Web app that provides basic navigation and annotation of ATT&CK matrices

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Browser Extension Analysis Framework - Scan, Analyze Chrome, firefox and Brave extensions for vulnerabilities and intels

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

A next-generation crawling and spidering framework.

Threat Modeling with ATT&CK defines how to integreate MITRE ATT&CK® into your organization’s existing threat modeling methodology.

A suite of WiFi/Bluetooth offensive and defensive tools for the ESP32

The CWE Calculator enables software development teams to score and prioritize discovered weaknesses empirically based on data in the National Vulnerability Database (NVD).

Free and Open, Distributed, RESTful Search Engine

A python module for working with ATT&CK

This is the development tree. Production downloads are at:

The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activities associated with its practice.

A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.

PowerShell for CrowdStrike's OAuth2 APIs

Volatility 3.0 development

Python library using the MISP Rest API

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Made with ❤️ by @last0x00 and @dottor_morte

Detect Tactics, Techniques & Combat Threats

This repository holds the necessary content to produce the D3FEND ontology distribution.

An experimental open-source attempt to make GPT-4 fully autonomous.

Run GPT model on the browser with WebGPU. An implementation of GPT inference in less than ~1500 lines of vanilla Javascript.

A methodology for mapping MITRE ATT&CK techniques to vulnerability records to describe the impact of a vulnerability.

Real-time Response scripts and schema

A web application that assists network defenders, analysts, and researcher in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

Cleanup scripts for Securing the Cloud Foundations

Automated Adversary Emulation Platform