mitre

Small and highly portable detection tests based on MITRE's ATT&CK.

Automated Adversary Emulation Platform

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

Utilities for MITRE™ ATT&CK

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

A PowerShell script to interact with the MITRE ATT&CK Framework via its own API

Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

A social experiment

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

A simple, fully python ransomware PoC using AES-CTR and RSA. Supports Windows, Linux and macOS

🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)

This tool maps a file's behavior on MITRE ATT&CK matrix.

Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST

Detection rules for Hayabusa

This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.

Library of threat hunts to get any user started!

Zénith is a multi-lingual cybersecurity AI NLP security verification chatbot in development that references the MITRE ATT&CK Framework, OSCP solution guides, and current cyber ops TTP to assist companies with the ongoing issue of ransomware attacks on their systems. Zenith is designed to source information from open-source intelligence platforms to relay situationally relevant intelligence and achieve cyber objectives through automated processes.

MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.

MITRE package gives you an approach to cybersecurity data sets.

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

A list of useful Detection Engineering-related resources.

Actionable analytics designed to combat threats based on MITRE's ATT&CK.

Repository for the Deprecated MITRE Capture the Flag scoreboard.

Security R package with a set of utils to analyse the different industry standards (MITRE and NIST).

MITRE Evaluations Database

Mitre Framework Based Quantitative Risk Simulation