Small and highly portable detection tests based on MITRE's ATT&CK.

Automated Adversary Emulation Platform

Tools and Techniques for Red Team / Penetration Testing

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

Web app that provides basic navigation and annotation of ATT&CK matrices

A repository of sysmon configuration modules

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.

OpenCTI Connectors

Windows Events Attack Samples

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

A collection of sources of documentation, as well as field best practices, to build/run a SOC

Utilities for MITRE™ ATT&CK

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

An Active Defense and EDR software to empower Blue Teams

Actionable analytics designed to combat threats