center-for-threat-informed-defense / threat-modeling-with-attackLinks
Threat Modeling with ATT&CK defines how to integreate MITRE ATT&CK® into your organization’s existing threat modeling methodology.
☆12Updated 6 months ago
Alternatives and similar repositories for threat-modeling-with-attack
Users that are interested in threat-modeling-with-attack are comparing it to the libraries listed below
Sorting:
- An index of publicly available and open-source threat detection rulesets.☆132Updated 7 months ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆161Updated last week
- Mapping of open-source detection rules and atomic tests.☆190Updated 10 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆291Updated last month
- A starter pack of resources to help you get started in Detection Engineering.☆176Updated 3 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Updated last year
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆114Updated last year
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆82Updated 3 weeks ago
- ☆168Updated 2 months ago
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆103Updated 2 years ago
- Knowledge base on cybercriminal concealment techniques☆80Updated 7 months ago
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆203Updated 2 weeks ago
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆133Updated 2 weeks ago
- A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…☆151Updated 2 years ago
- ☆96Updated 2 weeks ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆17Updated 11 months ago
- ☆117Updated 6 months ago
- Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and evict…☆152Updated last week
- OWASP Foundation web repository☆40Updated this week
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆272Updated 8 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- Halberd : Multi-Cloud Agentic Attack Tool☆323Updated last month
- ☆100Updated this week
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆118Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆159Updated 8 months ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆143Updated 3 years ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆59Updated 3 years ago
- AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CK☆189Updated 2 weeks ago
- Rules shared by the community from 100 Days of YARA 2025☆37Updated 10 months ago
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆32Updated 8 months ago