Incident-Playbook
caldera
Incident-Playbook | caldera | |
---|---|---|
10 | 16 | |
1,329 | 5,182 | |
- | 1.6% | |
0.0 | 9.1 | |
over 1 year ago | 3 days ago | |
Python | Python | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Incident-Playbook
- Cyber Playbooks
- Goal: Incident Response Playbooks Mapped to Mitre Attack Tactics and Techniques
- austinsonger/Incident-Playbook - Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
- Github Incident Playbooks "Incident Response Process and Playbooks | Goal: Playbooks to be Mapped to MITRE Attack Techniques"
- Github: austinsonger/Incident-Playbooks "Incident Response Process and Playbooks | Goal: Playbooks to be Mapped to MITRE Attack Techniques"
- Incident Response Process and Playbooks Mapped to Mitre Attack Technique
- Incident Response Process and Playbooks
caldera
-
SOC Malware/Detection lab
Also, for the attack emulation part you might be interested in CALDERA.
- Automated penetration testing software?
-
Endpoint Attack Simulation
Mitre made Caldera to drive this. https://github.com/mitre/caldera
- Testing an XDR solution
-
Do you know the Mitre tool "Caldera"? How can I build a plugin for it?
Did you join the Slack and ask your question there, or on the discussion forum? The CALDERA team will answer... (both links are at https://caldera.mitre.org/)
- New blue team
- Attack simulation tool based on CVE
-
Attack Chain/Exploitation Path Diagram Generation Tools?
There's also a plugin for Caldera (https://github.com/mitre/caldera) called Pathfinder (https://github.com/center-for-threat-informed-defense/caldera_pathfinder and https://www.youtube.com/watch?v=gQRWkHFRG-s) that can help.
- Malware testing service/site for our EDR Testing of SentinelOne
- Worm/ Replicating virus for demonstrating spread/lateral movement through a network.
What are some alternatives?
atomic-red-team - Small and highly portable detection tests based on MITRE's ATT&CK.
Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
ansible-navigator - A text-based user interface (TUI) for Ansible.
Empire - Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
EDR-Testing-Script - Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
CTF-Difficulty - This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
threathunting - A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Ghostwriter - The SpecterOps project management and reporting engine
content - Demisto is now Cortex XSOAR. Automate and orchestrate your Security Operations with Cortex XSOAR's ever-growing Content Repository. Pull Requests are always welcome and highly appreciated!
WSLab - Azure Stack HCI, Windows 10 and Windows Server rapid lab deployment scripts
Incident-Response-Playbooks
can-i-take-over-xyz - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.