This repository contains the MITRE ATT&CK® and CAPEC™ datasets expressed in STIX 2.0. See USAGE or USAGE-CAPEC for information on using this content with python-stix2. If you are looking for ATT&CK represented in STIX 2.1, please see the attack-stix-data GitHub repository. Both MITRE/CTI (this repository) and attack-stix-data will be maintained and updated with new ATT&CK releases for the foreseeable future, but the data model of attack-stix-data includes quality-of-life improvements not found on MITRE/CTI. Please see the attack-stix-data USAGE document for more information on the improved data model of that repository.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A collection of companies that disclose adversary TTPs after being breached, useful for analysis of intrusions.
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
CRITs is an open source malware and threat repository for collaborative threat defense and analysis.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.
ThreatMiner is a threat intelligence portal that aggregates data from various sources and provides contextual information related to indicators of compromise (IOCs).
A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.
VX-Underground is a vast online repository of malware samples, featuring various collections for cybersecurity professionals and researchers to analyze and combat cyber threats.
A free software that calculates the security ranking of Internet Service Providers to detect malicious activities.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.