Alternatives and similar repositories for pyattck

Users that are interested in pyattck are comparing it to the libraries listed below

• OTRF / ATTACK-Python-Client

  View on GitHub
  Python Script to access ATT&CK content available in STIX via a public TAXII server
  ☆569Dec 19, 2025Updated last month
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,263Jan 21, 2026Updated 3 weeks ago
• atc-project / atomic-threat-coverage

  View on GitHub
  Actionable analytics designed to combat threats
  ☆1,006May 25, 2022Updated 3 years ago
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,723Mar 20, 2024Updated last year
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,475Jan 12, 2026Updated last month
• dfirtrack / dfirtrack

  View on GitHub
  DFIRTrack - The Incident Response Tracking Application
  ☆532Jan 13, 2026Updated last month
• OTRF / OSSEM

  View on GitHub
  Open Source Security Events Metadata (OSSEM)
  ☆1,287Feb 27, 2023Updated 2 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,507Jan 24, 2023Updated 3 years ago
• swimlane / PSAttck

  View on GitHub
  PSAttck is a light-weight framework for the MITRE ATT&CK Framework.
  ☆38Jan 11, 2022Updated 4 years ago
• olafhartong / ThreatHunting

  View on GitHub
  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
  ☆1,173Jul 26, 2023Updated 2 years ago
• yampelo / beagle

  View on GitHub
  Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
  ☆1,339Dec 13, 2022Updated 3 years ago
• atc-project / atc-react

  View on GitHub
  A knowledge base of actionable Incident Response techniques
  ☆662May 31, 2022Updated 3 years ago
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,901Jul 6, 2024Updated last year
• nshalabi / ATTACK-Tools

  View on GitHub
  Utilities for MITRE™ ATT&CK
  ☆1,050Jan 3, 2026Updated last month
• edoardogerosa / sentinel-attack

  View on GitHub
  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
  ☆1,076Nov 28, 2024Updated last year
• mitre / cti

  View on GitHub
  Cyber Threat Intelligence Repository expressed in STIX 2.0
  ☆2,027Dec 19, 2025Updated last month
• olafhartong / ATTACKdatamap

  View on GitHub
  A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
  ☆355Nov 3, 2020Updated 5 years ago
• mitre-attack / tram

  View on GitHub
  Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.
  ☆356Oct 6, 2021Updated 4 years ago
• mitre-attack / attack-scripts

  View on GitHub
  Scripts and a (future) library to improve users' interactions with the ATT&CK content
  ☆594Dec 11, 2023Updated 2 years ago
• NextronSystems / APTSimulator

  View on GitHub
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,710Sep 23, 2025Updated 4 months ago
• mitre-attack / bzar

  View on GitHub
  A set of Zeek scripts to detect ATT&CK techniques.
  ☆620Jun 26, 2024Updated last year
• praetorian-inc / purple-team-attack-automation

  View on GitHub
  Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
  ☆728Jan 21, 2020Updated 6 years ago
• OTRF / Blacksmith

  View on GitHub
  Building environments to replicate small networks and deploy applications
  ☆330Jan 9, 2026Updated last month
• target / strelka

  View on GitHub
  Real-time, container-based file scanning at enterprise scale
  ☆974Updated this week
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,109Updated this week
• endgameinc / RTA

  View on GitHub
  ☆1,093May 1, 2019Updated 6 years ago
• uber-common / metta

  View on GitHub
  An information security preparedness tool to do adversarial simulation.
  ☆1,142Apr 1, 2019Updated 6 years ago
• outflanknl / RedELK

  View on GitHub
  Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…
  ☆2,618Dec 13, 2025Updated 2 months ago
• yeti-platform / yeti

  View on GitHub
  Your Everyday Threat Intelligence
  ☆1,949Updated this week
• bats3c / shad0w

  View on GitHub
  A post exploitation framework designed to operate covertly on heavily monitored environments
  ☆2,169Sep 29, 2021Updated 4 years ago
• mitre / caldera

  View on GitHub
  Automated Adversary Emulation Platform
  ☆6,733Updated this week
• redcanaryco / atomic-red-team

  View on GitHub
  Small and highly portable detection tests based on MITRE's ATT&CK.
  ☆11,570Updated this week
• xorrior / raven

  View on GitHub
  CobaltStrike External C2 for Websockets
  ☆197Jul 16, 2019Updated 6 years ago
• mitre-attack / mitreattack-python

  View on GitHub
  A python module for working with ATT&CK
  ☆657Feb 1, 2026Updated last week
• SecurityRiskAdvisors / VECTR

  View on GitHub
  VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…
  ☆1,548Nov 24, 2025Updated 2 months ago
• Cyb3rWard0g / HELK

  View on GitHub
  The Hunting ELK
  ☆3,913Jun 1, 2024Updated last year
• activecm / rita-legacy

  View on GitHub
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,514Jan 12, 2026Updated last month
• mitre-attack / attack-arsenal

  View on GitHub
  A collection of red team and adversary emulation resources developed and released by MITRE.
  ☆531Apr 20, 2021Updated 4 years ago
• teoseller / osquery-attck

  View on GitHub
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆804May 11, 2023Updated 2 years ago