334 Open source projects that are alternatives of or similar to Attack Control Framework Mappings

Scripts and a (future) library to improve users' interactions with the ATT&CK content

The principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.

OpenCTI connectors

ATT&CK Evaluations website (DEPRECATED)

A python module for working with ATT&CK

⚔️MITRE ATT&CK Machinations in R

MITRE Shield website

MITRE ATT&CK Website

CyCAT.org API back-end server including crawlers

Automated Adversary Emulation Platform

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Shuffle: A general purpose security automation platform platform. We focus on accessibility for all.

Web app that provides basic navigation and annotation of ATT&CK matrices

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Bringing you the best of the worst files on the Internet.

Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.

SEED Labs developed in the last 20 years.

Awesome Node.js Security resources

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

Extract API keys from file or url using by magic of python and regex.

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

Asynchronous Python implementation of SlowLoris DoS attack

Unified Cybersecurity Ontology

black hat python

Framework для сбора данных из открытых источников. В Framework используется большое количество API, их необходимо зарегистрировать самому.​

VirusTotal Wanna Be - Now with 100% more Hipster

All of my recommendations for aspiring engineers in a single place, coming from various areas of interest.

Curated list of awesome cybersecurity companies and solutions.

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

Explore Indicators of Compromise Automatically

XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

PatrowlHears - Vulnerability Intelligence Center / Exploits

Code repository for the paper "Adversarial Deep Learning for Robust Detection of Binary Encoded Malware"

A toolkit for Security Researchers

Forward shell generation framework

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard

Tool to predict attacker groups from the techniques and software used

The Collective. A repo for a collection of red-team projects found mostly on Github.

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.

An ongoing list of virtual cybersecurity conferences.

an implementation of a OPC UA stack fully written in javascript and nodejs - http://node-opcua.github.io/

Windows Events Attack Samples

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

fast TCP banner grabbing with node.js

A modular Python application to pull intelligence about malicious files

Responsive Command and Control System

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

active / passive network scanner

Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

The bot for the Cyber Discovery Community Discord Server!

A super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell.

A repository of sysmon configuration modules

A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber