🔍 Framework ML/DL per analisi avanzata di log di sicurezza e detection di attacchi informatici. Identifica pattern MITRE ATT&CK, valuta l'efficacia delle regole Sigma, e automatizza la threat detection con ensemble di modelli. Dashboard interattive e analisi comportamentali.

Simulated phishing-to-persistence attack using a fake Adobe updater, with full red team execution and blue team detection analysis.

🛡️ Ever wonder how hackers break into companies? 💀 This interactive platform lets you simulate REAL Active Directory attacks (Password Spray, Kerberoasting, Pass-the-Hash, Golden Ticket) while learning how to DEFEND against them! 🔐 | Built to show both sides of the cybersecurity coin 🪙 | Attack. Detect. Defend. Learn. Repeat. 🔄

For educational and cybersecurity purposes.

This tool allows you to prioritize MITRE ATT&CK techniques for your adversaries and collect corresponding NIST SP 800-53 security controls.

Lab-based red team & penetration testing portfolio

CVE Threat Intelligence Toolkit is a research-support platform for security analysts. It connects multiple data sources and tools to help reconstruct CVEs, prepare environments, and extract key behaviors using LLMs.

Curated CTI investigations and queries

Templates and tools to enable continuous OT security threat modeling

Zénith is a multi-lingual cybersecurity AI NLP security verification chatbot in development that references the MITRE ATT&CK Framework, OSCP solution guides, and current cyber ops TTP to assist companies with the ongoing issue of ransomware attacks on their systems. Zenith is designed to source information from open-source intelligence platforms…

A web application assisting network defenders, analysts, and researchers in the process of mapping adversarial behaviors to MITRE ATT&CK, ACSC ISM and NIST 800-53 frameworks.

Previous ATT&CK releases as seen at https://attack.mitre.org/resources/previous-versions/

Script to produce ATT&CK CSV files and MITRE ATT&CK CSV data storage

MITRE Evaluations Database

MITRE ATT&CK visualizations

DorkTerm is a terminal-themed web-based security tool designed to assist security researchers in performing Google Dork queries efficiently. The tool generates multiple Google Dork search queries for a given domain and opens them in new browser tabs to help identify potential vulnerabilities.

Automatically analyze Cyber Threat Intelligence (CTI) reports using machine learning (ML) to identify MITRE ATT&CK techniques (T-Codes)

This central repository is crafted for cybersecurity enthusiasts, researchers, and professionals aiming to advance their skills. It offers valuable resources for those focused on analyzing and understanding different types of malware.

Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively

ATT&CK Evaluations website (DEPRECATED)