A PoC Corporation Relationship Knowledge Graph System on top of Nebula Graph.

Apache Druid: a high performance real-time analytics database.

Detecting ATT&CK techniques & tactics for Linux

Personal basics collection library

Python Script to access ATT&CK content available in STIX via a public TAXII server

网络安全 · 攻防对抗 · 蓝队清单，中文版

Sysmon configuration file template with default high-quality event tracing

Automate the creation of a lab environment complete with security tooling and logging best practices

This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published here. This repository is managed by the CVE Quality Working …

The new CVE website

This repo contains the source for the CVE Services API.

Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023

网络安全课本

A collection of intelligence about Log4Shell and its exploitation activity.

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

Cyber Threat Intelligence Repository expressed in STIX 2.0

OASIS Open Repository: GitHub Pages site for STIX, CybOX, and TAXII

Six Degrees of Domain Admin

CASCADE Server

Utilities for MITRE™ ATT&CK

朝鲜组织

MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform)

httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Automated Adversary Emulation Platform

A methodology for mapping MITRE ATT&CK techniques to vulnerability records to describe the impact of a vulnerability.

Automated Adversary Emulation Platform

CASCADE Server