358 Open source projects that are alternatives of or similar to mitrecnd.github.io

ATT&CK Evaluations website (DEPRECATED)

A python module for working with ATT&CK

STIX data representing MITRE ATT&CK

Automated Adversary Emulation Platform

OpenCTI connectors

CyCAT.org API back-end server including crawlers

The principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.

Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

⚔️MITRE ATT&CK Machinations in R

OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

OASIS TC Open Repository: Non-normative schemas and examples for STIX 2

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

stix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats according to the STIX language for intelligence exchange, defined by OASIS Cyber Threat Intelligence (CTI) TC

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

Shuffle: A general purpose security automation platform platform. We focus on accessibility for all.

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

OpenCTI Python Client

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

Scripts and a (future) library to improve users' interactions with the ATT&CK content

Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.

Web app that provides basic navigation and annotation of ATT&CK matrices

Authors

OASIS TC Open Repository: Validate patterns used to express cyber observable content in STIX Indicators

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

MITRE ATT&CK Website

OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/cti-stix-generator

Information Security Library

MITRE package gives you an approach to cybersecurity data sets.

Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning.

ICTCore: Unified Communications Framework for web developers. Communications APIs for voice calls, SMS messaging, Fax communications and Emails

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

You didn't think I'd go and leave the blue team out, right?

网络信息安全从业者面试指南

Materials for a course based on the Practical Malware Analysis text by Andrew Honig and Michael Sikorski

Malware Sample Sources

Who and what to follow in the world of cyber security

Provides various Windows Server Active Directory (AD) security-focused reports.

An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

Additional Resources For Securing The Stack Tutorials

Modification of BECTI made by zerty for the JMW Arma 3 server

A tool for generating reverse shell payloads on the fly.

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).

Know Your IP: Get location, blacklist status, shodan and censys results, and more.

ThePhish: an automated phishing email analysis tool

A collaborative platform for creating, editing and sharing JSON objects.

Extract all employees from LinkedIn. Especially useful for companies with thousands of employees.

📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server

Automated Deployment of Lab Environments System (ADLES)

🐝 A highly scalable, safe, free enterprise honeypots 一款高可扩展、安全、免费的企业级蜜罐系统

A multi-layered and multi-tiered Machine Learning security solution, it supports always on detection system, Django REST framework used, equipped with a web-browser extension that uses a REST API call.

adversarial examples, adversarial malware examples, adversarial malware detection, adversarial deep ensemble, Android malware variants

Collection of several DDos tools.

A curated list of awesome resources related to executable packing

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life