whoisjake0's repositories
attack-workbench-frontend
An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user interface for the ATT&CK Workbench application.
adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
sysmon-modular
A repository of sysmon configuration modules
attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
Mitigating-Web-Shells
Guidance for mitigation web shells. #nsacyber
top-attack-techniques
Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques.
cti
Cyber Threat Intelligence Repository expressed in STIX 2.0
Windows-Event-Log-Messages
Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber
ossec-sysmon
A Ruleset to enhance detection capabilities of Ossec using Sysmon
attack-control-framework-mappings
Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
sysmon-config
Sysmon configuration file template with default high-quality event tracing
elasticsearch-stig-baseline
This InSpec compliance profile implement the ElasticSearch Security Technical Implementation Guide (STIG) - (Draft) in an automated way to provide security best-practice tests around ElasticSearch with X-pack server and system settings in a production environment.
attack-to-elk
This program exports MITRE ATT&CK framework in ELK dashboard
windows-event-forwarding
A repository for using windows event forwarding for incident detection and response