GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Elemental-attack → Elemental

Elemental-attack / Elemental

Licence: other
Elemental - An ATT&CK Threat Library

Labels

htmlthreat-intelligencemitre-attack

Projects that are alternatives of or similar to Elemental

attckr
⚔️MITRE ATT&CK Machinations in R
Stars: ✭ 22 (-90.87%)
Mutual labels:  threat-intelligence, mitre-attack
cycat-service
CyCAT.org API back-end server including crawlers
Stars: ✭ 25 (-89.63%)
Mutual labels:  threat-intelligence, mitre-attack
nsm-attack
Mapping NSM rules to MITRE ATT&CK
Stars: ✭ 53 (-78.01%)
Mutual labels:  threat-intelligence, mitre-attack
connectors
OpenCTI connectors
Stars: ✭ 135 (-43.98%)
Mutual labels:  threat-intelligence, mitre-attack
Misp Maltego
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
Stars: ✭ 112 (-53.53%)
Mutual labels:  threat-intelligence, mitre-attack
Patrowlengines
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-32.78%)
Mutual labels:  threat-intelligence
Chain Reactor
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Stars: ✭ 206 (-14.52%)
Mutual labels:  mitre-attack
Opensquat
Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-38.17%)
Mutual labels:  threat-intelligence
Dnsmorph
Domain name permutation engine written in Go
Stars: ✭ 148 (-38.59%)
Mutual labels:  threat-intelligence
Atc React
A knowledge base of actionable Incident Response techniques
Stars: ✭ 226 (-6.22%)
Mutual labels:  mitre-attack
Malwless
Test Blue Team detections without running any attack.
Stars: ✭ 215 (-10.79%)
Mutual labels:  mitre-attack
Litmus test
Detecting ATT&CK techniques & tactics for Linux
Stars: ✭ 190 (-21.16%)
Mutual labels:  mitre-attack
Sweetie Data
This repo contains logstash of various honeypots
Stars: ✭ 163 (-32.37%)
Mutual labels:  threat-intelligence
Scot
Sandia Cyber Omni Tracker (SCOT)
Stars: ✭ 206 (-14.52%)
Mutual labels:  threat-intelligence
Invoke Apex
A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-32.78%)
Mutual labels:  mitre-attack
Osweep
Don't Just Search OSINT. Sweep It.
Stars: ✭ 225 (-6.64%)
Mutual labels:  threat-intelligence
Docker Misp
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Stars: ✭ 148 (-38.59%)
Mutual labels:  threat-intelligence
Misp Training
MISP trainings, threat intel and information sharing training materials with source code
Stars: ✭ 185 (-23.24%)
Mutual labels:  threat-intelligence
Threat Hunting
Personal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (-9.13%)
Mutual labels:  threat-intelligence
Misp Warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
Stars: ✭ 184 (-23.65%)
Mutual labels:  threat-intelligence
View All Similar Projects ➔

Elemental

Elemental is a centralized threat library of MITRE ATT&CK techniques, Atomic Red Team tests, and over 280 Sigma rules. It provides an alternative way to explore the ATT&CK dataset, mapping relevant Atomic Red Team tests and Sigma rules to their respective technique. Elemental allows defenders to create custom ATT&CK Techniques and upload Sigma Rules. The ATT&CK dataset was collected via the hunters-forge attackcti Python client. Atomic Red Team tests were imported from the Atomic Red Team GitHub repository. Sigma rules were imported from Sigma's GitHub rule collection if they contained ATT&CK tags.

This platform was conceived as a capstone project for University of California Berkeley's Master of Information and Cybersecurity program. We look forward to community feedback for new ideas and improvements. This instance of Elemental is experimental and not configured for production deployment. Please see Django documentation on configuring a production server.

Features

  • View ATT&CK Technique information
  • View Atomic Red Team tests in Markdown and Yaml
  • View Sigma rules in Yaml
  • Add new ATT&CK Techniques (currently only available from Django Admin panel)
  • Upload new Sigma rules (currently only available from Django Admin panel)

Screenshots

Main Elements View

Technique View

Atomics View

Sigma Rules View

Installation

git clone https://github.com/Elemental-attack/Elemental.git

cd Elemental/elemental

pip install -r requirements.txt

python manage.py runserver

Default Django admin page crendentials: user: elemental | password: berkelium

Thanks

Mitre ATT&CK - https://github.com/mitre/cti

Atomic Red Team - https://github.com/redcanaryco/atomic-red-team

ATT&CK Python Client - https://github.com/hunters-forge/ATTACK-Python-Client

Sigma - https://github.com/Neo23x0/sigma

TODO

  • [ ] Log Source mapping for Techniques and Sigma rules
  • [ ] Custom Techniques add
  • [ ] Custom Sigma Rules upload
  • [ ] Sigmac to convert rules to desired SIEM
  • [ ] Filter capabilities on Elements page
  • [ ] Integrate update functionality for ATT&CK, Atomic Red Team, and Sigma rules repo

Authors

License

Please see license file

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].