Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-technique pivoting.
☆55Jul 31, 2022Updated 3 years ago
Alternatives and similar repositories for Categorized-Adversary-TTPs
Users that are interested in Categorized-Adversary-TTPs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆36Aug 12, 2022Updated 3 years ago
- Generate portable TTP intelligence from a web-based report☆32Oct 24, 2022Updated 3 years ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆142Feb 25, 2024Updated 2 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆70Mar 17, 2024Updated 2 years ago
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆12Oct 29, 2020Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆29Nov 20, 2024Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆51Apr 10, 2024Updated 2 years ago
- Blackcert monitors Certificate Transparency Logs for a keyword. Blackcert collects any certificate changes for this keyword and also chec…☆10Dec 8, 2022Updated 3 years ago
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Oct 28, 2023Updated 2 years ago
- ☆12Apr 26, 2018Updated 8 years ago
- A repository of my own Sigma detection rules.☆165Nov 25, 2025Updated 6 months ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- ☆26Jun 2, 2023Updated 3 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 6 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- Splunk App for MITRE Att&CK Navigator(TM)☆23Mar 25, 2021Updated 5 years ago
- ☆19Aug 2, 2020Updated 5 years ago
- A PowerShell script that checks for dangerous ACLs on system hives and shadows☆26Jul 21, 2021Updated 4 years ago
- The Threat Actor Profile Guide for CTI Analysts☆121Jul 15, 2023Updated 2 years ago
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆565May 6, 2025Updated last year
- User Feedback Space of #MitreAssistant☆38May 19, 2023Updated 3 years ago
- ☆14Mar 5, 2021Updated 5 years ago
- Proof-of-concept for phishing intelligence in Elastic☆15Apr 30, 2019Updated 7 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Random things for my own reference☆22Aug 22, 2022Updated 3 years ago
- Python CLI covering the FileScan.IO API - enabling automatic interaction with www.filescan.io or private instances☆20Jul 15, 2025Updated 11 months ago
- STIX 2.1 Data Modeling Tool☆27Jul 2, 2024Updated last year
- The Intelligent Process Lifecycle of Active Cyber Defenders☆34Jan 1, 2023Updated 3 years ago
- MISP to Splunk Enterprise Security Theat Intelligence Framework Integration☆14Jul 11, 2023Updated 2 years ago
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Feb 16, 2025Updated last year
- Elemental - An ATT&CK Threat Library☆319Dec 8, 2022Updated 3 years ago
- Browser extension that I use daily to detect fake news; search images and collect data.☆11Nov 19, 2022Updated 3 years ago
- Rules generated from our investigations.☆210Jun 17, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆19Oct 30, 2020Updated 5 years ago
- IOC Collection 2022☆57Mar 7, 2023Updated 3 years ago
- ☆83Sep 29, 2025Updated 8 months ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆387Apr 3, 2024Updated 2 years ago
- Wrapper tool to identify the remote device and push device specific frida-server binary.☆10Jun 1, 2017Updated 9 years ago
- Sigma Queries turned into KQL for Defender using pysigma☆12Mar 29, 2026Updated 2 months ago
- Detect Tactics, Techniques & Combat Threats☆2,298Jun 2, 2026Updated 2 weeks ago