Elemental - An ATT&CK Threat Library
☆318Dec 8, 2022Updated 3 years ago
Alternatives and similar repositories for Elemental
Users that are interested in Elemental are comparing it to the libraries listed below
Sorting:
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆91Dec 8, 2022Updated 3 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,078Nov 28, 2024Updated last year
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- Utilities for MITRE™ ATT&CK☆1,050Jan 3, 2026Updated last month
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,173Jul 26, 2023Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,263Jan 21, 2026Updated last month
- An ELK environment containing interesting security datasets.☆136May 11, 2020Updated 5 years ago
- Windows Events Attack Samples☆2,515Jan 24, 2023Updated 3 years ago
- Data exfiltration utility for testing detection capabilities☆56Jan 13, 2022Updated 4 years ago
- An Active Defense and EDR software to empower Blue Teams☆1,316Aug 10, 2023Updated 2 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆574Dec 12, 2021Updated 4 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆568Dec 19, 2025Updated 2 months ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆723Dec 26, 2022Updated 3 years ago
- Repo containing docker-compose files and setup scripts without having to clone the individual reternal components☆112Mar 25, 2021Updated 4 years ago
- Actionable analytics designed to combat threats☆1,006May 25, 2022Updated 3 years ago
- Re-play Security Events☆1,723Mar 20, 2024Updated last year
- A tool to assess data quality, built on top of the awesome OSSEM.☆80Jul 29, 2022Updated 3 years ago
- Open Source Security Events Metadata (OSSEM)☆1,287Feb 27, 2023Updated 3 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆355Nov 3, 2020Updated 5 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,314Jan 22, 2025Updated last year
- Defanged Indicator of Compromise (IOC) Extractor.☆567Aug 28, 2024Updated last year
- DFIRTrack - The Incident Response Tracking Application☆532Jan 13, 2026Updated last month
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Sep 13, 2023Updated 2 years ago
- Automated Adversary Emulation Platform☆6,761Feb 17, 2026Updated last week
- Extract and aggregate threat intelligence.☆906Jan 31, 2024Updated 2 years ago
- A toolset to make a system look as if it was the victim of an APT attack☆2,715Sep 23, 2025Updated 5 months ago
- Penetration testing utility and antivirus assessment tool.☆315Apr 25, 2023Updated 2 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,486Jan 12, 2026Updated last month
- Utilities for Sysmon☆1,574Sep 21, 2025Updated 5 months ago
- Import specific data sources into the Sigma generic and open signature format.☆79May 6, 2022Updated 3 years ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆822Jul 8, 2020Updated 5 years ago
- EventList☆377Mar 21, 2021Updated 4 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,400Nov 7, 2024Updated last year
- A query aggregator for OSINT based threat hunting☆930Jan 23, 2026Updated last month
- Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring☆117Oct 14, 2025Updated 4 months ago