Elemental - An ATT&CK Threat Library
☆318Dec 8, 2022Updated 3 years ago
Alternatives and similar repositories for Elemental
Users that are interested in Elemental are comparing it to the libraries listed below
Sorting:
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆91Dec 8, 2022Updated 3 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- Utilities for MITRE™ ATT&CK☆1,050Jan 3, 2026Updated 2 months ago
- Detect Tactics, Techniques & Combat Threats☆2,268Jan 21, 2026Updated last month
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,079Nov 28, 2024Updated last year
- An ELK environment containing interesting security datasets.☆136May 11, 2020Updated 5 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,174Jul 26, 2023Updated 2 years ago
- Windows Events Attack Samples☆2,526Jan 24, 2023Updated 3 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆568Dec 19, 2025Updated 3 months ago
- An Active Defense and EDR software to empower Blue Teams☆1,315Aug 10, 2023Updated 2 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆723Dec 26, 2022Updated 3 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- Data exfiltration utility for testing detection capabilities☆56Jan 13, 2022Updated 4 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆356Nov 3, 2020Updated 5 years ago
- Re-play Security Events☆1,728Mar 20, 2024Updated last year
- A tool to assess data quality, built on top of the awesome OSSEM.☆80Jul 29, 2022Updated 3 years ago
- Actionable analytics designed to combat threats☆1,004May 25, 2022Updated 3 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- Open Source Security Events Metadata (OSSEM)☆1,289Feb 27, 2023Updated 3 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Sep 13, 2023Updated 2 years ago
- Repo containing docker-compose files and setup scripts without having to clone the individual reternal components☆110Mar 25, 2021Updated 4 years ago
- Defanged Indicator of Compromise (IOC) Extractor.☆569Aug 28, 2024Updated last year
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- DFIRTrack - The Incident Response Tracking Application☆533Jan 13, 2026Updated 2 months ago
- Extract and aggregate threat intelligence.☆908Jan 31, 2024Updated 2 years ago
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,314Jan 22, 2025Updated last year
- Import specific data sources into the Sigma generic and open signature format.☆79May 6, 2022Updated 3 years ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆822Jul 8, 2020Updated 5 years ago
- Automated Adversary Emulation Platform☆6,811Mar 9, 2026Updated last week
- A toolset to make a system look as if it was the victim of an APT attack☆2,722Sep 23, 2025Updated 5 months ago
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆85Jan 9, 2022Updated 4 years ago
- Utilities for Sysmon☆1,576Sep 21, 2025Updated 5 months ago
- Binary String Toolkit (BST). Quickly and easily convert binary strings for all your exploit development needs.☆23Jul 27, 2018Updated 7 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 3 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆808May 11, 2023Updated 2 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,501Jan 12, 2026Updated 2 months ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago