

Tool for building Kubernetes attack paths

Replication package for the paper "Automatic Mapping of Unstructured Cyber Threat Intelligence: An Experimental Study" published at the IEEE International Symposium on Software Reliability Engineering...

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

Tools and Techniques for Red Team / Penetration Testing

Sigma detection rules for hunting with the threathunting-keywords project

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

KQL Queries. Microsoft Defender, Microsoft Sentinel

Halberd : Multi-Cloud Attack Tool

An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

ATT&CK Evaluations Library

Tools and Techniques for Red Team / Penetration Testing

Small and highly portable detection tests based on MITRE's ATT&CK.

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes ...

Automated Adversary Emulation Platform

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

A collection of sources of documentation, as well as field best practices, to build/run a SOC

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

Tool for building Kubernetes attack paths

A repository of sysmon configuration modules

KQL Queries. Microsoft Defender, Microsoft Sentinel

Web app that provides basic navigation and annotation of ATT&CK matrices

Halberd : Multi-Cloud Attack Tool

Windows Events Attack Samples

A python module for working with ATT&CK

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or maki...

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

KQL Queries. Microsoft Defender, Microsoft Sentinel

An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications

ATT&CK Evaluations Library

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

ATLAS tactics, techniques, and case studies data

Replication package for the paper "Automatic Mapping of Unstructured Cyber Threat Intelligence: An Experimental Study" published at the IEEE International Symposium on Software Reliability Engineering...

This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework

Sigma detection rules for hunting with the threathunting-keywords project

CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.

Tool for building Kubernetes attack paths

A python module for working with ATT&CK

Purpleteam scripts simulation & Detection - trigger events for SOC detections

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

A collection of sources of documentation, as well as field best practices, to build/run a SOC

MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.

Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise

OpenCTI Connectors

Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.