center-for-threat-informed-defense / threat-modeling-with-attackLinks
Threat Modeling with ATT&CK defines how to integreate MITRE ATT&CK® into your organization’s existing threat modeling methodology.
☆12Updated 7 months ago
Alternatives and similar repositories for threat-modeling-with-attack
Users that are interested in threat-modeling-with-attack are comparing it to the libraries listed below
Sorting:
- An index of publicly available and open-source threat detection rulesets.☆131Updated 8 months ago
- A starter pack of resources to help you get started in Detection Engineering.☆178Updated 4 months ago
- Knowledge base on cybercriminal concealment techniques☆91Updated 8 months ago
- Mapping of open-source detection rules and atomic tests.☆193Updated 11 months ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆83Updated 3 weeks ago
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆204Updated last month
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Updated last year
- A collection of companies that disclose adversary TTPs after they have been breached☆291Updated last month
- A tool that allows you to document and assess any security automation in your SOC☆48Updated last year
- NOVA: The Prompt Pattern Matching☆62Updated 2 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆116Updated last year
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆163Updated last month
- Open Threat Hunting Framework☆122Updated 2 years ago
- HASH (HTTP Agnostic Software Honeypot)☆141Updated last year
- A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…☆152Updated 2 years ago
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆137Updated last month
- ☆96Updated last month
- Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and evict…☆154Updated last month
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆180Updated 7 months ago
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆10Updated this week
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆60Updated 3 years ago
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆35Updated 9 months ago
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆103Updated 2 years ago
- Rules shared by the community from 100 Days of YARA 2025☆39Updated last week
- ☆74Updated 3 weeks ago
- ☆169Updated 3 months ago
- God Mode Detection Rules☆134Updated last year
- Backdoors & Breaches: Campaigns. These are short guides to help Incident Captains by giving them game ideas based on actual breaches.☆42Updated 2 years ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆160Updated 9 months ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆144Updated 3 years ago