mitre

There are 114 repositories under mitre topic.

redcanaryco/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Language:C10k 351 2772.8k
mitre/caldera
Automated Adversary Emulation Platform
Language:Python5.8k 171 7861.1k
OTRF/ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
Language:Python4.1k 373 33812
austinsonger/Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
1.4k 70 143251
nshalabi/ATTACK-Tools
Utilities for MITRE™ ATT&CK
Language:HTML1k 73 9213
infosecB/awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
879 28 079
Cyb3rWard0g/Invoke-ATTACKAPI
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
Language:PowerShell366 38 483
vectra-ai-research/MAAD-AF
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
Language:PowerShell363 15 455
redcanaryco/chain-reactor
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Language:C297 36 932
op7ic/EDR-Testing-Script
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Language:Batchfile291 20 180
mitre/caldera-ot
MITRE Caldera™ for OT Plugins & Capabilities
201 27 123
Yamato-Security/hayabusa-rules
Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
Language:Python148 9 8123
mitre/saf
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines
Language:TypeScript135 22 18738
mvelazc0/attack2jira
attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
Language:Python111 8 1229
jimmy-ly00/Ransomware-PoC
A simple, fully python ransomware PoC using AES-CTR and RSA. Supports Windows, Linux and macOS
Language:Python101 3 535
blueteam0ps/AllthingsTimesketch
This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
Language:Shell99 6 719
qeeqbox/mitre-visualizer
🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)
Language:Python90 4 023
sickcodes/security
Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.
Language:Shell85 11 218
rtfmkiesel/loldrivers-client
Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
Language:Go81 4 38
mitre/engage
MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
60 17 011
Kart1keya/Hachi
This tool maps a file's behavior on MITRE ATT&CK matrix.
Language:YARA57 6 413
OWASP/cwe-tool
A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Language:JavaScript55 6 324
stevespringett/CPE-Parser
A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST
Language:Java47 7 515
svch0stz/TheThreatHuntLibrary
Library of threat hunts to get any user started!
Language:Python41 5 07
m3n0sd0n4ld/uCVE
uCVE is a tool written in GO that allows to extract CVE's related to a specific software and version, obtaining a report in HTML format with the result and/or exporting it to the pentesting report.
Language:Go35 2 26
OWASP/cwe-sdk-javascript
A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
Language:JavaScript33 5 610
gmatuz/npm-initial-access
Easy to extend initial access scenario to help with EDR testing on Linux and Mac
Language:Shell24 2 04
cyentific-rni/SAG
An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
23 0 12
atc-project/atc-mitigation
Actionable analytics designed to combat threats based on MITRE's ATT&CK.
22 6 17
Ericsson/secure_coding_one_stop_shop_for_python
Secure Coding in Python
Language:Python19 7 08
motherhack3r/mitre
MITRE package gives you an approach to cybersecurity data sets.
Language:R19 2 16
nu11pointer/cybersec
CYBERSEC - A Cybersecurity Discord Bot
Language:Python17 2 01
shadawck/mitrecve
Get all cve corresponding to a specific keyword or a list of keywords from the mitre database (https://cve.mitre.org/)
Language:Python16 3 76
marirs/capa-rs
File Capability Extractor
Language:Rust13 4 42
r-net-tools/net.security
Security R package with a set of utils to analyse the different industry standards (MITRE and NIST).
Language:R12 7 310
zshehri/MITRE_EDR_Eval
Parsing MITRE EDR Evaluation results
Language:Shell12 3 00

mitre

redcanaryco/atomic-red-team

mitre/caldera

OTRF/ThreatHunter-Playbook

austinsonger/Incident-Playbook

nshalabi/ATTACK-Tools

infosecB/awesome-detection-engineering

Cyb3rWard0g/Invoke-ATTACKAPI

vectra-ai-research/MAAD-AF

redcanaryco/chain-reactor

op7ic/EDR-Testing-Script

mitre/caldera-ot

Yamato-Security/hayabusa-rules

mitre/saf

mvelazc0/attack2jira

jimmy-ly00/Ransomware-PoC

blueteam0ps/AllthingsTimesketch

qeeqbox/mitre-visualizer

sickcodes/security

rtfmkiesel/loldrivers-client

mitre/engage

Kart1keya/Hachi

OWASP/cwe-tool

stevespringett/CPE-Parser

svch0stz/TheThreatHuntLibrary

m3n0sd0n4ld/uCVE

OWASP/cwe-sdk-javascript

gmatuz/npm-initial-access

cyentific-rni/SAG

atc-project/atc-mitigation

Ericsson/secure_coding_one_stop_shop_for_python

motherhack3r/mitre

nu11pointer/cybersec

shadawck/mitrecve

marirs/capa-rs

r-net-tools/net.security

zshehri/MITRE_EDR_Eval