center-for-threat-informed-defense / sightings_ecosystem
Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE ATT&CK® techniques observed to give defenders real data on technique prevalence.
☆34Updated 9 months ago
Alternatives and similar repositories for sightings_ecosystem:
Users that are interested in sightings_ecosystem are comparing it to the libraries listed below
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆72Updated 9 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆35Updated last month
- Open Threat-Informed Detection Engineering☆32Updated 3 weeks ago
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆50Updated this week
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆34Updated 2 years ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆49Updated 7 months ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆50Updated 2 years ago
- Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-tech…☆52Updated 2 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- A MITRE ATT&CK Lookup Tool☆45Updated 9 months ago
- Slides of my public talks☆49Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆38Updated 9 months ago
- Automatic detection engineering technical state compliance☆53Updated 6 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆52Updated this week
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆22Updated 2 months ago
- A home for detection content developed by the delivr.to team☆64Updated last week
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆60Updated 9 months ago
- ShellSweeping the evil.☆52Updated 7 months ago
- ☆41Updated 2 years ago
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆11Updated 4 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆60Updated 2 years ago
- A repository of Sysmon For Linux configuration modules☆15Updated 3 years ago
- A community event for security researchers to share their favorite notebooks☆107Updated 11 months ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- ☆41Updated 9 months ago
- Threat Hunter's Knowledge Base☆22Updated 3 years ago
- yara detection rules for hunting with the threathunting-keywords project☆94Updated this week
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆66Updated 2 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆62Updated 9 months ago