RealityNet/attack-coverage

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/RealityNet/attack-coverage)

RealityNet / attack-coverage

an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques

☆187

Alternatives and similar repositories for attack-coverage

Users that are interested in attack-coverage are comparing it to the libraries listed below

Sorting:

quitehacker / MITRE-ATTACK-Enterprise-Matrix-in-Excel-for-SOC
View on GitHub
The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simp…
☆34Nov 13, 2025Updated 4 months ago
splunk / attack_data
View on GitHub
A repository of curated datasets from various attacks
☆746Updated this week
jasonsford / intel_collector
View on GitHub
Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.
☆31Nov 6, 2023Updated 2 years ago
secgroundzero / ossem_modular
View on GitHub
OSSEM Modular
☆27Jun 29, 2020Updated 5 years ago
WillOram / AzureAD-incident-response
View on GitHub
Notes on responding to security breaches relating to Azure AD
☆121Mar 14, 2022Updated 4 years ago
OTRF / Blacksmith
View on GitHub
Building environments to replicate small networks and deploy applications
☆330Jan 9, 2026Updated 2 months ago
rabobank-cdc / dettect-editor
View on GitHub
DeTT&CT Editor
☆12Jan 21, 2026Updated 2 months ago
3CORESec / S2AN
View on GitHub
S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
☆91Dec 8, 2022Updated 3 years ago
splunk / macro-level-attack-trending
View on GitHub
Aggregated ATT&CK technique reporting data. Presented at Splunk GovSummit December 2022
☆17Jul 18, 2025Updated 8 months ago
SecurityRiskAdvisors / dredd
View on GitHub
Automated detection rule analysis utility
☆28Sep 22, 2022Updated 3 years ago
sbousseaden / EVTX-ATTACK-SAMPLES
View on GitHub
Windows Events Attack Samples
☆2,526Jan 24, 2023Updated 3 years ago
rabobank-cdc / DeTTECT
View on GitHub
Detect Tactics, Techniques & Combat Threats
☆2,268Jan 21, 2026Updated 2 months ago
OllieJC / tbat
View on GitHub
Threat Box Assessment Tool
☆19Mar 5, 2026Updated 2 weeks ago
filipi86 / httpdoom
View on GitHub
HttpDoom is a tool for response-based inspection of websites across a large amount of hosts for quickly gaining an overview of HTTP-base…
☆23Aug 10, 2021Updated 4 years ago
sfakiana / SANS-CTI-Summit-2021
View on GitHub
Resources for SANS CTI Summit 2021 presentation
☆104Nov 8, 2023Updated 2 years ago
nasbench / MindMaps
View on GitHub
#ThreatHunting #DFIR #Malware #Detection Mind Maps
☆304Nov 13, 2021Updated 4 years ago
sbousseaden / Slides
View on GitHub
Misc Threat Hunting Resources
☆377Jan 26, 2023Updated 3 years ago
Hestat / calamity
View on GitHub
A script to assist in processing forensic RAM captures for malware triage
☆26Feb 4, 2021Updated 5 years ago
3CORESec / MAL-CL
View on GitHub
MAL-CL (Malicious Command-Line)
☆322Jan 10, 2023Updated 3 years ago
SoulSec / Resource-Threat-Intelligence
View on GitHub
Repository resource threat intelligence for SOC
☆10Sep 14, 2018Updated 7 years ago
atc-project / atc-react
View on GitHub
A knowledge base of actionable Incident Response techniques
☆662May 31, 2022Updated 3 years ago
zeronetworks / BloodHound-Tools
View on GitHub
Collection of tools that reflect the network dimension into Bloodhound's data
☆446Oct 19, 2022Updated 3 years ago
Cyb3r-Monk / Threat-Hunting-and-Detection
View on GitHub
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
☆806Jan 14, 2026Updated 2 months ago
ninoseki / mihari
View on GitHub
A query aggregator for OSINT based threat hunting
☆932Mar 7, 2026Updated 2 weeks ago
AndrewRathbun / DFIRMindMaps
View on GitHub
A repository of DFIR-related Mind Maps geared towards the visual learners!
☆549Sep 2, 2022Updated 3 years ago
cocaman / analysis_scripts
View on GitHub
Collection of scripts used to analyse malware or emails
☆20Oct 6, 2020Updated 5 years ago
mdecrevoisier / EVTX-to-MITRE-Attack
View on GitHub
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
☆613Dec 8, 2025Updated 3 months ago
ion-storm / sysmon-edr
View on GitHub
Sysmon EDR POC Build within Powershell to prove ability.
☆223May 1, 2021Updated 4 years ago
wagga40 / Zircolite
View on GitHub
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
☆791Mar 14, 2026Updated last week
jshlbrd / threat-hunting-pocket-guide
View on GitHub
pocket guide for core threat hunting concepts
☆23May 6, 2020Updated 5 years ago
dwmetz / CyberPipe
View on GitHub
An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
☆340Dec 3, 2025Updated 3 months ago
0xrawsec / gene
View on GitHub
Signature engine for all your logs
☆172Nov 13, 2023Updated 2 years ago
amrandazz / attack-guardduty-navigator
View on GitHub
A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
☆139Jul 23, 2021Updated 4 years ago
3c7 / infrastructure-tracking-schema
View on GitHub
☆24Sep 28, 2022Updated 3 years ago
theflakes / reg_hunter
View on GitHub
Blueteam operational triage registry hunting/forensic tool.
☆149Sep 2, 2025Updated 6 months ago
jacobsoo / DDE-Extractor
View on GitHub
This script is used for extracting DDE in docx and xlsx
☆12Dec 8, 2017Updated 8 years ago
AndrewRathbun / Awesome-KAPE
View on GitHub
A curated list of KAPE-related resources
☆184May 1, 2025Updated 10 months ago
RealityNet / android_triage
View on GitHub
Bash script to extract data from an Android device
☆281Oct 28, 2022Updated 3 years ago
olafhartong / ATTACKdatamap
View on GitHub
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
☆356Nov 3, 2020Updated 5 years ago