ATT&CK Evaluations website (DEPRECATED)
☆62Apr 30, 2021Updated 4 years ago
Alternatives and similar repositories for attack-evals
Users that are interested in attack-evals are comparing it to the libraries listed below
Sorting:
- CARET - A tool for viewing cyber analytic relationships☆27Aug 21, 2020Updated 5 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Sep 14, 2023Updated 2 years ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆593Dec 11, 2023Updated 2 years ago
- MITRE ATT&CK Website☆571Updated this week
- Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/SigmaHQ/sigma)☆15Feb 1, 2021Updated 5 years ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 6 months ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆534Apr 20, 2021Updated 4 years ago
- Mock STIX data demonstrating the new data source representation☆16Sep 13, 2023Updated 2 years ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Cyber Analytics Repository☆991May 16, 2025Updated 10 months ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Sep 13, 2023Updated 2 years ago
- MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…☆15Dec 24, 2023Updated 2 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆2,345Updated this week
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆354Oct 6, 2021Updated 4 years ago
- check cmd execute☆14Feb 4, 2017Updated 9 years ago
- OpenDXL Console is a high-level web-based console for interacting with a DXL fabric☆11Mar 29, 2021Updated 4 years ago
- Some YARA rules i will add from time to time☆12May 31, 2019Updated 6 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- 《横向移动攻击与检测技术》专栏文章☆17Sep 5, 2019Updated 6 years ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆412Sep 13, 2023Updated 2 years ago
- Active Directory information dumper via LDAP☆13Mar 5, 2020Updated 6 years ago
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆13May 18, 2021Updated 4 years ago
- Scripts to threat optics stack quickly / abbreviated and automated. Run after APT-Lab-Terraform☆13Oct 24, 2020Updated 5 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆622Jun 26, 2024Updated last year
- A Yara rule generator for finding related samples and hunting☆162Sep 11, 2022Updated 3 years ago
- The repository accompanying the Buer Emulation workshop☆24Aug 18, 2021Updated 4 years ago
- Microsoft Windows HTA (HTML Application) - Remote Code Execution☆30Aug 21, 2015Updated 10 years ago
- [DEPRECATED] An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This r…☆13Aug 16, 2023Updated 2 years ago
- OpenDXL Broker is an open source version of a Data Exchange Layer (DXL) broker☆14Feb 11, 2024Updated 2 years ago
- LDAP library for auditing MS AD☆13Nov 28, 2023Updated 2 years ago
- This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/Enterprise…☆94Apr 22, 2020Updated 5 years ago
- Exchange your privileges for Domain Admin privs by abusing Exchange☆17Mar 5, 2020Updated 6 years ago
- Use to perform Microsoft exchange account brute-force.☆73Apr 17, 2021Updated 4 years ago
- A multi-platform .Net wrapper library for the native Yara library.☆39Jun 30, 2023Updated 2 years ago
- Collection of resources related to the Center for Threat-Informed Defense☆77May 22, 2024Updated last year
- User Feedback Space of #MitreAssistant☆38May 19, 2023Updated 2 years ago
- Graylog package build recipes☆18Mar 9, 2026Updated last week
- This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.☆80Apr 28, 2023Updated 2 years ago
- pcaps for Wireshark tutorial about examining Dridex infection traffic☆17Oct 8, 2020Updated 5 years ago