Cloud Templates and scripts to deploy mordor environments
☆129Mar 3, 2021Updated 5 years ago
Alternatives and similar repositories for SimuLand
Users that are interested in SimuLand are comparing it to the libraries listed below
Sorting:
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆142Oct 12, 2020Updated 5 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- Building environments to replicate small networks and deploy applications☆330Jan 9, 2026Updated last month
- Re-play Security Events☆1,723Mar 20, 2024Updated last year
- Purple Teaming Attack & Hunt Lab - Terraform☆163Nov 29, 2021Updated 4 years ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆531Apr 20, 2021Updated 4 years ago
- Open Source Security Events Metadata (OSSEM)☆1,288Feb 27, 2023Updated 3 years ago
- A knowledge base of actionable Incident Response techniques☆662May 31, 2022Updated 3 years ago
- Understand adversary tradecraft and improve detection strategies☆712Mar 9, 2023Updated 2 years ago
- Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.☆586Jan 22, 2025Updated last year
- Cypher for Defenders: Leveraging Bloodhound Data Beyond the UI☆26Feb 8, 2024Updated 2 years ago
- Atomic Purple Team Framework and Lifecycle☆300Feb 11, 2021Updated 5 years ago
- A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-pur…☆627Mar 21, 2025Updated 11 months ago
- Applied Purple Teaming - (ITOCI4hr) - Infrastructure, Threat Optics, and Continuous Improvement - June 6, 2020☆323Jan 22, 2021Updated 5 years ago
- Detect Tactics, Techniques & Combat Threats☆2,264Jan 21, 2026Updated last month
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Jul 23, 2020Updated 5 years ago
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,486Jan 12, 2026Updated last month
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- Public Repo for Atomic Test Harness☆282Apr 8, 2025Updated 10 months ago
- ☆33Jun 27, 2022Updated 3 years ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,445Feb 24, 2026Updated last week
- TA505+ Adversary Simulation☆64Nov 30, 2020Updated 5 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆804Jan 14, 2026Updated last month
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆208Jul 21, 2022Updated 3 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,173Jul 26, 2023Updated 2 years ago
- TrustedSec Sysinternals Sysmon Community Guide☆1,372Feb 10, 2026Updated 3 weeks ago
- A toolset to make a system look as if it was the victim of an APT attack☆2,715Sep 23, 2025Updated 5 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆785Feb 22, 2026Updated last week
- MAL-CL (Malicious Command-Line)☆322Jan 10, 2023Updated 3 years ago
- A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.☆293Aug 26, 2021Updated 4 years ago
- Windows Events Attack Samples☆2,515Jan 24, 2023Updated 3 years ago
- OSSEM Detection Model☆183Oct 11, 2022Updated 3 years ago
- A framework for developing alerting and detection strategies for incident response.☆841Sep 8, 2025Updated 5 months ago
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,549Feb 10, 2026Updated 2 weeks ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆568Dec 19, 2025Updated 2 months ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆606Nov 28, 2024Updated last year
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,908Jul 6, 2024Updated last year