facebookincubator / ForgeArmoryLinks
ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
☆118Updated last year
Alternatives and similar repositories for ForgeArmory
Users that are interested in ForgeArmory are comparing it to the libraries listed below
Sorting:
- Mapping of open-source detection rules and atomic tests.☆177Updated 8 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆84Updated 4 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆89Updated 2 years ago
- Active C&C Detector☆156Updated 2 years ago
- ☆163Updated this week
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆151Updated this week
- An index of publicly available and open-source threat detection rulesets.☆125Updated 5 months ago
- Threat Simulation Indexes☆38Updated 5 months ago
- Intel Retrieval Augmented Generation (RAG) Utilities☆90Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆83Updated last year
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆177Updated 4 months ago
- A list of RMMs designed to be used in automation to build alerts☆113Updated 5 months ago
- Open Threat Hunting Framework☆118Updated 2 years ago
- Repository that contains a set of purposefully erroneous Yara rules.☆59Updated 2 months ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated last year
- Assortment of scripts and tools for our Blackhat EU 2024 talk☆99Updated 7 months ago
- A home for detection content developed by the delivr.to team☆70Updated last month
- Canary Detection☆187Updated 4 months ago
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆397Updated last week
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆79Updated last month
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 8 months ago
- A comprehensive GenAI protection system designed to protect against malicious prompts, injection attacks, and harmful content. System inc…☆73Updated this week
- Anvilogic Forge☆108Updated 2 weeks ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆135Updated last year
- pocket guide for core detection engineering concepts☆30Updated 2 years ago
- ☆74Updated last week
- Rules shared by the community from 100 Days of YARA 2025☆35Updated 8 months ago
- ☆174Updated 2 years ago
- A repository to share publicly available Velociraptor detection content☆186Updated last week
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆102Updated last year