mitre-attack / tramLinks
Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.
☆352Updated 3 years ago
Alternatives and similar repositories for tram
Users that are interested in tram are comparing it to the libraries listed below
Sorting:
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆565Updated 6 months ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆352Updated 4 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆207Updated 4 years ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆412Updated last year
- CASCADE Server☆270Updated 2 years ago
- A Python package to interact with the Mitre ATT&CK Framework☆476Updated last year
- A collection of red team and adversary emulation resources developed and released by MITRE.☆512Updated 4 years ago
- PCAP Samples for Different Post Exploitation Techniques☆363Updated 4 years ago
- Sigma rules from Joe Security☆216Updated 7 months ago
- ☆165Updated 4 years ago
- ☆173Updated 11 months ago
- Actionable analytics designed to combat threats☆989Updated 3 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆246Updated 3 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆188Updated 4 years ago
- MISP trainings, threat intel and information sharing training materials with source code☆411Updated 3 weeks ago
- A set of Zeek scripts to detect ATT&CK techniques.☆594Updated 11 months ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆585Updated last year
- Tool to extract indicators of compromise from security reports in PDF format☆436Updated 2 years ago
- A (nearly) production ready Dockered MISP☆232Updated last year
- MITRE ATT&CK Windows Logging Cheat Sheets☆340Updated 6 years ago
- ☆126Updated last year
- Documentation of TheHive☆398Updated last year
- IOC from articles, tweets for archives☆313Updated last year
- Splunk code (SPL) for serious threat hunters and detection engineers.☆284Updated last year
- 🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as…☆238Updated last year
- OSSEM Detection Model☆176Updated 2 years ago
- OASIS TC Open Repository: Python APIs for STIX 2☆388Updated last month
- Defanged Indicator of Compromise (IOC) Extractor.☆535Updated 9 months ago
- MISP Docker (XME edition)☆282Updated last year
- Collecting & Hunting for IOCs with gusto and style☆240Updated 3 years ago