mitre

There are 19 repositories under mitre topic.

• redcanaryco / atomic-red-team

  Small and highly portable detection tests based on MITRE's ATT&CK.

  mitremitre-attack
  Language:C 9021
• caldera

  mitre / caldera

  Automated Adversary Emulation Platform

  adversary-emulationcalderasecurity-automationred-teammitremitre-attacksecurity-testingmitre-corporationcybersecurityhacking
  Language:Python 5165

• OTRF / ThreatHunter-Playbook

  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

  threat-huntingsysmonhunting-campaignshypothesishuntingdfirhuntermitre-attack-dbmitre
  Language:Python 3860
• Incident-Playbook

  austinsonger / Incident-Playbook

  GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

  cybersecurityplaybookcybersecurity-playbookincident-responseincident-managementincidentsmitre-attackmitrecontributions-welcomecontributors-welcomecatalog
  1351

• nshalabi / ATTACK-Tools

  Utilities for MITRE™ ATT&CK

  mitre-attackmitreadversary-emulationredteamingredteam
  Language:HTML 995

• infosecB / awesome-detection-engineering

  Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.

  detection-engineeringsplunkmitreawesome-listawesomecybersecuritythreat-detection
  548

• Cyb3rWard0g / Invoke-ATTACKAPI

  A PowerShell script to interact with the MITRE ATT&CK Framework via its own API

  powershellmitre-attack-dbmitre
  Language:PowerShell 361

• vectra-ai-research / MAAD-AF

  MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).

  adversary-emulationmicrosoftmicrosoft-azure-securitypowershellsecuritycloud-securitymitrered-teamsecurity-testingazureadcloud-administrationmicrosoft365identity-access-managementmicrosoft-graphttpentra-id
  Language:PowerShell 329

• redcanaryco / chain-reactor

  Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

  linuxmitremitre-attackadversary-simulationelfsecuritysecurity-testing
  Language:C 282

• op7ic / EDR-Testing-Script

  Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

  edrmitreattsecurity-auditsecurityedr-solutionsincident-response
  Language:Batchfile 278

• mitre / caldera-ot

  MITRE Caldera™ for OT Plugins & Capabilities

  adversary-emulationbacnetcalderacybersecuritydnp3mitremitre-attackmitre-corporationmodbusoperational-technologyotprofinet
  174

• mitre / saf

  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines

  mitre-corporationmitre-safcompliancesecuritysecurity-automationdevsecopsjsonsecurity-automation-frameworkmitre
  Language:TypeScript 125

• mvelazc0 / attack2jira

  attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

  mitre-attackdetection-engineeringmitreattack-coverage
  Language:Python 110

• Yamato-Security / hayabusa-rules

  Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

  windowsdfireventloganalysissigmahayabusamitreattack
  Language:Python 108

• blueteam0ps / AllthingsTimesketch

  This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.

  mitremitre-attacktimesketchplasoforensicstriagerapidnode-red
  Language:Shell 82

• jimmy-ly00 / Ransomware-PoC

  A simple, fully python ransomware PoC using AES-CTR and RSA. Supports Windows, Linux and macOS

  ransomwaremitremitre-attackt1486ta0040data-encrypted-for-impactpythonpython3wastedlockerpython-ransomware-pocransomware-poc
  Language:Python 82
• mitre-visualizer

  qeeqbox / mitre-visualizer

  🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)

  mitrenetwork-graphadvanced-persistent-threatmalwaretoolattacktechniquetactic
  Language:Python 80

• rtfmkiesel / loldrivers-client

  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io

  driversgolangvulnerabilitieswindowsmitre
  Language:Go 75

• sickcodes / security

  Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.

  securityvulnerabilitiesadvisoriescvemitrecwebugs
  Language:Shell 73

• Kart1keya / Hachi

  This tool maps a file's behavior on MITRE ATT&CK matrix.

  defcon27defconmitremitre-attackmalware-analysismalware-researchmalware-detection
  Language:YARA 55

• mitre / engage

  MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.

  cybersecuritymitre-corporationmitredeceptioncyber-deceptioncyberdefenseactive-defensemitre-attack
  51

• OWASP / cwe-tool

  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

  cwecwe-discoveryjsoncliowaspcvevulnerabilitiesmitre
  Language:JavaScript 49

• stevespringett / CPE-Parser

  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST

  nistmitrecpenvdjavalibrary
  Language:Java 44

• m3n0sd0n4ld / uCVE

  uCVE is a tool written in GO that allows to extract CVE's related to a specific software and version, obtaining a report in HTML format with the result and/or exporting it to the pentesting report.

  cvegogolanghacking-toolmitrenistreportreportingvulnerabilities
  Language:Go 32

• svch0stz / TheThreatHuntLibrary

  Library of threat hunts to get any user started!

  huntingmitrehypothesisthreat-huntingthreathuntingcybersecurity
  Language:Python 32

• OWASP / cwe-sdk-javascript

  A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

  cwecveowaspmitrevulnerabilities
  Language:JavaScript 30

• cyentific-rni / SAG

  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base

  mitre-attackmitrestix2
  23

• gmatuz / npm-initial-access

  Easy to extend initial access scenario to help with EDR testing on Linux and Mac

  redteamingpentestingedrcybersecuritytoolingtestingedr-testingred-teamred-teamingmitre-attackmitre
  Language:Shell 23

• atc-project / atc-mitigation

  Actionable analytics designed to combat threats based on MITRE's ATT&CK.

  mitre-attackmitreblueteamblueteamingsoccybersecurity
  21

• motherhack3r / mitre

  MITRE package gives you an approach to cybersecurity data sets.

  mitremitre-shielddata-driven-security
  Language:R 19

• shadawck / mitrecve

  Get all cve corresponding to a specific keyword or a list of keywords from the mitre database (https://cve.mitre.org/)

  mitremitre-attacksecurityapiclicvedependenciesmitre-apicve-scanningcve-searchsecurity-toolssecurity-scanner
  Language:Python 15

• nu11pointer / cybersec

  CYBERSEC - A Cybersecurity Discord Bot

  botctfctftimecvecyberseccybersecuritydiscordhackinginfosecmalwarememesoffsecresourcesvirustotalwriteupsnvdmitrenistpython3discord-bot
  Language:Python 13

• zshehri / MITRE_EDR_Eval

  Parsing MITRE EDR Evaluation results

  mitreattackedr
  Language:Shell 12

• marirs / capa-rs

  File Capability Extractor

  capabilitiesfile-capabilitiescaparustrust-langrust-librarymitrembcmalware-analysisreverse-engineeringaslrcontrol-flow-graphseh
  Language:Rust 11

• mitre-cyber-academy / ctf-scoreboard-archive

  Repository for the Deprecated MITRE Capture the Flag scoreboard.

  ctf-scoreboardscoreboardrubyrailsmitrectf-platformctf-framework
  Language:Ruby 11

• r-net-tools / net.security

  Security R package with a set of utils to analyse the different industry standards (MITRE and NIST).

  rsecuritycvecwecpecapecovalsardnistmitreattck
  Language:R 11