Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help detect real-world adversary behaviors in their environments.
☆51Jun 21, 2025Updated 8 months ago
Alternatives and similar repositories for sensor-mappings-to-attack
Users that are interested in sensor-mappings-to-attack are comparing it to the libraries listed below
Sorting:
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆57Mar 2, 2026Updated last week
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆54Updated this week
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆408Updated this week
- Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…☆14May 28, 2025Updated 9 months ago
- List of links and resources referred to in my SANS OSINT Summit 2024 Talk "OSINT On The Russian Internet"☆11Feb 29, 2024Updated 2 years ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- ☆12Jan 5, 2021Updated 5 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- A simple utility to generate real File and Active Directory activity in lab environments for the purposes of monitoring changes and detec…☆11Dec 4, 2018Updated 7 years ago
- Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…☆15Jun 5, 2023Updated 2 years ago
- ☆12Aug 8, 2022Updated 3 years ago
- This is the Network Flow Generator for ICSSIM☆17Aug 28, 2025Updated 6 months ago
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆719Nov 14, 2025Updated 3 months ago
- OSSEM Detection Model☆183Oct 11, 2022Updated 3 years ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- �☆261May 9, 2024Updated last year
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆24Dec 5, 2025Updated 3 months ago
- A collection of tools, scripts and personal research☆157Feb 2, 2026Updated last month
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆110Feb 6, 2026Updated last month
- Rules generated from our investigations.☆204Jun 17, 2025Updated 8 months ago
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆551May 6, 2025Updated 10 months ago
- ☆17Jul 20, 2024Updated last year
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆38May 28, 2025Updated 9 months ago
- ☆40Feb 23, 2023Updated 3 years ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆174Feb 22, 2026Updated 2 weeks ago
- ☆17Jul 17, 2024Updated last year
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆114Nov 19, 2024Updated last year
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- Mapping of open-source detection rules and atomic tests.☆202Feb 16, 2026Updated 3 weeks ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆127Dec 5, 2023Updated 2 years ago
- MITRE Shield website☆19Oct 20, 2021Updated 4 years ago
- Smarter Asset Search, Faster Information Extraction ZoomEye GPT is a browser extension designed specifically for cybersecurity profession…☆25Apr 30, 2025Updated 10 months ago
- Detect Tactics, Techniques & Combat Threats☆2,268Jan 21, 2026Updated last month
- A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE AT…☆1,208Feb 20, 2026Updated 2 weeks ago
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆25Oct 14, 2024Updated last year
- IBM RedCON 2020 - Throwing an AquaWrench into the Kernel☆44Aug 25, 2020Updated 5 years ago
- A tool that allows you to document and assess any security automation in your SOC☆49Oct 31, 2024Updated last year
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆149Jul 9, 2025Updated 8 months ago