mitre

There are 112 repositories under mitre topic.

redcanaryco/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Language:C9.3k 347 2542.7k
mitre/caldera
Automated Adversary Emulation Platform
Language:Python5.3k 166 7181k
OTRF/ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
Language:Python3.9k 369 32797
austinsonger/Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
1.4k 74 142231
nshalabi/ATTACK-Tools
Utilities for MITRE™ ATT&CK
Language:HTML1k 73 9214
infosecB/awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
712 21 066
Cyb3rWard0g/Invoke-ATTACKAPI
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
Language:PowerShell364 38 483
vectra-ai-research/MAAD-AF
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
Language:PowerShell336 13 452
redcanaryco/chain-reactor
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Language:C286 32 936
op7ic/EDR-Testing-Script
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Language:Batchfile279 19 178
mitre/caldera-ot
MITRE Caldera™ for OT Plugins & Capabilities
175 27 023
mitre/saf
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines
Language:TypeScript129 20 17837
Yamato-Security/hayabusa-rules
Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
115 9 7319
mvelazc0/attack2jira
attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
Language:Python113 8 1229
jimmy-ly00/Ransomware-PoC
A simple, fully python ransomware PoC using AES-CTR and RSA. Supports Windows, Linux and macOS
Language:Python86 3 531
qeeqbox/mitre-visualizer
🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)
Language:Python85 4 023
blueteam0ps/AllthingsTimesketch
This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
Language:Shell84 6 718
sickcodes/security
Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.
Language:Shell77 10 213
rtfmkiesel/loldrivers-client
Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
Language:Go75 4 38
Kart1keya/Hachi
This tool maps a file's behavior on MITRE ATT&CK matrix.
Language:YARA56 6 413
mitre/engage
MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
54 17 011
OWASP/cwe-tool
A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Language:JavaScript52 5 324
stevespringett/CPE-Parser
A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST
Language:Java45 7 415
svch0stz/TheThreatHuntLibrary
Library of threat hunts to get any user started!
Language:Python40 5 04
m3n0sd0n4ld/uCVE
uCVE is a tool written in GO that allows to extract CVE's related to a specific software and version, obtaining a report in HTML format with the result and/or exporting it to the pentesting report.
Language:Go34 2 26
OWASP/cwe-sdk-javascript
A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
Language:JavaScript32 5 610
cyentific-rni/SAG
An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
23 0 12
gmatuz/npm-initial-access
Easy to extend initial access scenario to help with EDR testing on Linux and Mac
Language:Shell23 2 04
atc-project/atc-mitigation
Actionable analytics designed to combat threats based on MITRE's ATT&CK.
21 6 17
motherhack3r/mitre
MITRE package gives you an approach to cybersecurity data sets.
Language:R19 2 16
shadawck/mitrecve
Get all cve corresponding to a specific keyword or a list of keywords from the mitre database (https://cve.mitre.org/)
Language:Python15 3 76
nu11pointer/cybersec
CYBERSEC - A Cybersecurity Discord Bot
Language:Python13 2 01
Ericsson/secure_coding_one_stop_shop_for_python
Secure Coding in Python
Language:Python12 7 06
zshehri/MITRE_EDR_Eval
Parsing MITRE EDR Evaluation results
Language:Shell12 3 00
marirs/capa-rs
File Capability Extractor
Language:Rust11 4 42
r-net-tools/net.security
Security R package with a set of utils to analyse the different industry standards (MITRE and NIST).
Language:R11 7 310

mitre

redcanaryco/atomic-red-team

mitre/caldera

OTRF/ThreatHunter-Playbook

austinsonger/Incident-Playbook

nshalabi/ATTACK-Tools

infosecB/awesome-detection-engineering

Cyb3rWard0g/Invoke-ATTACKAPI

vectra-ai-research/MAAD-AF

redcanaryco/chain-reactor

op7ic/EDR-Testing-Script

mitre/caldera-ot

mitre/saf

Yamato-Security/hayabusa-rules

mvelazc0/attack2jira

jimmy-ly00/Ransomware-PoC

qeeqbox/mitre-visualizer

blueteam0ps/AllthingsTimesketch

sickcodes/security

rtfmkiesel/loldrivers-client

Kart1keya/Hachi

mitre/engage

OWASP/cwe-tool

stevespringett/CPE-Parser

svch0stz/TheThreatHuntLibrary

m3n0sd0n4ld/uCVE

OWASP/cwe-sdk-javascript

cyentific-rni/SAG

gmatuz/npm-initial-access

atc-project/atc-mitigation

motherhack3r/mitre

shadawck/mitrecve

nu11pointer/cybersec

Ericsson/secure_coding_one_stop_shop_for_python

zshehri/MITRE_EDR_Eval

marirs/capa-rs

r-net-tools/net.security