Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-technique pivoting.
☆55Jul 31, 2022Updated 3 years ago
Alternatives and similar repositories for Categorized-Adversary-TTPs
Users that are interested in Categorized-Adversary-TTPs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆36Aug 12, 2022Updated 3 years ago
- Generate portable TTP intelligence from a web-based report☆31Oct 24, 2022Updated 3 years ago
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆104Dec 13, 2023Updated 2 years ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆143Feb 25, 2024Updated 2 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆69Mar 17, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆12Oct 29, 2020Updated 5 years ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆29Nov 20, 2024Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Apr 10, 2024Updated 2 years ago
- Blackcert monitors Certificate Transparency Logs for a keyword. Blackcert collects any certificate changes for this keyword and also chec…☆10Dec 8, 2022Updated 3 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Oct 28, 2023Updated 2 years ago
- ☆12Apr 26, 2018Updated 7 years ago
- A repository of my own Sigma detection rules.☆165Nov 25, 2025Updated 4 months ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆26Jun 2, 2023Updated 2 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 4 months ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- Splunk App for MITRE Att&CK Navigator(TM)☆23Mar 25, 2021Updated 5 years ago
- A PowerShell script that checks for dangerous ACLs on system hives and shadows☆28Jul 21, 2021Updated 4 years ago
- The Threat Actor Profile Guide for CTI Analysts☆119Jul 15, 2023Updated 2 years ago
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆557May 6, 2025Updated 11 months ago
- ☆14Mar 5, 2021Updated 5 years ago
- List of groups that are carrying out cyber actions in the conflict between Israel and Palestine.☆31Apr 23, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Proof-of-concept for phishing intelligence in Elastic☆15Apr 30, 2019Updated 6 years ago
- Random things for my own reference☆22Aug 22, 2022Updated 3 years ago
- Python CLI covering the FileScan.IO API - enabling automatic interaction with www.filescan.io or private instances☆18Jul 15, 2025Updated 9 months ago
- STIX 2.1 Data Modeling Tool☆27Jul 2, 2024Updated last year
- Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security☆16May 21, 2023Updated 2 years ago
- The Intelligent Process Lifecycle of Active Cyber Defenders☆34Jan 1, 2023Updated 3 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated last month
- MISP to Splunk Enterprise Security Theat Intelligence Framework Integration☆14Jul 11, 2023Updated 2 years ago
- LetMeOutOfYour.net Resources☆21Apr 11, 2026Updated last week
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Feb 16, 2025Updated last year
- Elemental - An ATT&CK Threat Library☆319Dec 8, 2022Updated 3 years ago
- a curated, categorised collection of useful projects☆131Apr 5, 2026Updated last week
- Rules generated from our investigations.☆207Jun 17, 2025Updated 10 months ago
- ☆19Oct 30, 2020Updated 5 years ago
- IOC Collection 2022☆57Mar 7, 2023Updated 3 years ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆387Apr 3, 2024Updated 2 years ago