mitre-attack
There are 244 repositories under mitre-attack topic.
kubescape/kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
redcanaryco/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
mitre/caldera
Automated Adversary Emulation Platform
olafhartong/sysmon-modular
A repository of sysmon configuration modules
sbousseaden/EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
mitre-attack/attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
walidshaari/Certified-Kubernetes-Security-Specialist
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
DataDog/stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Shuffle/Shuffle
Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
center-for-threat-informed-defense/adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
mikeroyal/Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
austinsonger/Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
cyb3rxp/awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
ION28/BLUESPAWN
An Active Defense and EDR software to empower Blue Teams
olafhartong/ThreatHunting
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
netevert/sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
nshalabi/ATTACK-Tools
Utilities for MITRE™ ATT&CK
atc-project/atomic-threat-coverage
Actionable analytics designed to combat threats
mikeroyal/Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
DataDog/KubeHound
Tool for building Kubernetes attack paths
ion-storm/sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
bfuzzy/auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
atc-project/atc-react
A knowledge base of actionable Incident Response techniques
mitre-attack/attack-scripts
Scripts and a (future) library to improve users' interactions with the ATT&CK content
center-for-threat-informed-defense/attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
mdecrevoisier/EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
mitre-attack/attack-website
MITRE ATT&CK Website
mitre-attack/mitreattack-python
A python module for working with ATT&CK
center-for-threat-informed-defense/attack-control-framework-mappings
🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
center-for-threat-informed-defense/tram
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
OpenCTI-Platform/connectors
OpenCTI Connectors
center-for-threat-informed-defense/security-stack-mappings
🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
olafhartong/ATTACKdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
sbousseaden/PCAP-ATTACK
PCAP Samples for Different Post Exploitation Techniques
mdecrevoisier/SIGMA-detection-rules
Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques