347 Open source projects that are alternatives of or similar to attack-evals

A python module for working with ATT&CK

MITRE Shield website

STIX data representing MITRE ATT&CK

The principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.

OpenCTI connectors

Automated Adversary Emulation Platform

CyCAT.org API back-end server including crawlers

Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

⚔️MITRE ATT&CK Machinations in R

OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

OASIS TC Open Repository: Non-normative schemas and examples for STIX 2

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

stix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats according to the STIX language for intelligence exchange, defined by OASIS Cyber Threat Intelligence (CTI) TC

Shuffle: A general purpose security automation platform platform. We focus on accessibility for all.

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

OpenCTI Python Client

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

Scripts and a (future) library to improve users' interactions with the ATT&CK content

Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.

Web app that provides basic navigation and annotation of ATT&CK matrices

Authors

OASIS TC Open Repository: Validate patterns used to express cyber observable content in STIX Indicators

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

MITRE ATT&CK Website

OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/cti-stix-generator

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

Collection of several DDos tools.

Additional Resources For Securing The Stack Tutorials

A template for writing a condensed course index leveraging LaTeX indexing

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

A tool for generating reverse shell payloads on the fly.

ThePhish: an automated phishing email analysis tool

学习安全运营的记录 | The knowledge base of security operation

A collaborative platform for creating, editing and sharing JSON objects.

📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server

Provides various Windows Server Active Directory (AD) security-focused reports.

The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.

A Highly Accessible and Automated Virtualization Platform for Security Education

Automated Deployment of Lab Environments System (ADLES)

recon-ng modules for Censys

A curated list of awesome resources related to executable packing

Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Set of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

Search a filesystem for indicators of compromise (IoC).

网络安全课本

Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations

网络安全 · 攻防对抗 · 蓝队清单，中文版

🔑 Hash type identifier (CLI & lib)

adversarial examples, adversarial malware examples, adversarial malware detection, adversarial deep ensemble, Android malware variants

Materials for a course based on the Practical Malware Analysis text by Andrew Honig and Michael Sikorski

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

💀 A bash hacking and scanning framework.

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.