ATT&CK® Navigator
A tool for navigating and annotating ATT&CK matrices with the ability to define custom layers for specific views.
A repository of curated datasets from various attacks to easily develop and test detections, specifically designed for validating detections in production SIEM installations using Splunk's Security Content Replay into streaming pipelines. Utilizes GitHub LFS for managing large files, with installation instructions provided for Mac users and other operating systems.
A tool for navigating and annotating ATT&CK matrices with the ability to define custom layers for specific views.
A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.
A collection of YARA rules for Windows, Linux, and Other threats.
A simple, self-contained modular host-based IOC scanner for incident responders.
An IOC tracker written in Python that queries Google Custom Search Engines for various cybersecurity indicators and monitors domain status using Google Safe Browsing APIs.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.