Tooling for Purple Teaming

• VECTR

  2 1,279 3.8

  VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios

  

• cti

  1 1,629 6.0

  Cyber Threat Intelligence Repository expressed in STIX 2.0

  

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• attack-stix-data

  58 284 4.1 Python

  STIX data representing MITRE ATT&CK

  

• attack-flow

  5 499 8.9 TypeScript

  Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

  

- Threat Modeling - Based on the assessment results, define potential attack paths (not a single action against a single asset, but the full chain of steps that an attacker would take - see https://github.com/center-for-threat-informed-defense/attack-flow/blob/main/docs/ceo_scenario.md for a basic example). Prioritize your attack paths based on whatever real world factors affect your team's availability, capabilities, etc. For example, if the team's availability overlaps with a year-end accounting process, pick an attack path that doesn't touch your finance and accounting team.

• heimdall2

  4 195 9.9 TypeScript

  Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.

  

• SaaSHub

  www.saashub.com featured

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Suggest a related project