ElementalElemental - An ATT&CK Threat Library
Atc ReactA knowledge base of actionable Incident Response techniques
CalderaAutomated Adversary Emulation Platform
MalwlessTest Blue Team detections without running any attack.
Chain ReactorChain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Litmus testDetecting ATT&CK techniques & tactics for Linux
Pcap AttackPCAP Samples for Different Post Exploitation Techniques
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Attack Control Framework MappingsSecurity control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
Misp MaltegoSet of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
Atomic Red Team Intelligence C2ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Attack NavigatorWeb app that provides basic navigation and annotation of ATT&CK matrices
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
BluespawnAn Active Defense and EDR software to empower Blue Teams
Certified Kubernetes Security SpecialistCurated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Auditd AttackA Linux Auditd rule set mapped to MITRE's Attack Framework
Atomic Red TeamSmall and highly portable detection tests based on MITRE's ATT&CK.
ShuffleShuffle: A general purpose security automation platform platform. We focus on accessibility for all.
Adversary emulation libraryAn open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Attack ScriptsScripts and a (future) library to improve users' interactions with the ATT&CK content
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
attckr⚔️MITRE ATT&CK Machinations in R
S2ANS2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
kubescapeKubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning.
attack to verisThe principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.
ezEmuSee adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
security-stack-mappingsThis project empowers defenders with independent data on which native security controls of leading technology platforms are most useful in defending against the adversary TTPs they care about.