attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows. (by center-for-threat-informed-defense)
VECTR
VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios (by SecurityRiskAdvisors)
SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
surveyjs.io
featured
| attack-flow | VECTR | |
|---|---|---|
| 5 | 2 | |
| 508 | 1,291 | |
| 3.3% | 2.5% | |
| 8.9 | 3.8 | |
| 14 days ago | about 2 months ago | |
| TypeScript | ||
| Apache License 2.0 | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
attack-flow
Posts with mentions or reviews of attack-flow.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-09-21.
- Attack Flow v2.0.1 — a language for describing how cyber adversaries combine and sequence various offensive techniques to achieve their goals
-
Attack Chain/Exploitation Path Diagram Generation Tools?
This is what Attack Flow is specifically meant to help with (https://github.com/center-for-threat-informed-defense/attack-flow and https://www.youtube.com/watch?v=dlTTF4TF48A). Take a look at the CEO Scenario walkthrough (https://github.com/center-for-threat-informed-defense/attack-flow/blob/main/docs/ceo_scenario.md), the use of a Sankey diagram to highlight how mitigations reduce the cost of risk is one of the best representations I know of.
-
I'm the CINO of Tidal Cyber, and previously founded MITRE's ATT&CK® Evaluations. AMA!
I will give credit to the work at CTID, though many are looking at how to not look at ATT&CK Techniques atomically, rather as chains: https://ctid.mitre-engenuity.org/our-work/attack-flow/
-
PURPLE TEAM LEADERSHIP METRICS?
define your attack path similar to the sankey diagrams at https://github.com/center-for-threat-informed-defense/attack-flow/blob/main/docs/ceo_scenario.md
-
Tooling for Purple Teaming
- Threat Modeling - Based on the assessment results, define potential attack paths (not a single action against a single asset, but the full chain of steps that an attacker would take - see https://github.com/center-for-threat-informed-defense/attack-flow/blob/main/docs/ceo_scenario.md for a basic example). Prioritize your attack paths based on whatever real world factors affect your team's availability, capabilities, etc. For example, if the team's availability overlaps with a year-end accounting process, pick an attack path that doesn't touch your finance and accounting team.
VECTR
Posts with mentions or reviews of VECTR.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-06-14.
- Tooling for Purple Teaming
-
Security Validation Tools
I'm using VECTR which is tracking our red vs blue or purple team activities to illuminate gaps against something like the Mitre ATT&CK framework and other TTP collections.
What are some alternatives?
When comparing attack-flow and VECTR you can also consider the following projects:
caldera_pathfinder - Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.
attack-stix-data - STIX data representing MITRE ATT&CK
heimdall2 - Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.
adversary_emulation_library - An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
cti - Cyber Threat Intelligence Repository expressed in STIX 2.0
caldera - Automated Adversary Emulation Platform