The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simplifies tracking of security readiness against ATT&CK® tactics and techniques, offering a customizable, user-friendly interface for SOC analysts.
☆34Nov 13, 2025Updated 3 months ago
Alternatives and similar repositories for MITRE-ATTACK-Enterprise-Matrix-in-Excel-for-SOC
Users that are interested in MITRE-ATTACK-Enterprise-Matrix-in-Excel-for-SOC are comparing it to the libraries listed below
Sorting:
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- Sigma Queries turned into KQL for Defender using pysigma☆12Jun 20, 2024Updated last year
- This tool can gather a lot of info without any defender alerts. It is useful for Penetration testers, SOC Analysts, System administrators…☆29Apr 9, 2025Updated 11 months ago
- The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activ…☆16Jun 25, 2025Updated 8 months ago
- Short deep dive into Threat Hunting on AWS☆17Oct 15, 2023Updated 2 years ago
- Extract CIS benchmarks from PDFs☆16Jul 26, 2023Updated 2 years ago
- A collection of open source threat detection rules created by Cyber Castle's team.☆14Jun 2, 2022Updated 3 years ago
- ONYX: Cisco Automated Assessment and Auditing Tool (CAAAT). An open-source tool that automatically assesses and audits Cisco IOS routers …☆21May 6, 2025Updated 10 months ago
- Easily create Splunk searches from Python and get the result as a Python object.☆14May 30, 2024Updated last year
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆187May 5, 2022Updated 3 years ago
- A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis☆24Feb 2, 2025Updated last year
- ☆49Feb 22, 2023Updated 3 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- ☆35Jun 22, 2021Updated 4 years ago
- CrowdStrike Falcon Queries For Advanced Threat Detection☆34Mar 1, 2025Updated last year
- ☆11Feb 9, 2023Updated 3 years ago
- Standard-Format Threat Intelligence Feeds☆127Updated this week
- Red Team Stored XSS SVG phishing-companion tool with the ability to serve a malicious login page, or clone an html page and implement cus…☆30Mar 31, 2023Updated 2 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆118Jan 22, 2026Updated last month
- Command line tool to interact with Chronicle's Config Based Normalizer (CBN) APIs.☆32Aug 31, 2023Updated 2 years ago
- yara detection rules for hunting with the threathunting-keywords project☆157May 11, 2025Updated 9 months ago
- The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 mon…☆12Apr 27, 2023Updated 2 years ago
- Searches for Insider Threat Hunting☆29May 2, 2019Updated 6 years ago
- ETHICAL-HACKING☆12Dec 20, 2023Updated 2 years ago
- Impacket is a collection of Python classes for working with network protocols.☆38Oct 13, 2021Updated 4 years ago
- Event Query Router☆12Aug 9, 2019Updated 6 years ago
- Cybersecurity Ontology (CyberOnto) and Situational Awareness (CyberSA) help teamwork in Cyber Incident Responses, Control, Containment, a…☆10Sep 15, 2022Updated 3 years ago
- Contains research.splunk.com site code☆11Apr 10, 2024Updated last year
- A penetration testing tool to help in Infrastructure pentesting process.☆11Sep 19, 2023Updated 2 years ago
- Perform file-based malware scan on your on-prem servers with AWS☆14Oct 31, 2023Updated 2 years ago
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆47Feb 27, 2026Updated last week
- My own custom payloads for any BAD USB. (These payloads work perfectly with Arduino, Pi Pico, & Rubber Ducky.☆13Jan 19, 2023Updated 3 years ago
- ☆12Dec 3, 2022Updated 3 years ago
- Python script for carving Bitlocker VMK keys☆26Feb 4, 2026Updated last month
- Small and highly portable detection tests based on MITRE's ATT&CK.☆12Jun 24, 2021Updated 4 years ago
- ☆13Mar 27, 2021Updated 4 years ago
- Simple Docker definition to serve mocked APIs from static JSON files.☆11Apr 27, 2018Updated 7 years ago
- Repository for integration with Apache Kafka☆14Jul 22, 2022Updated 3 years ago
- This module helps you get started with basic Zigbee analysis, and later on performing additional attacks on the Zigbee protocol.☆12Nov 23, 2016Updated 9 years ago