Projects in Awesome Lists tagged with mitre-attack

https://github.com/kubescape/kubescape

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

best-practice devops kubernetes mitre-attack nsa security vulnerability-detection

Last synced: 23 Jan 2026

https://github.com/redcanaryco/atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

mitre mitre-attack

Last synced: 12 May 2025

https://github.com/a-poc/redteam-tools

Tools and Techniques for Red Team / Penetration Testing

cheatsheet cybersecurity enumeration hacking linux mitre-attack payload penetration-testing pentest pentest-tools red-team red-team-tools redteam resources security-tools tools windows

Last synced: 13 May 2025

https://github.com/mitre/caldera

Automated Adversary Emulation Platform

adversary-emulation caldera cybersecurity hacking mitre mitre-attack mitre-corporation red-team security-automation security-testing

Last synced: 12 May 2025

https://github.com/A-poc/RedTeam-Tools

Tools and Techniques for Red Team / Penetration Testing

cheatsheet cybersecurity enumeration hacking linux mitre-attack payload penetration-testing pentest pentest-tools red-team red-team-tools redteam resources security-tools tools windows

Last synced: 30 Mar 2025

https://github.com/olafhartong/sysmon-modular

A repository of sysmon configuration modules

dfir mitre-attack modular security-tools sysmon threat-hunting

Last synced: 14 May 2025

https://github.com/sbousseaden/EVTX-ATTACK-SAMPLES

Windows Events Attack Samples

dataset detection-engineering dfir evtx mitre-attack threat-hunting windows-security winlogbeat

Last synced: 23 Mar 2025

https://github.com/datadog/stratus-red-team

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

adversary-emulation aws aws-security azure-security cloud-native-security cloud-security detection-engineering gcp-security kubernetes-security mitre-attack purple-team security threat-detection

Last synced: 04 Feb 2026

https://github.com/sbousseaden/evtx-attack-samples

Windows Events Attack Samples

dataset detection-engineering dfir evtx mitre-attack threat-hunting windows-security winlogbeat

Last synced: 13 Mar 2025

https://github.com/mitre-attack/attack-navigator

Web app that provides basic navigation and annotation of ATT&CK matrices

cti cyber-threat-intelligence cybersecurity mitre-attack mitre-corporation

Last synced: 14 May 2025

https://mitre-attack.github.io/attack-navigator/

Web app that provides basic navigation and annotation of ATT&CK matrices

cti cyber-threat-intelligence cybersecurity mitre-attack mitre-corporation

Last synced: 10 Apr 2025

https://github.com/walidshaari/certified-kubernetes-security-specialist

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.

apparmor certification cks ckss exam-objectives falco kernel-hardening kube-bench kube-hunter kubernetes kubernetes-security mitre-attack open-policy-agent os-footprint pod pod-security-policy policy seccomp security trivy

Last synced: 15 May 2025

https://github.com/walidshaari/Certified-Kubernetes-Security-Specialist

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.

apparmor certification cks ckss exam-objectives falco kernel-hardening kube-bench kube-hunter kubernetes kubernetes-security mitre-attack open-policy-agent os-footprint pod pod-security-policy policy seccomp security trivy

Last synced: 08 May 2025

https://github.com/DataDog/stratus-red-team

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

adversary-emulation aws aws-security azure-security cloud-native-security cloud-security detection-engineering gcp-security kubernetes-security mitre-attack purple-team security threat-detection

Last synced: 30 Mar 2025

https://github.com/shuffle/shuffle

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

agplv3 automation cybersecurity discord hacktoberfest integrations mitre-attack openapi orchestration orchestrator orchestrator-gui security security-automation security-orchestrator shuffle soar workflow-editor

Last synced: 26 Feb 2026

https://github.com/center-for-threat-informed-defense/adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

adversary-emulation adversary-emulation-plans ctid cyber-threat-intelligence cybersecurity mitre-attack red-team threat-informed-defense

Last synced: 15 May 2025

https://github.com/mikeroyal/digital-forensics-guide

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

alerting cyber-security detection-engineering dfir digital-forensics digitalforensicreadiness digitalforensics forensic-analysis forensics forensics-investigations forensics-tools intrusion-detection mitre-attack network-security offensive-security osint port-scanning security siem threat-intelligence

Last synced: 08 Apr 2025

https://github.com/mikeroyal/Digital-Forensics-Guide

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

alerting cyber-security detection-engineering dfir digital-forensics digitalforensicreadiness digitalforensics forensic-analysis forensics forensics-investigations forensics-tools intrusion-detection mitre-attack network-security offensive-security osint port-scanning security siem threat-intelligence

Last synced: 14 Mar 2025

https://github.com/Shuffle/Shuffle

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

agplv3 automation cybersecurity discord hacktoberfest integrations mitre-attack openapi orchestration orchestrator orchestrator-gui security security-automation security-orchestrator shuffle soar workflow-editor

Last synced: 26 Mar 2025

https://github.com/austinsonger/Incident-Playbook

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

catalog contributions-welcome contributors-welcome cybersecurity cybersecurity-playbook incident-management incident-response incidents mitre mitre-attack playbook

Last synced: 02 Apr 2025

https://github.com/austinsonger/incident-playbook

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

catalog contributions-welcome contributors-welcome cybersecurity cybersecurity-playbook incident-management incident-response incidents mitre mitre-attack playbook

Last synced: 26 Feb 2026

https://github.com/ion28/bluespawn

An Active Defense and EDR software to empower Blue Teams

active-defense anti-virus blue-team edr mitre-attack security security-tools threat-hunting windows

Last synced: 16 May 2025

https://github.com/ION28/BLUESPAWN

An Active Defense and EDR software to empower Blue Teams

active-defense anti-virus blue-team edr mitre-attack security security-tools threat-hunting windows

Last synced: 30 Mar 2025

https://github.com/olafhartong/threathunting

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

dfir mitre-attack splunk threat-hunting

Last synced: 26 Jan 2026

https://github.com/olafhartong/ThreatHunting

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

dfir mitre-attack splunk threat-hunting

Last synced: 24 Mar 2025

https://github.com/netevert/sentinel-attack

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

azure azure-sentinel blue-team cybersecurity detection kql logging mitre-attack security-tools siem sysmon sysmon-config terraform-azure threat-hunting workbooks

Last synced: 16 May 2025

https://github.com/nshalabi/attack-tools

Utilities for MITRE™ ATT&CK

adversary-emulation mitre mitre-attack redteam redteaming

Last synced: 16 May 2025

https://github.com/nshalabi/ATTACK-Tools

Utilities for MITRE™ ATT&CK

adversary-emulation mitre mitre-attack redteam redteaming

Last synced: 11 Jul 2025

https://github.com/atc-project/atomic-threat-coverage

Actionable analytics designed to combat threats

incidentresponse mitre-attack threat-model threatdetection threathunting threatintelligence

Last synced: 02 Apr 2025

https://github.com/mikeroyal/open-source-security-guide

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection

Last synced: 16 May 2025

https://github.com/mikeroyal/Open-Source-Security-Guide

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection

Last synced: 30 Mar 2025

https://github.com/bfuzzy/auditd-attack

A Linux Auditd rule set mapped to MITRE's Attack Framework

attack-detection auditd linux mitre-attack threat-hunting

Last synced: 02 Apr 2025

https://github.com/atc-project/atc-react

A knowledge base of actionable Incident Response techniques

amitt dfir incident-response mitre-attack response-playbooks thehive

Last synced: 14 May 2025

https://github.com/DataDog/KubeHound

Kubernetes Attack Graph

adversary-emulation attack-graph attack-paths cloud-native-security exploit kubernetes kubernetes-security mitre-attack purple-team red-team security-audit security-automation security-tools

Last synced: 31 Mar 2025

https://github.com/datadog/kubehound

Kubernetes Attack Graph

adversary-emulation attack-graph attack-paths cloud-native-security exploit kubernetes kubernetes-security mitre-attack purple-team red-team security-audit security-automation security-tools

Last synced: 04 Apr 2025

https://atc-project.github.io/atc-react/

A knowledge base of actionable Incident Response techniques

amitt dfir incident-response mitre-attack response-playbooks thehive

Last synced: 13 Apr 2025

https://github.com/center-for-threat-informed-defense/attack-flow

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

ctid cyber-threat-intelligence cybersecurity mitre-attack threat-informed-defense

Last synced: 15 May 2025

https://github.com/mitre-attack/attack-website

MITRE ATT&CK Website

cti cyber-threat-intelligence cybersecurity mitre-attack mitre-corporation

Last synced: 21 Jul 2025

https://github.com/mitre-attack/mitreattack-python

A python module for working with ATT&CK

cti cyber-threat-intelligence cybersecurity mitre-attack mitre-corporation python

Last synced: 14 May 2025

https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

evtx mitre-attack redteam siem threat-hunting

Last synced: 08 May 2025

https://github.com/center-for-threat-informed-defense/tram

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

ctid cyber-threat-intelligence cybersecurity mitre-attack threat-informed-defense

Last synced: 15 May 2025

https://github.com/SlimKQL/Hunting-Queries-Detection-Rules

KQL Queries. Microsoft Defender, Microsoft Sentinel

azure defender defenderxdr kql microsoft mitre-attack sentinel threatdetection threathunting

Last synced: 31 Oct 2025

https://github.com/center-for-threat-informed-defense/security-stack-mappings

🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

aws azure cloud gcp mitre-attack security

Last synced: 31 Mar 2025

https://github.com/olafhartong/attackdatamap

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

dfir mitre-attack siem threat-detection threat-hunting

Last synced: 04 Oct 2025

https://github.com/olafhartong/ATTACKdatamap

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

dfir mitre-attack siem threat-detection threat-hunting

Last synced: 27 Apr 2025

https://github.com/sbousseaden/PCAP-ATTACK

PCAP Samples for Different Post Exploitation Techniques

detection mitre-attack pcap-files pcapng threat-hunting

Last synced: 24 Mar 2025

https://github.com/kac89/vulnrepo

VULNRΞPO - Free vulnerability report generator and repository end-to-end encrypted. Complete templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, issues import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, methodologies and much more!

angular bugbounty burpsuite cve cwe end-to-end-encryption mitre-attack nessus nmap openvas pci-dss pentesting security security-team security-tool trivy vulnerability-assessment vulnerability-management vulnerability-report vulnerability-research

Last synced: 03 Apr 2025

https://github.com/mdecrevoisier/SIGMA-detection-rules

Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques

mitre-attack powershell sigma threat-hunting windows

Last synced: 10 Apr 2025

https://github.com/redcanaryco/chain-reactor

Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

adversary-simulation elf linux mitre mitre-attack security security-testing

Last synced: 16 May 2025

https://github.com/center-for-threat-informed-defense/cti-blueprints

CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.

ctid cyber-threat-intelligence cybersecurity incident-response malware-analysis mitre-attack threat-actors threat-informed-defense

Last synced: 09 Apr 2025

https://github.com/mitre/caldera-ot

MITRE Caldera™ for OT Plugins & Capabilities

adversary-emulation bacnet caldera cybersecurity dnp3 mitre mitre-attack mitre-corporation modbus operational-technology ot profinet

Last synced: 14 Feb 2026

https://github.com/center-for-threat-informed-defense/attack_to_cve

🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

ctid cve cybersecurity mitre-attack threat-informed-defense

Last synced: 11 Jul 2025

https://github.com/password-reset/Invoke-Apex

A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

adversary-emulation mitre-attack offensive-security pentesting powershell redteam

Last synced: 13 May 2025

https://github.com/darmado/Atomic-Red-Team-C2

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

csharp dotnet mitre-attack offensive-security post-exploitation powershell-scripts purple-team purpleteam python3 red-teams redteam

Last synced: 07 Sep 2025

https://github.com/misp/misp-maltego

Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.

analysis attack graph maltego misp misp-maltego mitre-attack pivoting threat-intel threat-intelligence transform visualisation

Last synced: 06 Apr 2025

https://github.com/sbousseaden/macOS-ATTACK-DATASET

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

blueteam detection elastic macos mitre-attack threat-hunting

Last synced: 11 Jul 2025

https://github.com/th3xace/edr-test

Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].

aggressor-scripts cobalt-strike cobaltstrike edr mitre-attack purple-team purpleteam

Last synced: 02 Jan 2026

https://github.com/center-for-threat-informed-defense/insider-threat-ttp-kb

The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.

ctid cyber-threat-intelligence cybersecurity insider-threat mitre-attack threat-informed-defense

Last synced: 13 Apr 2025

https://github.com/center-for-threat-informed-defense/top-attack-techniques

Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques to focus on first.

ctid cyber-threat-intelligence cybersecurity mitre-attack

Last synced: 10 Feb 2026

https://github.com/jimmy-ly00/ransomware-poc

A simple, fully python ransomware PoC using AES-CTR and RSA. Supports Windows, Linux and macOS

data-encrypted-for-impact mitre mitre-attack python python-ransomware-poc python3 ransomware ransomware-poc t1486 ta0040 wastedlocker

Last synced: 13 Apr 2025

https://github.com/mvelazc0/attack2jira

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

attack-coverage detection-engineering mitre mitre-attack

Last synced: 24 Dec 2025

https://github.com/mitre-atlas/atlas-data

ATLAS tactics, techniques, and case studies data

ai-security machine-learning mitre-atlas mitre-attack security

Last synced: 29 Nov 2025

https://github.com/center-for-threat-informed-defense/attack-powered-suit

ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, context menus, and ATT&CK Navigator integration.

browser-extension chrome-extension ctid cyber-threat-intelligence mitre-attack

Last synced: 07 Apr 2025

https://github.com/ReconInfoSec/rhq

Recon Hunt Queries

dfir incident-response mitre-attack osquery threat-hunting

Last synced: 11 Jul 2025

https://github.com/0xtf/nsm-attack

Mapping NSM rules to MITRE ATT&CK

mitre-attack network-security-monitoring nsm suricata suricata-rules threat-intelligence

Last synced: 10 Feb 2026

https://github.com/mitre/engage

MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.

active-defense cyber-deception cyberdefense cybersecurity deception mitre mitre-attack mitre-corporation

Last synced: 02 Aug 2025

https://github.com/mitre-attack/attack-evals

ATT&CK Evaluations website (DEPRECATED)

cti cyber-threat-intelligence cybersecurity mitre-attack mitre-corporation

Last synced: 02 May 2025

https://github.com/mthcht/threathunting-keywords-sigma-rules

Sigma detection rules for hunting with the threathunting-keywords project

blueteam detection-engineering detection-rules dfir forensicartifacts mitre-attack siem sigma-rules threat-detection threat-hunting threathunting

Last synced: 10 Oct 2025

https://github.com/center-for-threat-informed-defense/cloud-analytics

Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as well as a blueprint for how others can create and use cloud analytics effectively.

analytics cloud cloud-computing ctid cyber-analytics cyber-threat-intelligence cybersecurity mitre-attack

Last synced: 25 Jan 2026

https://github.com/omergunal/Attacker-Group-Predictor

Tool to predict attacker groups from the techniques and software used

apt-groups mitre-attack security-tools

Last synced: 11 Jul 2025

https://github.com/center-for-threat-informed-defense/sensor-mappings-to-attack

Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help detect real-world adversary behaviors in their environments.

ctid cyber-defense cyber-tools cybersecurity mitre-attack threat-informed-defense

Last synced: 01 Aug 2025

https://github.com/west-wind/Threat-Hunting-With-Splunk

Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise

arcanedoor bpfdoor bpfdoor-detection cve-2024-20353 cve-2024-20359 detection detection-engineering esxi-malware esxi-ransomware line-dancer line-runner mitre-attack rtm-locker splunk text4shell vulnerability

Last synced: 31 Mar 2025

https://github.com/center-for-threat-informed-defense/technique-inference-engine

TIE is a machine learning model for inferring associated MITRE ATT&CK techniques from previously observed techniques.

ctid cyber-threat-intelligence cybersecurity machine-learning mitre-attack threat-informed-dense

Last synced: 12 Apr 2025

https://github.com/sysflow-telemetry/sysflow

SysFlow documentation and issues tracker

cloud cloud-native docker edge-detection elk kubernetes mitre-attack monitoring security telemetry

Last synced: 08 May 2025

https://github.com/center-for-threat-informed-defense/summiting-the-pyramid

Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research includes a scoring model, methodology, and worked examples.

ctid cyber-analytics cybersecurity detection-engineering mitre-attack threat-informed-defense

Last synced: 28 Jan 2026

https://github.com/lightspin-tech/lightspin-2022-top-7-attack-paths

Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

attack-paths attack-surface aws-security awssecurity azure-security azuresecurity cloud-security cloudsecurity gcp-security mitre-attack ttps

Last synced: 11 May 2025

https://github.com/vmapps/attack2neo

Import Mitre Att&ck into Neo4j database

cypher mitre-attack neo4j py2neo

Last synced: 29 Jun 2025

https://github.com/center-for-threat-informed-defense/sightings_ecosystem

Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE ATT&CK® techniques observed to give defenders real data on technique prevalence.

ctid cyber-threat-intelligence cybersecurity data-science data-visualization mitre-attack

Last synced: 12 Apr 2025

https://github.com/eremit4/Akamaru

Sniffing out well-known threat groups

apt-groups cti hunting mitre-attack mitre-attack-db python ransomlook ransomware-resources sentinelone threat-hunting threat-intelligence threathunting threatintel

Last synced: 03 Sep 2025

https://github.com/vectra-ai-research/Halberd

Cloud security testing tool to execute a comprehensive array of attack techniques across multiple surfaces via a simple web interface.

attack-defense aws azure azuread blueteam-tools cloud-security detection entra-id m365 microsoft mitre-attack offensive-security offensivesecurity redteam redteam-tools security-testing security-tools ttp

Last synced: 06 Mar 2025

https://github.com/vincenzocaputo/obsidian-mitre-attack

Parse MITRE ATT&CK to markdown for Obsidian

markdown mitre-attack obsidian stix

Last synced: 09 Jul 2025

https://github.com/hrbrmstr/attckr

⚔️MITRE ATT&CK Machinations in R

cybersecurity mitre-attack r rstats threat-intelligence

Last synced: 29 Oct 2025

https://github.com/center-for-threat-informed-defense/attack-sync

ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® version updates into their internal systems and processes.

ctid cybersecurity mitre-attack threat-informed-defense

Last synced: 12 Apr 2025

https://github.com/damonmohammadbagher/bev4

BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detections via yaml files

atomic-red-team blue-team-tool blueteaming event-monitoring eventviewer mitre-attack real-time realtime-monitoring threat-hunting-via-eventlogs threat-hunting-via-sysmon

Last synced: 05 Sep 2025

https://github.com/alsch092/modifyexports

Research of modifying exported function names at runtime (C/C++, Windows)

injection malware malware-analysis malware-evasion mitre-attack reverse-engineering windows-programming

Last synced: 05 May 2025

https://github.com/shadawck/mitrecve

Get all cve corresponding to a specific keyword or a list of keywords from the mitre database (https://cve.mitre.org/)

api cli cve cve-scanning cve-search dependencies mitre mitre-api mitre-attack security security-scanner security-tools

Last synced: 13 Apr 2025

https://github.com/center-for-threat-informed-defense/m3tid

The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activities associated with its practice.

adversary-emulation ctid cyber-threat-intelligence cybersecurity detection-engineering mitre-attack threat-informed-defense

Last synced: 13 Feb 2026

https://github.com/secureworks/atomic-harness

A tool to run and validate telemetry for Atomic Red Team tests

atomic-red-team automation edr mitre-attack osquery

Last synced: 16 Jan 2026

https://github.com/center-for-threat-informed-defense/defending-iaas-with-attack

Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a methodology for creating technique collections.

ctid cybersecurity iaas mitre-attack threat-informed-defense

Last synced: 10 Nov 2025

https://github.com/yogsec/dorkterm

DorkTerm is a terminal-themed web-based security tool designed to assist security researchers in performing Google Dork queries efficiently. The tool generates multiple Google Dork search queries for a given domain and opens them in new browser tabs to help identify potential vulnerabilities.

bug-bounty-tools cyber-security cybersecurity cybersecurity-tools dorking-tool dorkterm forensic-tool google-dork google-dork-software google-dork-tool google-tool hacking-tool hacking-tools mitre mitre-attack osint osint-tool yogsec

Last synced: 27 Jun 2025

https://github.com/mehgrmlhmpf/AttackGraphGeneratorMasterThesis

This work shows the viability of automatically generated attack graphs that are used for adversary behavior execution in industrial control system environments. This viability is evaluated and confirmed with expert interviews about results of this thesis, generated attack graphs and an implemented prototype.

adversary-emulation attack-graphs ics ics-security mitre-attack

Last synced: 11 Jul 2025