attack-evalsATT&CK Evaluations website (DEPRECATED)
Stars: ✭ 57 (-72.6%)
attack to verisThe principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.
Stars: ✭ 56 (-73.08%)
CalderaAutomated Adversary Emulation Platform
Stars: ✭ 3,126 (+1402.88%)
cycat-serviceCyCAT.org API back-end server including crawlers
Stars: ✭ 25 (-87.98%)
connectorsOpenCTI connectors
Stars: ✭ 135 (-35.1%)
Adversary emulation libraryAn open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Stars: ✭ 295 (+41.83%)
cti-stix-generatorOASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/cti-stix-generator
Stars: ✭ 27 (-87.02%)
ShuffleShuffle: A general purpose security automation platform platform. We focus on accessibility for all.
Stars: ✭ 424 (+103.85%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+3208.65%)
cti-stix2-json-schemasOASIS TC Open Repository: Non-normative schemas and examples for STIX 2
Stars: ✭ 75 (-63.94%)
Attack ScriptsScripts and a (future) library to improve users' interactions with the ATT&CK content
Stars: ✭ 290 (+39.42%)
Reverse-EngineeringA FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 7,234 (+3377.88%)
attckr⚔️MITRE ATT&CK Machinations in R
Stars: ✭ 22 (-89.42%)
Zeek-Network-Security-MonitorA Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (-81.73%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+225%)
stix-iconsstix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats according to the STIX language for intelligence exchange, defined by OASIS Cyber Threat Intelligence (CTI) TC
Stars: ✭ 14 (-93.27%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-89.42%)
cti-stix-elevatorOASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON
Stars: ✭ 42 (-79.81%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+1575.48%)
Reverse Engineering TutorialA FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 5,763 (+2670.67%)
cti-pattern-validatorOASIS TC Open Repository: Validate patterns used to express cyber observable content in STIX Indicators
Stars: ✭ 18 (-91.35%)
Attack Control Framework MappingsSecurity control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
Stars: ✭ 115 (-44.71%)
Open-source-tools-for-CTIPublic Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (-56.25%)
Attack NavigatorWeb app that provides basic navigation and annotation of ATT&CK matrices
Stars: ✭ 887 (+326.44%)
OpenctiAuthors
Stars: ✭ 2,165 (+940.87%)
CloudFrontierMonitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.
Stars: ✭ 102 (-50.96%)
ezEmuSee adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
Stars: ✭ 89 (-57.21%)
phishEyephishEye is an ultimate phishing tool in python. Includes popular websites like Facebook, Twitter, Instagram, LinkedIn, GitHub, Dropbox, and many others. Created with Flask, custom templates, and tunneled with ngrok and localhost.run.
Stars: ✭ 47 (-77.4%)
conclaveQuery compiler for secure multi-party computation.
Stars: ✭ 86 (-58.65%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-70.67%)
pywhatcmsUnofficial WhatCMS API package
Stars: ✭ 42 (-79.81%)
SSI Extra MaterialsIn my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them
Stars: ✭ 42 (-79.81%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (-32.69%)
FSEC-VMBackend logic implementation for Vulnerability Management System
Stars: ✭ 19 (-90.87%)
Intel-OneCommand line tool for passive reconnaissance, able to gather and link public information to a target domain, company or individual. It can make intelligence gathering faster and more effective by drastically reducing manual user interaction. This is achieved through the engineering of a highly customisable single input to multiple output solutio…
Stars: ✭ 23 (-88.94%)
DomainCATDomain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
Stars: ✭ 34 (-83.65%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-83.65%)
PyIrisPyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
Stars: ✭ 296 (+42.31%)
reosploitA Tool that Finds, Enumerates, and Exploits Reolink Cameras.
Stars: ✭ 89 (-57.21%)
fuseraA FUSE interface to the NCBI Sequence Read Archive (SRA)
Stars: ✭ 28 (-86.54%)
CyberQueensCyberQueens lesson materials - learning resources and exercises for aspiring reverse engineers, exploit developers, and hackers 👩💻👨💻
Stars: ✭ 30 (-85.58%)
security-stack-mappingsThis project empowers defenders with independent data on which native security controls of leading technology platforms are most useful in defending against the adversary TTPs they care about.
Stars: ✭ 305 (+46.63%)
my-cybersecurity-notesThese are the notes i have been taking since i started learning about ethical hacking and cybersecurity
Stars: ✭ 13 (-93.75%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+506.25%)
Awesome-CyberSec-ResourcesAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Stars: ✭ 273 (+31.25%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (+21.15%)
RdpCacheStitcherRdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Stars: ✭ 176 (-15.38%)
Malware-ZooHashes of infamous malware
Stars: ✭ 18 (-91.35%)
GnuradioGNU Radio – the Free and Open Software Radio Ecosystem
Stars: ✭ 3,297 (+1485.1%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+1275.96%)
OwlyshieldOwlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..
Stars: ✭ 281 (+35.1%)