center-for-threat-informed-defense / technique-inference-engineView external linksLinks
TIE is a machine learning model for inferring associated MITRE ATT&CK techniques from previously observed techniques.
☆65Apr 19, 2025Updated 9 months ago
Alternatives and similar repositories for technique-inference-engine
Users that are interested in technique-inference-engine are comparing it to the libraries listed below
Sorting:
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆38May 28, 2025Updated 8 months ago
- ☆11Dec 9, 2025Updated 2 months ago
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 3 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆82Jun 9, 2025Updated 8 months ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆15Dec 3, 2020Updated 5 years ago
- Easily write tests and fuzz many different programs.☆12Dec 13, 2022Updated 3 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- MBC v2.x expressed in STIX 2.1 JSON☆16Oct 3, 2023Updated 2 years ago
- Augmentation to Machine Readable CTI☆37Sep 9, 2025Updated 5 months ago
- Terraform scripts for deploying OpenCTI to AWS, Azure, and GCP☆33Apr 2, 2024Updated last year
- The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activ…☆16Jun 25, 2025Updated 7 months ago
- ☆15May 26, 2021Updated 4 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago
- Extract the Procedures (TTP) from CTI reports☆16Dec 13, 2025Updated 2 months ago
- This extension provide a Python panel for writing custom proxy script.☆16Aug 26, 2019Updated 6 years ago
- Catalog Red Team techniques that cause popups in various macOS versions☆15Nov 18, 2024Updated last year
- A threat sighting collects the behavior of a real threats and the observables used during its engagement.☆12Mar 29, 2022Updated 3 years ago
- ETW forensic tool for Volatility3 plugin☆17Nov 15, 2024Updated last year
- AIL project training materials☆39Jul 17, 2025Updated 7 months ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆42Jan 20, 2026Updated 3 weeks ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 2 years ago
- A robust command-line tool built in Rust that makes merging and deduplicating text files a breeze. Whether you're dealing with small file…☆19Jan 23, 2026Updated 3 weeks ago
- OASIS TC Open Repository: STIX Enhancement Proposals (SEPs) https://github.com/oasis-open/cti-sep-repository☆16Jun 15, 2023Updated 2 years ago
- A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface☆17Jan 10, 2020Updated 6 years ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆46Jan 22, 2025Updated last year
- Tool to download, install, and run macOS capable command & control servers (i.e., C2s with macOS payloads/clients) as docker containers f…☆19Dec 29, 2020Updated 5 years ago
- Enumerate Location Services using CoreLocation API on macOS☆18Dec 2, 2021Updated 4 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/c…☆43Apr 15, 2024Updated last year
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆713Nov 14, 2025Updated 3 months ago
- Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.☆23Apr 22, 2021Updated 4 years ago
- Tutorial for Node.js security☆21Sep 4, 2020Updated 5 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆22Dec 7, 2025Updated 2 months ago
- A collection of CVEs weaponized by ransomware operators☆129Oct 13, 2025Updated 4 months ago
- ☆15Jul 20, 2022Updated 3 years ago
- ☆23Mar 6, 2023Updated 2 years ago
- A command-line whois - like client for the WHOIS and WHOIS History APIs by WhoisXML API Inc.☆19Feb 9, 2022Updated 4 years ago
- Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework☆22Jan 22, 2021Updated 5 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆23Apr 28, 2019Updated 6 years ago