MITRE ATT&CK Windows Logging Cheat Sheets
☆348Nov 8, 2018Updated 7 years ago
Alternatives and similar repositories for ATTACK
Users that are interested in ATTACK are comparing it to the libraries listed below
Sorting:
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆355Nov 3, 2020Updated 5 years ago
- Detect Tactics, Techniques & Combat Threats☆2,264Jan 21, 2026Updated last month
- Windows Events Attack Samples☆2,517Jan 24, 2023Updated 3 years ago
- A repository for using windows event forwarding for incident detection and response☆1,299Sep 8, 2025Updated 5 months ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,174Jul 26, 2023Updated 2 years ago
- Utilities for MITRE™ ATT&CK☆1,050Jan 3, 2026Updated 2 months ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,078Nov 28, 2024Updated last year
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,492Jan 12, 2026Updated last month
- A repository of sysmon configuration modules☆2,987Aug 21, 2024Updated last year
- Re-play Security Events☆1,725Mar 20, 2024Updated last year
- ☆1,090May 1, 2019Updated 6 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆223May 1, 2021Updated 4 years ago
- TrustedSec Sysinternals Sysmon Community Guide☆1,372Feb 10, 2026Updated 3 weeks ago
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,136Oct 19, 2025Updated 4 months ago
- A curated list of awesome resources related to Mitre ATT&CK™ Framework☆615Sep 14, 2019Updated 6 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆568Dec 19, 2025Updated 2 months ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆621Jun 26, 2024Updated last year
- An informational repo about hunting for adversaries in your IT environment.☆1,854Nov 17, 2021Updated 4 years ago
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,313Jan 22, 2025Updated last year
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆730Jan 21, 2020Updated 6 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆806May 11, 2023Updated 2 years ago
- Cyber Analytics Repository☆986May 16, 2025Updated 9 months ago
- Mitre Att&ck Technique Emulation☆82Mar 6, 2019Updated 7 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,452Updated this week
- ☆77Jul 22, 2020Updated 5 years ago
- Logging Made Easy☆710Nov 1, 2023Updated 2 years ago
- An information security preparedness tool to do adversarial simulation.☆1,137Apr 1, 2019Updated 6 years ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,632Updated this week
- A toolset to make a system look as if it was the victim of an APT attack☆2,714Sep 23, 2025Updated 5 months ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆822Jul 8, 2020Updated 5 years ago
- Repository for my ATT&CK analysis research.☆70May 16, 2019Updated 6 years ago
- ☆2,392Oct 14, 2023Updated 2 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Sysmon configuration file template with default high-quality event tracing☆5,410Jul 3, 2024Updated last year
- Signature engine for all your logs☆172Nov 13, 2023Updated 2 years ago