mitre-attack

There are 58 repositories under mitre-attack topic.

• kubescape

  kubescape / kubescape

  Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

  best-practicedevopskubernetesmitre-attacknsasecurityvulnerability-detection
  Language:Go 10249

• redcanaryco / atomic-red-team

  Small and highly portable detection tests based on MITRE's ATT&CK.

  mitremitre-attack
  Language:C 9805
• RedTeam-Tools

  A-poc / RedTeam-Tools

  Tools and Techniques for Red Team / Penetration Testing

  cheatsheetcybersecurityenumerationhackinglinuxmitre-attackpayloadpenetration-testingpentestpentest-toolsred-teamred-team-toolsredteamresourcessecurity-toolstoolswindows
  6031
• caldera

  mitre / caldera

  Automated Adversary Emulation Platform

  adversary-emulationcalderacybersecurityhackingmitremitre-attackmitre-corporationred-teamsecurity-automationsecurity-testing
  Language:Python 5663

• olafhartong / sysmon-modular

  A repository of sysmon configuration modules

  dfirmitre-attackmodularsecurity-toolssysmonthreat-hunting
  Language:PowerShell 2664

• sbousseaden / EVTX-ATTACK-SAMPLES

  Windows Events Attack Samples

  datasetdetection-engineeringdfirevtxmitre-attackthreat-huntingwindows-securitywinlogbeat
  Language:HTML 2252

• mitre-attack / attack-navigator

  Web app that provides basic navigation and annotation of ATT&CK matrices

  cticyber-threat-intelligencecybersecuritymitre-attackmitre-corporation
  Language:TypeScript 2007
• Certified-Kubernetes-Security-Specialist

  walidshaari / Certified-Kubernetes-Security-Specialist

  Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.

  apparmorcertificationcksckssexam-objectivesfalcokernel-hardeningkube-benchkube-hunterkuberneteskubernetes-securitymitre-attackopen-policy-agentos-footprintpodpod-security-policypolicyseccompsecuritytrivy
  Language:AGS Script 1997

• DataDog / stratus-red-team

  :cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

  adversary-emulationawsaws-securityazure-securitycloud-native-securitycloud-securitydetection-engineeringgcp-securitykubernetes-securitymitre-attackpurple-teamsecuritythreat-detection
  Language:Go 1830
• Shuffle

  Shuffle / Shuffle

  Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

  automationcybersecurityopenapishufflesecurityworkflow-editorintegrationsmitre-attackagplv3discordsoarhacktoberfestsecurity-orchestratororchestrationsecurity-automationorchestratororchestrator-gui
  Language:Shell 1750

• center-for-threat-informed-defense / adversary_emulation_library

  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

  adversary-emulationadversary-emulation-plansctidcyber-threat-intelligencecybersecuritymitre-attackred-teamthreat-informed-defense
  Language:C 1725
• Digital-Forensics-Guide

  mikeroyal / Digital-Forensics-Guide

  Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

  digitalforensicsdigitalforensicreadinessforensicssecurityforensics-toolsdigital-forensicsthreat-intelligenceintrusion-detectionmitre-attackdetection-engineeringnetwork-securityoffensive-securitycyber-securityport-scanningsiemalertingforensic-analysisforensics-investigationsosintdfir
  Language:Python 1658
• Incident-Playbook

  austinsonger / Incident-Playbook

  GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

  cybersecurityplaybookcybersecurity-playbookincident-responseincident-managementincidentsmitre-attackmitrecontributions-welcomecontributors-welcomecatalog
  1405

• cyb3rxp / awesome-soc

  A collection of sources of documentation, as well as field best practices, to build/run a SOC

  certcsirtdetectionsocsiemsirpsoasoartiparchitectureincident-responsemanagementmitre-attackpurpleteamrisk-managementttp
  1243
• BLUESPAWN

  ION28 / BLUESPAWN

  An Active Defense and EDR software to empower Blue Teams

  active-defenseanti-virusblue-teamedrmitre-attacksecuritysecurity-toolsthreat-huntingwindows
  Language:C++ 1239

• olafhartong / ThreatHunting

  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

  dfirmitre-attacksplunkthreat-hunting
  1138
• sentinel-attack

  netevert / sentinel-attack

  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

  azureazure-sentinelblue-teamcybersecuritydetectionkqlloggingmitre-attacksecurity-toolssiemsysmonsysmon-configterraform-azurethreat-huntingworkbooks
  Language:HCL 1061

• nshalabi / ATTACK-Tools

  Utilities for MITRE™ ATT&CK

  mitre-attackmitreadversary-emulationredteamingredteam
  Language:HTML 1012
• atomic-threat-coverage

  atc-project / atomic-threat-coverage

  Actionable analytics designed to combat threats

  incidentresponsemitre-attackthreat-modelthreatdetectionthreathuntingthreatintelligence
  Language:Python 972
• Open-Source-Security-Guide

  mikeroyal / Open-Source-Security-Guide

  Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

  vulnerabilitiesvulnerability-detectionprivacy-protectionpentestersnetwork-analysisintrusion-detectioninfosecincident-managementmitre-attackdetection-engineeringkali-linuxoffensive-securityinformation-securitysiemcompliancecyber-securityscanning-toolincident-responseforensics-toolssurveillance
  Language:Go 919

• DataDog / KubeHound

  Tool for building Kubernetes attack paths

  adversary-emulationattack-graphattack-pathscloud-native-securityexploitkuberneteskubernetes-securitymitre-attackpurple-teamred-teamsecurity-auditsecurity-automationsecurity-tools
  Language:Go 785

• bfuzzy / auditd-attack

  A Linux Auditd rule set mapped to MITRE's Attack Framework

  attack-detectionauditdlinuxmitre-attackthreat-hunting
  778

• ion-storm / sysmon-config

  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

  sysmonthreatintelthreat-huntingnetsecsysinternalslogginggrayloggraylog-plugindfirthreat-intelligencethreat-sharingthreat-analysismitre-attackdigitalforensicsforensic-analysisforensicartifactsforensicssiemsigma-ruleshumio
  Language:PowerShell 775
• atc-react

  atc-project / atc-react

  A knowledge base of actionable Incident Response techniques

  incident-responseresponse-playbooksdfirthehivemitre-attackamitt
  Language:Python 614

• mitre-attack / attack-scripts

  Scripts and a (future) library to improve users' interactions with the ATT&CK content

  cticyber-threat-intelligencecybersecuritymitre-attackmitre-corporationpython
  Language:Python 582

• center-for-threat-informed-defense / attack-flow

  Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

  ctidcyber-threat-intelligencecybersecuritymitre-attackthreat-informed-defense
  Language:TypeScript 556

• mdecrevoisier / EVTX-to-MITRE-Attack

  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

  mitre-attacksiemevtxthreat-huntingredteam
  528

• mitre-attack / attack-website

  MITRE ATT&CK Website

  cticyber-threat-intelligencecybersecuritymitre-attackmitre-corporation
  Language:HTML 490

• center-for-threat-informed-defense / attack-control-framework-mappings

  🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

  ctictidcyber-threat-intelligencecybersecuritymitre-attacknist800-53risk-managementsecurity-controlsthreat-informed-defense
  Language:Python 485

• mitre-attack / mitreattack-python

  A python module for working with ATT&CK

  cticyber-threat-intelligencecybersecuritymitre-attackmitre-corporationpython
  Language:Python 470

• center-for-threat-informed-defense / tram

  TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

  ctidcyber-threat-intelligencecybersecuritymitre-attackthreat-informed-defense
  Language:Jupyter Notebook 453

• OpenCTI-Platform / connectors

  OpenCTI Connectors

  cybersecurityctithreat-intelligencemispmitre-attack
  Language:Python 382

• center-for-threat-informed-defense / security-stack-mappings

  🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

  awsazurecloudgcpmitre-attacksecurity
  Language:Python 380

• olafhartong / ATTACKdatamap

  A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

  dfirmitre-attackthreat-huntingthreat-detectionsiem
  Language:PowerShell 350

• sbousseaden / PCAP-ATTACK

  PCAP Samples for Different Post Exploitation Techniques

  threat-huntingpcap-filespcapngdetectionmitre-attack
  344

• Elemental-attack / Elemental

  Elemental - An ATT&CK Threat Library

  atomicredteamattack-defenseattack-detectionmitre-attacksigma-rulesthreat-intelligence
  Language:HTML 315