microsoft / CyberBattleSim

Related projects ⓘ

Alternatives and complementary repositories for CyberBattleSim

• Azure / SimuLand
  Understand adversary tradecraft and improve detection strategies
  ☆703Updated last year
• mandiant / ThreatPursuit-VM
  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…
  ☆1,237Updated last year
• mandiant / red_team_tool_countermeasures
  ☆2,649Updated 8 months ago
• nsacyber / Mitigating-Web-Shells
  Guidance for mitigation web shells. #nsacyber
  ☆967Updated last year
• cisagov / cset
  Cybersecurity Evaluation Tool
  ☆1,464Updated this week
• WithSecureLabs / chainsaw
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆2,886Updated this week
• MichaelKoczwara / Awesome-CobaltStrike-Defence
  Defences against Cobalt Strike
  ☆1,280Updated 2 years ago
• cisagov / Sparrow
  Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…
  ☆1,418Updated last year
• rabobank-cdc / DeTTECT
  Detect Tactics, Techniques & Combat Threats
  ☆2,067Updated this week
• cisagov / CHIRP
  A DFIR tool written in Python.
  ☆1,043Updated 3 years ago
• elastic / detection-rules
  ☆1,970Updated this week
• austinsonger / Incident-Playbook
  GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
  ☆1,405Updated 3 months ago
• ahmedkhlief / APT-Hunter
  APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …
  ☆1,258Updated 2 weeks ago
• mitre / cti
  Cyber Threat Intelligence Repository expressed in STIX 2.0
  ☆1,755Updated last week
• activecm / rita-legacy
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,508Updated 4 months ago
• NextronSystems / APTSimulator
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,472Updated last year
• sophos / SOREL-20M
  Sophos-ReversingLabs 20 million sample dataset
  ☆638Updated 3 years ago
• mitre-attack / attack-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆2,007Updated this week
• netevert / sentinel-attack
  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
  ☆1,061Updated last year
• center-for-threat-informed-defense / adversary_emulation_library
  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
  ☆1,726Updated 10 months ago
• thalesgroup-cert / Watcher
  Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
  ☆865Updated 2 weeks ago
• ION28 / BLUESPAWN
  An Active Defense and EDR software to empower Blue Teams
  ☆1,239Updated last year
• correlatedsecurity / Awesome-SOAR
  A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.
  ☆812Updated 2 months ago
• sans-blue-team / DeepBlueCLI
  ☆2,191Updated last year
• OTRF / Security-Datasets
  Re-play Security Events
  ☆1,605Updated 8 months ago
• alexandreborges / malwoverview
  Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…
  ☆2,970Updated last week
• hasherezade / malware_training_vol1
  Materials for Windows Malware Analysis training (volume 1)
  ☆1,937Updated 4 months ago
• microsoft / msticpy
  Microsoft Threat Intelligence Security Tools
  ☆1,775Updated this week
• ScarredMonk / SysmonSimulator
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆833Updated 2 years ago
• jstrosch / malware-samples
  Malware samples, analysis exercises and other interesting resources.
  ☆1,478Updated 10 months ago