IanDavila's Stars
gentilkiwi/mimikatz
A little tool to play with Windows security
redcanaryco/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
hslatman/awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
TheWover/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
rabobank-cdc/DeTTECT
Detect Tactics, Techniques & Combat Threats
elastic/detection-rules
mitre/cti
Cyber Threat Intelligence Repository expressed in STIX 2.0
center-for-threat-informed-defense/adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
tsale/EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
mvelazc0/PurpleSharp
PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
scythe-io/purple-team-exercise-framework
Purple Team Exercise Framework
MetaOSINT/MetaOSINT.github.io
A tool to quickly identify relevant, publicly-available open source intelligence ("OSINT") tools and resources, saving valuable time during investigations, research, and analysis.
Azure/Azure-Sentinel-Notebooks
Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.
center-for-threat-informed-defense/attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
mitre-attack/attack-website
MITRE ATT&CK Website
mitre-attack/attack-datasources
This content is analysis and research of the data sources currently listed in ATT&CK.
panther-labs/panther-analysis
Built-in Panther detection rules and policies
center-for-threat-informed-defense/attack-workbench-frontend
An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user interface for the ATT&CK Workbench application.
redcanaryco/AtomicTestHarnesses
Public Repo for Atomic Test Harness
pan-unit42/playbook_viewer
ControlCompass/ControlCompass.github.io
Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
center-for-threat-informed-defense/top-attack-techniques
Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques to focus on first.