mitre-attack

There are 57 repositories under mitre-attack topic.

• kubescape

  kubescape / kubescape

  Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

  best-practicedevopskubernetesmitre-attacknsasecurityvulnerability-detection
  Language:Go 10157

• redcanaryco / atomic-red-team

  Small and highly portable detection tests based on MITRE's ATT&CK.

  mitremitre-attack
  Language:C 9620
• RedTeam-Tools

  A-poc / RedTeam-Tools

  Tools and Techniques for Red Team / Penetration Testing

  cheatsheetcybersecurityenumerationhackinglinuxmitre-attackpayloadpenetration-testingpentestpentest-toolsred-teamred-team-toolsredteamresourcessecurity-toolstoolswindows
  5863
• caldera

  mitre / caldera

  Automated Adversary Emulation Platform

  adversary-emulationcalderasecurity-automationred-teammitremitre-attacksecurity-testingmitre-corporationcybersecurityhacking
  Language:Python 5537

• olafhartong / sysmon-modular

  A repository of sysmon configuration modules

  dfirmitre-attackmodularsecurity-toolssysmonthreat-hunting
  Language:PowerShell 2634

• sbousseaden / EVTX-ATTACK-SAMPLES

  Windows Events Attack Samples

  threat-huntingevtxwindows-securitymitre-attackdetection-engineeringdatasetwinlogbeatdfir
  Language:HTML 2211

• mitre-attack / attack-navigator

  Web app that provides basic navigation and annotation of ATT&CK matrices

  cticyber-threat-intelligencemitre-attackmitre-corporationcybersecurity
  Language:TypeScript 1983
• Certified-Kubernetes-Security-Specialist

  walidshaari / Certified-Kubernetes-Security-Specialist

  Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.

  apparmorcertificationcksckssexam-objectivesfalcokernel-hardeningkube-benchkube-hunterkuberneteskubernetes-securitymitre-attackopen-policy-agentos-footprintpodpod-security-policypolicyseccompsecuritytrivy
  Language:AGS Script 1981

• DataDog / stratus-red-team

  :cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

  awsadversary-emulationpurple-teammitre-attackcloud-securitycloud-native-securitydetection-engineeringthreat-detectionsecurityaws-securityazure-securitykubernetes-securitygcp-security
  Language:Go 1781
• Shuffle

  Shuffle / Shuffle

  Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

  automationcybersecurityopenapishufflesecurityworkflow-editorintegrationsmitre-attackagplv3discordsoarhacktoberfestsecurity-orchestratororchestrationsecurity-automationorchestratororchestrator-gui
  Language:Shell 1699

• center-for-threat-informed-defense / adversary_emulation_library

  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

  adversary-emulationadversary-emulation-plansctidcyber-threat-intelligencecybersecuritymitre-attackred-teamthreat-informed-defense
  Language:C 1678
• Digital-Forensics-Guide

  mikeroyal / Digital-Forensics-Guide

  Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

  digitalforensicsdigitalforensicreadinessforensicssecurityforensics-toolsdigital-forensicsthreat-intelligenceintrusion-detectionmitre-attackdetection-engineeringnetwork-securityoffensive-securitycyber-securityport-scanningsiemalertingforensic-analysisforensics-investigationsosintdfir
  Language:Python 1613
• Incident-Playbook

  austinsonger / Incident-Playbook

  GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

  cybersecurityplaybookcybersecurity-playbookincident-responseincident-managementincidentsmitre-attackmitrecontributions-welcomecontributors-welcomecatalog
  1398
• BLUESPAWN

  ION28 / BLUESPAWN

  An Active Defense and EDR software to empower Blue Teams

  active-defensewindowssecuritysecurity-toolsblue-teammitre-attackanti-virusedrthreat-hunting
  Language:C++ 1232

• cyb3rxp / awesome-soc

  A collection of sources of documentation, as well as field best practices, to build/run a SOC

  certcsirtdetectionsocsiemsirpsoasoartiparchitectureincident-responsemanagementmitre-attackpurpleteamrisk-managementttp
  1182

• olafhartong / ThreatHunting

  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

  dfirmitre-attacksplunkthreat-hunting
  1129
• sentinel-attack

  netevert / sentinel-attack

  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

  azureazure-sentinelblue-teamcybersecuritydetectionkqlloggingmitre-attacksecurity-toolssiemsysmonsysmon-configterraform-azurethreat-huntingworkbooks
  Language:HCL 1053

• nshalabi / ATTACK-Tools

  Utilities for MITRE™ ATT&CK

  mitre-attackmitreadversary-emulationredteamingredteam
  Language:HTML 1009
• atomic-threat-coverage

  atc-project / atomic-threat-coverage

  Actionable analytics designed to combat threats

  mitre-attackthreat-modelthreathuntingincidentresponsethreatintelligencethreatdetection
  Language:Python 966
• Open-Source-Security-Guide

  mikeroyal / Open-Source-Security-Guide

  Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

  vulnerabilitiesvulnerability-detectionprivacy-protectionpentestersnetwork-analysisintrusion-detectioninfosecincident-managementmitre-attackdetection-engineeringkali-linuxoffensive-securityinformation-securitysiemcompliancecyber-securityscanning-toolincident-responseforensics-toolssurveillance
  Language:Go 899

• bfuzzy / auditd-attack

  A Linux Auditd rule set mapped to MITRE's Attack Framework

  attack-detectionauditdlinuxmitre-attackthreat-hunting
  779

• ion-storm / sysmon-config

  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

  sysmonthreatintelthreat-huntingnetsecsysinternalslogginggrayloggraylog-plugindfirthreat-intelligencethreat-sharingthreat-analysismitre-attackdigitalforensicsforensic-analysisforensicartifactsforensicssiemsigma-ruleshumio
  Language:PowerShell 767

• DataDog / KubeHound

  Tool for building Kubernetes attack paths

  adversary-emulationattack-graphattack-pathscloud-native-securityexploitkuberneteskubernetes-securitymitre-attackpurple-teamred-teamsecurity-auditsecurity-automationsecurity-tools
  Language:Go 750
• atc-react

  atc-project / atc-react

  A knowledge base of actionable Incident Response techniques

  incident-responseresponse-playbooksdfirthehivemitre-attackamitt
  Language:Python 605

• mitre-attack / attack-scripts

  Scripts and a (future) library to improve users' interactions with the ATT&CK content

  cybersecuritycyber-threat-intelligencemitre-corporationctimitre-attackpython
  Language:Python 582

• center-for-threat-informed-defense / attack-flow

  Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

  cybersecurityctidmitre-attackcyber-threat-intelligencethreat-informed-defense
  Language:TypeScript 545

• mdecrevoisier / EVTX-to-MITRE-Attack

  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

  mitre-attacksiemevtxthreat-huntingredteam
  502

• mitre-attack / attack-website

  MITRE ATT&CK Website

  cybersecuritymitre-corporationcyber-threat-intelligencemitre-attackcti
  Language:HTML 487

• center-for-threat-informed-defense / attack-control-framework-mappings

  🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

  cticyber-threat-intelligencemitre-attackcybersecuritynist800-53security-controlsctidthreat-informed-defenserisk-management
  Language:Python 481

• mitre-attack / mitreattack-python

  A python module for working with ATT&CK

  cybersecuritycyber-threat-intelligencemitre-corporationctimitre-attackpython
  Language:Python 446

• center-for-threat-informed-defense / tram

  TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

  ctidcyber-threat-intelligencecybersecuritymitre-attackthreat-informed-defense
  Language:Jupyter Notebook 434

• center-for-threat-informed-defense / security-stack-mappings

  🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

  mitre-attackcloudawsazuresecuritygcp
  Language:Python 379

• OpenCTI-Platform / connectors

  OpenCTI Connectors

  cybersecurityctithreat-intelligencemispmitre-attack
  Language:Python 367

• olafhartong / ATTACKdatamap

  A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

  dfirmitre-attackthreat-huntingthreat-detectionsiem
  Language:PowerShell 348

• sbousseaden / PCAP-ATTACK

  PCAP Samples for Different Post Exploitation Techniques

  detectionmitre-attackpcap-filespcapngthreat-hunting
  342

• Elemental-attack / Elemental

  Elemental - An ATT&CK Threat Library

  sigma-rulesmitre-attackatomicredteamattack-defenseattack-detectionthreat-intelligence
  Language:HTML 313