Stars
information about ransomware groups (Ransomware Analysis Notes)
Track C2 servers, tools, and botnets over time by framework and location
Live Feed of C2 servers, tools, and botnets
This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
Generate portable TTP intelligence from a web-based report
A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence
A python library to parse OneNote (.one) files
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, context menus, and ATT&CK Navigator integration.
Dettectinator - The Python library to your DeTT&CT YAML files.
A new way for you to structure your threat content.
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regex…
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
Code included as part of the MustLearnKQL blog series
Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flow…
A curated list of community detection research papers with implementations.