247 Open source projects that are alternatives of or similar to Litmus_test

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Recon Hunt Queries

Automated Adversary Emulation Platform

A knowledge base of actionable Incident Response techniques

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Monzo's real-time incident response and reporting tool ⚡️

A repository of sysmon configuration modules

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

A collection of useful scripts for Cobalt Strike

Fast browser-based network discovery module

SIAC is an enterprise SIEM built on open-source technology.

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

The GitHub of Adversary Emulation Plans in JSON. Share SCYTHE threats with the community. #ThreatThursday adversary emulation plans are shared here.

Windows Events Attack Samples

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

Explore Indicators of Compromise Automatically

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

A role-playing game for incident management training

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

Empire HTTP(S) C2 redirector setup script

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.

Maltego CaseFile entities for information security investigations, malware analysis and incident response

Go-deliver is a payload delivery tool coded in Go.

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

Adversary Simulation Framework

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

A curated list of awesome things related to TheHive & Cortex

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

The Collective. A repo for a collection of red-team projects found mostly on Github.

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

🔪 Leak git repositories from misconfigured websites

Python API Client for TheHive

Wazuh - Project documentation

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

All-in-one bundle of MISP, TheHive and Cortex

A post exploitation framework designed to operate covertly on heavily monitored environments

Fast and efficient osquery management

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Monitoring GitLab for sensitive data shared publicly

PS / Bash / Python / Other scripts For FUN!

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Tool to predict attacker groups from the techniques and software used

Invoke-LiveResponse

incident response tool for iOS devices

PCAP Samples for Different Post Exploitation Techniques

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

PagerDuty's Incident Response Documentation.

Monitoring your Slack workspaces for sensitive information

Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.

Wazuh - Chef cookbooks

Python API Client for Cortex

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions