SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 mitre-attack Open-Source Projects
-
kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Certified-Kubernetes-Security-Specialist
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
-
Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
-
Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
-
Shuffle
Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
-
Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
-
sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)
-
attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
-
EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
-
tram
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: CodiumAI PR-Agent Dominates the Dev World with Versatility and Open-Source Power | dev.to | 2023-12-03CodiumAI PR-Agent’s influence extends deeply within open-source projects. An exemplary illustration is Kubespace, a Cloud Native Computing Foundation (CNCF) sandbox project. Since its adoption in August, Kubespace has been utilizing the PR-Agent service. They also recently had a public bug bounty collaboration with CodiumAI. This program added an extra layer of community-driven scrutiny, encouraging contributors to utilize simple commands like /describe for effective pull request messages. Here the contributor wanted to better describe the PR, so he used the /describe prompt.
You can write your own or look at testing tools like Cytest to ensure that your business goals are met and to ensure your sensors are configured correctly, and ART for attack chains.
Also, for the attack emulation part you might be interested in CALDERA.
I was specifically using the https://github.com/olafhartong/sysmon-modular config, but once we started seeing systems crash I tried building extremely minimal configs and still found them causing hangs.
Project mention: What adversary emulation options are there nowadays to test SIEMs and IDSs? | /r/AskNetsec | 2023-11-07Unfortunately I don't have the background and knowledge of cybersecurity needed to plan a pentest of my own. Also, it would be more interesting to emulate the attacks of actual APTs known in the wild. So far, I've tested Caldera, Invoke-AtomicRedTeam and manual tests from CTID's adversary emulation library: https://github.com/center-for-threat-informed-defense/adversary_emulation_library
If you're looking to learn on your own, try mikeroyal's digital forensics guide on Github. There's a lot of recommended resources there that'll speed you up. https://github.com/mikeroyal/Digital-Forensics-Guide
Take a look at n8n.io or shuffler.io
Connector on GitHub - https://github.com/OpenCTI-Platform/connectors/tree/master/stream/splunk
mitre-attack related posts
- should we write our own custom rule
- CodiumAI PR-Agent Dominates the Dev World with Versatility and Open-Source Power
- Kubescape 3.0 is available to enhance your K8s security experience
- What adversary emulation options are there nowadays to test SIEMs and IDSs?
- How to integrate openCTI with Splunk?
- Sysmon 15.0 is out now with advanced features
- Which Antivirus do you recommend and why?
-
A note from our sponsor - SaaSHub
www.saashub.com | 25 Apr 2024
Index
What are some of the best open-source mitre-attack projects? This list will help you:
Project | Stars | |
---|---|---|
1 | kubescape | 9,686 |
2 | atomic-red-team | 9,020 |
3 | caldera | 5,175 |
4 | RedTeam-Tools | 5,144 |
5 | sysmon-modular | 2,485 |
6 | EVTX-ATTACK-SAMPLES | 2,126 |
7 | Certified-Kubernetes-Security-Specialist | 1,916 |
8 | stratus-red-team | 1,618 |
9 | adversary_emulation_library | 1,537 |
10 | Digital-Forensics-Guide | 1,335 |
11 | Incident-Playbook | 1,329 |
12 | Shuffle | 1,259 |
13 | BLUESPAWN | 1,206 |
14 | threathunting | 1,102 |
15 | atomic-threat-coverage | 938 |
16 | Open-Source-Security-Guide | 846 |
17 | sysmon-config | 749 |
18 | KubeHound | 633 |
19 | atc-react | 571 |
20 | attack-flow | 499 |
21 | EVTX-to-MITRE-Attack | 476 |
22 | tram | 391 |
23 | connectors | 324 |
Sponsored