DeTTECT
caldera
Our great sponsors
DeTTECT | caldera | |
---|---|---|
4 | 16 | |
1,955 | 5,175 | |
1.9% | 3.0% | |
8.3 | 9.2 | |
12 days ago | 9 days ago | |
SCSS | Python | |
GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
DeTTECT
-
Automated Mapping From Snort/Suricata Rules to MITRE ATT&CK
Look at dett&ct (https://github.com/rabobank-cdc/DeTTECT) and dettectinator (https://github.com/siriussecurity/dettectinator) The latter already has suricata support.
- GitHub - rabobank-cdc/DeTTECT: Detect Tactics, Techniques & Combat Threats
-
Does anyone have experience changing orthodontists during braces treatment?
If you plan to use. https://github.com/rabobank-cdc/DeTTECT
- Tool for MITRE Mapping
caldera
-
SOC Malware/Detection lab
Also, for the attack emulation part you might be interested in CALDERA.
- Automated penetration testing software?
-
Endpoint Attack Simulation
Mitre made Caldera to drive this. https://github.com/mitre/caldera
- Testing an XDR solution
-
Do you know the Mitre tool "Caldera"? How can I build a plugin for it?
Did you join the Slack and ask your question there, or on the discussion forum? The CALDERA team will answer... (both links are at https://caldera.mitre.org/)
- New blue team
- Attack simulation tool based on CVE
-
Attack Chain/Exploitation Path Diagram Generation Tools?
There's also a plugin for Caldera (https://github.com/mitre/caldera) called Pathfinder (https://github.com/center-for-threat-informed-defense/caldera_pathfinder and https://www.youtube.com/watch?v=gQRWkHFRG-s) that can help.
- Malware testing service/site for our EDR Testing of SentinelOne
- Worm/ Replicating virus for demonstrating spread/lateral movement through a network.
What are some alternatives?
tram - TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
dettectinator - Dettectinator - The Python library to your DeTT&CT YAML files.
Empire - Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
CTF-Difficulty - This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
Incident-Playbook - GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
Ghostwriter - The SpecterOps project management and reporting engine
WSLab - Azure Stack HCI, Windows 10 and Windows Server rapid lab deployment scripts
can-i-take-over-xyz - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
attack-control-framework-mappings - 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
EnterprisePurpleTeaming - Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.