ttp

There are 1 repository under ttp topic.

cyb3rxp / awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
architecture cert csirt detection incident-response management mitre-attack purpleteam risk-management siem sirp soa soar soc tip ttp
1547
cisagov / decider
A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
cybersecurity ttp
Language:HTML 1201
vectra-ai-research / MAAD-AF
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
adversary-emulation microsoft microsoft-azure-security powershell security cloud-security mitre red-team security-testing azuread cloud-administration microsoft365 identity-access-management microsoft-graph ttp entra-id
Language:PowerShell 406
0xsyr0 / Red-Team-Playbooks
This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.
offensive-security penetration-testing redteam offensive-methodology ttp playbook
Language:PowerShell 350
crocodyli / ThreatActors-TTPs
Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.
mitre-attack ransomware ttp ransomware-group malware threat-intelligence threat-acto
343
vectra-ai-research / Halberd
Halberd : Multi-Cloud Agentic Attack Tool
aws azuread blueteam-tools entra-id m365 microsoft mitre-attack offensive-security redteam redteam-tools security-testing security-tools ttp cloud-security azure gcp
Language:Python 320
prodaft / malware-ioc
This repository contains indicators of compromise (IOCs) of our various investigations.
cybersecurity ioc malware-detection malware-research ransomware threat-hunting threat-intelligence threatintel ttp apt malware threatintelligence indicator-of-compromise
Language:Python 305
CVE2CAPEC
Galeax / CVE2CAPEC
Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated daily. Showcased at BlackHat Europe 2025 Arsenal.
capec cve cves cwe cybersecurity infosec infosectools mitre-attack mitre-attack-db mitre-attack-navigator mitre-capec mitre-cwe ttp blackhat blackhat-arsenal d3fend mitre-d3fend mitre-defend blackhateurope-2025
Language:Python 245
curated-intel / Log4Shell-IOCs
A collection of intelligence about Log4Shell and its exploitation activity.
cobalt-strike cti cve-2021-44228 cybersecurity ioc java khonsari kinsing kirabash log4j log4j2 log4shell m8220 mirai muhstik sitesloader swrort threatintel threatintelligence ttp
Language:Python 184
vlegoy / rcATT
A python app to predict Att&ck tactics and techniques from cyber threat reports
cyber-threat-intelligence attack ttp multi-label-classification
Language:Python 126
everettsouthwick / trusted-traveler-scheduler
Python script for periodically fetching appointment dates from the Trusted Traveler Program API for Global Entry, Nexus, SENTRI, and FAST, with notifications to the user when new appointments are discovered.
entry fast global nexus program traveler trusted sentri cbp global-entry trusted-traveler-program ttp docker python trusted-traveler globalentry
Language:Python 61
tstromberg / ttp-bench
Adversary emulation for EDR/SIEM testing (macOS/Linux)
ioc ids edr intrusion benchmark security ttp
Language:Go 52
knight0x07 / DarkGate-Install-Script-via-DNS-TXT-Record
PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
cybersecurity dns infosec malware malware-analysis malware-development poc reverse-engineering threat-hunting threat-intelligence threatintel ttp darkgate
42
h4ndzdatm0ld / ttp_sros_parser
TTP Parser kit for SROS devices.
7750 nokia sros ttp
Language:Python 36
tbotnz / ios-show-run-ttp
TTP template for Cisco IOS "show run"
ttp cisco ios cisco-ios cisco-device devnet netmiko netmiko-ios netpalm
Language:Python 35
Offensive-Panda / MalwareAnalysis
This central repository is crafted for cybersecurity enthusiasts, researchers, and professionals aiming to advance their skills. It offers valuable resources for those focused on analyzing and understanding different types of malware.
malware malware-analysis mitre-attack offensive-security ttp
Language:HTML 18
purplestormctf / purplestorm-TTPs
A collection of commands, tools, techniques and procedures of the purplestorm ctf team.
ctf offensive-security pentesting purplestorm red-team ttp
Language:Shell 11
FOGSEC / Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
wiki red team red-team ttp tactics resource resources domain domain-fronting dns smtp smtpclient https scala phish phishing phishing-attacks c2 command-and-control
10
FOGSEC / blackhat-arsenal-tools
Official Black Hat Arsenal Security Tools Repository
list tools black-hat black hat defcon arsenal ttp
8
FOGSEC / Empire
Empire is a PowerShell and Python post-exploitation agent.
post-exploitation empire powershell python powershell-scripts admin rat dropper stager downloader beacon cobalt strike cobalt-strike red-team red team ttp tools
Language:PowerShell 6
bozensel / nokia-netmiko-ttp-show-commands
Parsing some nokia SROS show outputs using ttp
ttp sros network netmiko python3 json
Language:Python 5
kyperbelt / TTP-Compiler
A compiler/assembler for files written in ttpasm to work with Tak's Toy Processor.
ttp assembler assembly school american-river-college asm ttpasm tak-toy-processor ttp-compiler cpu logism
Language:Rust 5
Kelvin0428 / Ransomware-Group-TI
A compilation of Tactics, Techniques, and Procedures (TTPs) employed by ransomware groups over the past five years.
ransomware ttp
4
FOGSEC / Checklists
Pentesting checklists for various engagements
checklist ttp ttps documentation voip linux privesc android applocker command-and-control c2 windows exfil procedure
3
FOGSEC / lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
linux macos unix hipaa iso27001 pci-dss hardening scan scanner scanning audit red team red-team automated automation auto-exploit resource ttp
Language:Shell 3
FOGSEC / pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
docker-image rat post-exploitation framework python python27 red team red-team cross-platform remote admin administration payload payloads dropper downloader ttp tools
Language:Python 3
frknaykc / Dragon-RansomwareResearchHQ
A resource containing all the data each ransomware gangs
encryption indicators indicators-of-compromise ioc mitre-attack notes ransomware ransomware-detection ransomware-summary rules ttp
3
Lupovis / GetIPReputation
Use the Prowl API to obtain IP Reputation, Techniques Tactics and Procedures, Indicators of Attacks and Indicators of Compromise related to a public IP.
ip networking security hacker hacking-tools malicious-ips malicious-traffic network-analysis osint-tool osint-tools reputation security-tools ttp osint ip-reputation ip-reputation-checker
Language:Python 3
mosaic-hgw / Dockerbank
Docker-compose files for the open-source tools E-PIX gPAS and gICS. Use these containers to implement your Trusted Third-Party
docker e-pix epix gics gpas install mosaic ths ttp trusted third-party
3
filippofinke / ttp
The Travelling Thief Problem (GECCO 2024)
problem thief travelling ttp
Language:Rust 2
FOGSEC / awesome-docker
:whale: A curated list of Docker resources and projects
list resource resources ttp docker devops developer-tools development-environment developer-environment blue-team blue team red-team red
2
FOGSEC / Sharp-Suite
My musings with C#
cobalt strike cobalt-strike c-sharp antivirus evasion payload logging log ttp
Language:C# 2
glowbase / decider-v2
An intelligence focused mapping tool to help network defenders and threat intelligence in the process of mapping adversarial behaviors to make meaningful and informed command decisions.
apt cybersecurity ism mitre nist ttp
Language:JavaScript 2
rodoufu / ttp_fpga
ttp fpga traveling-thief-problem high-level-synthesis
Language:C 2
txuswashere / Cyber-Attacks-Mitigation
Cyber Attacks Mitigation
countermeasure countermeasures cyber-security cyber-threat-intelligence cyberattacks cybersecurity mitigation mitigation-strategies mitigations security cyberattack security-hardening security-vulnerability ttp
2
ttran9619 / ttpm-rs
A tool for monitoring interview slots for Trusted Traveler Programs such as Global Entry.
globalentry rust ttp
Language:Rust 1

ttp

cyb3rxp / awesome-soc

cisagov / decider

vectra-ai-research / MAAD-AF

0xsyr0 / Red-Team-Playbooks

crocodyli / ThreatActors-TTPs

vectra-ai-research / Halberd

prodaft / malware-ioc

Galeax / CVE2CAPEC

curated-intel / Log4Shell-IOCs

vlegoy / rcATT

everettsouthwick / trusted-traveler-scheduler

tstromberg / ttp-bench

knight0x07 / DarkGate-Install-Script-via-DNS-TXT-Record

h4ndzdatm0ld / ttp_sros_parser

tbotnz / ios-show-run-ttp

Offensive-Panda / MalwareAnalysis

purplestormctf / purplestorm-TTPs

FOGSEC / Red-Team-Infrastructure-Wiki

FOGSEC / blackhat-arsenal-tools

FOGSEC / Empire

bozensel / nokia-netmiko-ttp-show-commands

kyperbelt / TTP-Compiler

Kelvin0428 / Ransomware-Group-TI

FOGSEC / Checklists

FOGSEC / lynis

FOGSEC / pupy

frknaykc / Dragon-RansomwareResearchHQ

Lupovis / GetIPReputation

mosaic-hgw / Dockerbank

filippofinke / ttp

FOGSEC / awesome-docker

FOGSEC / Sharp-Suite

glowbase / decider-v2

rodoufu / ttp_fpga

txuswashere / Cyber-Attacks-Mitigation

ttran9619 / ttpm-rs