mitre

Small and highly portable detection tests based on MITRE's ATT&CK.

Automated Adversary Emulation Platform

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

Utilities for MITRE™ ATT&CK

A PowerShell script to interact with the MITRE ATT&CK Framework via its own API

Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

A list of useful Detection Engineering-related resources.

A social experiment

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines

A simple, fully python ransomware PoC using AES-CTR and RSA. Supports Windows, Linux and macOS

🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)

Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.

This tool maps a file's behavior on MITRE ATT&CK matrix.

Detection rules for Hayabusa

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.

A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST