center-for-threat-informed-defense / sightings_ecosystem
Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE ATT&CK® techniques observed to give defenders real data on technique prevalence.
☆34Updated last month
Alternatives and similar repositories for sightings_ecosystem:
Users that are interested in sightings_ecosystem are comparing it to the libraries listed below
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆71Updated last year
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- Automatic detection engineering technical state compliance☆55Updated 9 months ago
- ☆41Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆40Updated last year
- Automated detection rule analysis utility☆29Updated 2 years ago
- Workflows for Shuffle☆21Updated 2 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆49Updated last month
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Updated 2 years ago
- A MITRE ATT&CK Lookup Tool☆45Updated last year
- A MITRE Caldera plugin☆43Updated 5 months ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆35Updated 2 years ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆63Updated last year
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆72Updated 5 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆37Updated last month
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 3 years ago
- Sharing Threat Hunting runbooks☆25Updated 5 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- ☆43Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- Kerberoast Detection Script☆30Updated 5 months ago
- MITRE Shield website☆19Updated 3 years ago
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆26Updated this week
- Azure function to insert MISP data in to Azure Sentinel☆32Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago