https://github.com/cybersecurityup/mitre-attack-matrix

https://github.com/cybersecurityup/mitre-attack-matrix

Last synced: about 1 month ago
JSON representation

• Host: GitHub
• URL: https://github.com/cybersecurityup/mitre-attack-matrix
• Owner: CyberSecurityUP
• Created: 2021-06-16T14:33:37.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2021-06-16T15:20:11.000Z (over 3 years ago)
• Last Synced: 2024-01-22T21:06:56.760Z (12 months ago)
• Size: 262 KB
• Stars: 15
• Watchers: 4
• Forks: 7
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Mitre Att&ck Matrix by Joas

## Community Threats

### https://github.com/scythe-io/community-threats

### https://github.com/threat-punter/community-contributions

### https://github.com/MISP/MISP

### https://github.com/MISP/threat-actor-intelligence-server

### https://github.com/MISP/misp-galaxy

### https://github.com/mitre/cti

### https://gist.github.com/MSAdministrator/5d152ef57e4021c4ffa242aa02e0fb37

### https://github.com/Azure/Azure-Sentinel

## Tools and Plugin - Free and Commercial

### https://github.com/guardicore/monkey

### https://github.com/center-for-threat-informed-defense/caldera_pathfinder

### https://github.com/mitre/emu

### https://www.scythe.io/adversary-emulation

### https://github.com/redcanaryco/invoke-atomicredteam

### https://github.com/uber-common/metta

### https://github.com/NextronSystems/APTSimulator

### https://github.com/endgameinc/RTA

### https://www.encripto.no/en/downloads-2/tools/

### https://github.com/TryCatchHCF/DumpsterFire

### https://github.com/jymcheong/AutoTTP

### https://mitre.github.io/unfetter/

### https://github.com/fugawi/mate

### https://github.com/praetorian-inc/purple-team-attack-automation

### https://github.com/splunk/attack_range

### https://github.com/Telefonica/ATTPwn

### https://github.com/mvelazc0/PurpleSharp

### https://github.com/timfrazier1/AdversarySimulation

### https://github.com/redhuntlabs/RedHunt-OS

### https://github.com/Cyb3rWard0g/Invoke-ATTACKAPI

### https://github.com/SadProcessor/SomeStuff/blob/master/PoSh_ATTCK.ps1

### https://github.com/OTRF/ATTACK-Python-Client

### https://github.com/JimmyAstle/Atomic-Parser

### https://www.cobaltstrike.com/

### https://www.immunityinc.com/services/adversary-simulation.html

### https://www.safebreach.com/SafeBreach-Labs-Presenting-New-Hacking-Techniques-and-Adversary-Simulation

### https://simspace.com/products-components/

### https://attackiq.com/platform/#how-firedrill-works

### https://www.picussecurity.com/offensive-manager.html

### https://docs.microsoft.com/pt-br/microsoft-365/security/office-365-security/attack-simulator?view=o365-worldwide

### https://tearsecurity.com/index.html

### https://www.xmcyber.com/why-haxm/

## TTPs Creator

### https://mitre-attack.github.io/attack-navigator

### https://exploitpack.com/

### https://www.metasploit.com/

### https://i.blackhat.com/USA-19/Wednesday/us-19-Nickels-MITRE-ATTACK-The-Play-At-Home-Edition.pdf

### Exemplo

![image](https://user-images.githubusercontent.com/34966120/122246609-1310fd80-ce9d-11eb-9bc5-4b6fdfd63310.png)

### Example 2 - Windows TTP

- Initial Access

	- Exploit MS-17-010

	- Spear-Phishing

- Execution

	- Powershell Scripts

	- Windows Command Shell

- Privilege Escalation

	- Windows-Exploit-Suggester

	- PowerUP

	- EOP Exploitation

	- WSL Exploitation

	- Exploit MS-10-015

	- Exploit MS-16-032

	- Exploit MS-19-1388

- Defense Evasion

	- AV Bypass with Metasploit and Custom Binaries

		- https://www.youtube.com/watch?v=GF3yFmerrrc

	- Hooked Syscall

		- https://www.ired.team/offensive-security/defense-evasion/

	- .NET Reflection

		- https://www.ired.team/offensive-security/defense-evasion/

	- Full DLL Unhooking

		- https://www.ired.team/offensive-security/defense-evasion/

	- Obfuscated Powershell Script

		- https://www.ired.team/offensive-security/defense-evasion/

- Credential Access

	- Mimikatz

	- Mimidogz

	- LLMNR Poisoning

	- Pass-the-Hash

	- NTLM Brute Force

- Discovery

	- Sniffing

	- NLBrute

	- LLMNR Poisoning

	- Detect Sysmon Process

	- COM Enumerate

- Lateral Movement

	- RDP Hijacking

	- DCOM Lateral Movement

	- WMI Lateral Movement

	- WinRM

	- WinRS

	- Psexec

- Command and Control

	- Trevorfuscation

		- https://github.com/CyberSecurityUP/Trevorfuscation

	- Covenant and Powershell Empire

		- https://s3cur3th1ssh1t.github.io/Customizing_C2_Frameworks/

- Impact

	- Data Encrypted

		- Ransomware

			- https://github.com/leonv024/RAASNet

	- Data Exilftration

		- DNS

			- https://github.com/iagox86/dnscat2

			- https://github.com/Arno0x/DNSExfiltrator

		- ICMP

			- https://github.com/martinoj2009/ICMPExfil

		- HTTP

			- https://github.com/ytisf/PyExfil

	- Resource Hijacking

		- Botnet

			- https://github.com/malwaredllc/byob

## Mitre Att&ck Information

### https://github.com/CyberSecurityUP/Mitre-Attack-Matrix

### https://attack.mitre.org/

### https://www.youtube.com/channel/UCFEgQOL_n5iyPvwlHy_LADQ

### https://www.anomali.com/pt/resources/what-mitre-attck-is-and-how-it-is-useful

### https://www.mcafee.com/enterprise/en-us/security-awareness/cybersecurity/what-is-mitre-attack-framework.html

### https://medium.com/mitre-attack

### https://medium.com/cycraft/understanding-the-mitre-att-ck-apt29-evaluation-results-f11ef2d4dacd

### https://www.youtube.com/watch?v=wlJElPA0xqY

### https://www.youtube.com/watch?v=_VQYivkXTIY

### https://www.youtube.com/user/jorgeorchilles

### https://github.com/CyberSecurityUP/Awesome-Red-Team-Operations

## My LinkedIn

### https://www.linkedin.com/in/joas-antonio-dos-santos

*XMind - Evaluation Version*