attack-evalsATT&CK Evaluations website (DEPRECATED)
Stars: ✭ 57 (+235.29%)
CalderaAutomated Adversary Emulation Platform
Stars: ✭ 3,126 (+18288.24%)
connectorsOpenCTI connectors
Stars: ✭ 135 (+694.12%)
cycat-serviceCyCAT.org API back-end server including crawlers
Stars: ✭ 25 (+47.06%)
attack to verisThe principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.
Stars: ✭ 56 (+229.41%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+3876.47%)
attckr⚔️MITRE ATT&CK Machinations in R
Stars: ✭ 22 (+29.41%)
cti-stix-elevatorOASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON
Stars: ✭ 42 (+147.06%)
Reverse Engineering TutorialA FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 5,763 (+33800%)
cti-stix2-json-schemasOASIS TC Open Repository: Non-normative schemas and examples for STIX 2
Stars: ✭ 75 (+341.18%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (+29.41%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+40382.35%)
Adversary emulation libraryAn open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Stars: ✭ 295 (+1635.29%)
stix-iconsstix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats according to the STIX language for intelligence exchange, defined by OASIS Cyber Threat Intelligence (CTI) TC
Stars: ✭ 14 (-17.65%)
Zeek-Network-Security-MonitorA Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (+123.53%)
ShuffleShuffle: A general purpose security automation platform platform. We focus on accessibility for all.
Stars: ✭ 424 (+2394.12%)
Reverse-EngineeringA FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 7,234 (+42452.94%)
Open-source-tools-for-CTIPublic Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (+435.29%)
Attack ScriptsScripts and a (future) library to improve users' interactions with the ATT&CK content
Stars: ✭ 290 (+1605.88%)
Attack Control Framework MappingsSecurity control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
Stars: ✭ 115 (+576.47%)
Attack NavigatorWeb app that provides basic navigation and annotation of ATT&CK matrices
Stars: ✭ 887 (+5117.65%)
OpenctiAuthors
Stars: ✭ 2,165 (+12635.29%)
cti-pattern-validatorOASIS TC Open Repository: Validate patterns used to express cyber observable content in STIX Indicators
Stars: ✭ 18 (+5.88%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+20400%)
cti-stix-generatorOASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/cti-stix-generator
Stars: ✭ 27 (+58.82%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (+252.94%)
mitreMITRE package gives you an approach to cybersecurity data sets.
Stars: ✭ 17 (+0%)
kubescapeKubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning.
Stars: ✭ 7,340 (+43076.47%)
ictcoreICTCore: Unified Communications Framework for web developers. Communications APIs for voice calls, SMS messaging, Fax communications and Emails
Stars: ✭ 18 (+5.88%)
Jasmin-RansomwareJasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (+394.12%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 424 (+2394.12%)
Blue-Team-NotesYou didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+5188.24%)
Practical Malware AnalysisMaterials for a course based on the Practical Malware Analysis text by Andrew Honig and Michael Sikorski
Stars: ✭ 16 (-5.88%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (+147.06%)
rawsec-cybersecurity-inventoryAn inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
Stars: ✭ 153 (+800%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (+94.12%)
tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (+111.76%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (+611.76%)
honeykuA Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).
Stars: ✭ 56 (+229.41%)
know your ipKnow Your IP: Get location, blacklist status, shodan and censys results, and more.
Stars: ✭ 16 (-5.88%)
ThePhishThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+3876.47%)
MOSPA collaborative platform for creating, editing and sharing JSON objects.
Stars: ✭ 72 (+323.53%)
linkedin-employee-scraperExtract all employees from LinkedIn. Especially useful for companies with thousands of employees.
Stars: ✭ 16 (-5.88%)
urlRecon📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
Stars: ✭ 31 (+82.35%)
ADLESAutomated Deployment of Lab Environments System (ADLES)
Stars: ✭ 28 (+64.71%)
DecoyMini🐝 A highly scalable, safe, free enterprise honeypots 一款高可扩展、安全、免费的企业级蜜罐系统
Stars: ✭ 213 (+1152.94%)
Malicious-Urlv5A multi-layered and multi-tiered Machine Learning security solution, it supports always on detection system, Django REST framework used, equipped with a web-browser extension that uses a REST API call.
Stars: ✭ 35 (+105.88%)
adv-dnn-ens-malwareadversarial examples, adversarial malware examples, adversarial malware detection, adversarial deep ensemble, Android malware variants
Stars: ✭ 33 (+94.12%)
LuciferA Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Stars: ✭ 302 (+1676.47%)