Stars
A little tool to play with Windows security
Empire is a PowerShell and Python post-exploitation agent.
Automate the creation of a lab environment complete with security tooling and logging best practices
Web app that provides basic navigation and annotation of ATT&CK matrices
Detect Tactics, Techniques & Combat Threats
Cyber Threat Intelligence Repository expressed in STIX 2.0
Template-Driven AV/EDR Evasion Framework
Binary analysis and management framework
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Apache Kafka client for Python; high-level & low-level consumer/producer, with great performance.
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (pa…
Actionable analytics designed to combat threats
PowerShell Remote Download Cradle Generator & Obfuscator
A tool to retrieve malware directly from the source for security researchers.
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
STIX data representing MITRE ATT&CK
An unofficial nodejs API wrapper for Hyundai bluelink and Kia UVO
This content is analysis and research of the data sources currently listed in ATT&CK.
🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.
Steal a primary token and spawn cmd.exe using the stolen token
Dettectinator - The Python library to your DeTT&CT YAML files.
attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage