There are no reviews yet. Be the first to send feedback to the community and the maintainers!
caldera
Automated Adversary Emulation Platformcti
Cyber Threat Intelligence Repository expressed in STIX 2.0HTTP-Proxy-Servlet
Smiley's HTTP Proxy implemented as a Java servletadvmlthreatmatrix
Adversarial Threat Landscape for AI Systemsmultiscanner
Modular file scanning/analysis frameworkcascade-server
CASCADE Serverheimdall2
Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.brawl-public-game-001
Data from a BRAWL Automated Adversary Emulation Exercisecaldera-ot
MITRE Calderaβ’ for OT Plugins & Capabilitiessaf
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelinesinspec_tools
A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and dataquaerite
Search relevance evaluation toolkitaws-foundations-cis-baseline
InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark v1.1.0menelaus
Online and batch-based concept and data drift detection algorithms to monitor and maintain ML performance.stockpile
A CALDERA pluginhipcheck
Automatically assess and score software repositories for supply chain risk.engage
MITRE Engageβ’ is a framework for conducting Denial, Deception, and Adversary Engagements.vulcan
A web application to streamline the development of STIGs from SRGssandcat
A CALDERA plugincaret
CARET - A tool for viewing cyber analytic relationshipspydecipher
pydecipher: unfreeze and deobfuscate your frozen python codedevice-admin-sample
heimdall-legacy
A Security Results Viewer for the web with storage, teams and historyheimdall_tools
DEPRECATED: A set of utilities for converting and working with compliance data for viewing in the heimdall applicationsfhir-server
A fast, open source, HL7 FHIR servercpsa
Cryptographic Protocol Shapes Analyzertmnt
Algorithms for training state-of-the-art neural topic modelsstix2patterns_translator
Translate STIX 2 Patterning Queriesvulnerable-mobile-apps
fusera
A FUSE interface to the NCBI Sequence Read Archive (SRA)sparklyr.nested
A sparklyr extension for nested dataatomic
A CALDERA pluginmitre.github.io
Open Source software from The MITRE Corporationemasser
emasser is a command-line interface (CLI) that aims to automate routine business use-cases and provide utility surrounding the Enterprise Mission Assurance Support Service (eMASS) by leveraging its representational state transfer (REST) application programming interface (API).cis-aws-foundations-hardening
(WIP) A terraform / kitchen-terraform hardening baseline for the cis-aws-foundations-baselineresponse
A CALDERA plugin for autonomous incident responseansible-cis-docker-ce-hardening
(WIP) An ansible playbook to harden a docker host to the CIS CE Benchmark requirementsheimdall-lite
Heimdall Lite 2.0 is a JavaScript based security results viewer and review tool supporting multiple security results formats, such as: InSpec, SonarQube, OWASP-Zap and Fortify which you can load locally, from S3 and other data sources.rhapsode
Advanced desktop search/corpus exploration prototypenginx-stigready-baseline
STIG Ready Content: InSpec Profile for NGINX Open Source based off the Web SRG V2R3human
Caldera plugin to deploy "humans" to emulate user behavior on systemsemb3d
caldera-agent
OpenHealthDashboard
A dashboard framework for visualizing complex data sets on T1V multi-panel displaysbiqt-face
A face quality plugin for the BIQT framework.training
A CALDERA pluginemu
This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defensethumbtack
A web front-end providing a REST-ful API to mount and unmount forensic disk imagesCICAT
SystemInspector
SystemInspector is a script to pull a majority of the security-relevant files and settings from a system.adversary
A CALDERA plugininspec_training_courses
(WIP) A set of training material and guides for using inspecFast-RRT-Star
ROS Global Path Planner Plugin based on the F-RRT* algorithm from this paper: https://doi.org/10.1016/j.eswa.2021.115457ilpyt
ilpyt: imitation learning library with modular, baseline implementations in Pytorchcallisto
microsoft-azure-cis-foundations-baseline
(WIP) CIS Microsoft Azure Foundations Benchmarkptmatch
A patient matching test harness to support PCORaccess
A CALDERA pluginmicrosoft-windows-server-2019-stig-baseline
Microsoft Windows Server 2019 STIG InSpec Profilemicrosoft-windows-10-stig-baseline
InSpec profile for Microsoft Windows 10, against DISA's Microsoft Windows 10 Security Technical Implementation Guide (STIG) Version 1, Release 19multiscanner-ansible
Ansible configurations for distributed MultiScanner installationspolicynet
Exploration of the U.S. rulesets as a networkaws-rds-infrastructure-cis-baseline
InSpec Profile to validate the secure configuration of aws-rds-infrastructure-cis-baseline, against CIS's Amazon Web Services Three-tier Web Architecture Benchmark V1.0.0aws-s3-baseline
A micro InSpec baseline to check for insecure or public s3 buckets in your VPCbiqt-iris
An iris quality plugin for the BIQT framework.FiGHT
Publicly accessible version of the FiGHT website.yararules-python
Easily scan with multiple yara rules from different sources.keyterms
KeyTerms centralized terminology management toolpickled-canary
Assembly-based binary pattern search!ps_pc_props
PowerShell Utilities for Security Situational Awarenessmicrosoft-windows-server-2016-stig-baseline
An InSpec Profile for evaluating a Windows 2016 server to the DISA STIGscanonical-ubuntu-16.04-lts-stig-baseline
InSpec profile to validate the secure configuration of Canonical Ubuntu 16.04 LTS against DISA's Canonical Ubuntu 16.04 LTS Security Technical Implementation Guide (STIG) Version 1 Release 1.emass_client
The eMASS client repository maintains the Enterprise Mission Assurance Support Service (eMASS) Representational State Transfer (REST) Application Programming Interface (API) specification and executables.heimdall-mongo
A Mongo-based version of Heimdall (Deprecated)skeleton
A CALDERA Plugin Templatefhir-exercises
hse-mwi
The Mental Wellness Index is a framework and dashboard tool that provides a picture of community-level mental wellness for each zip code in the nationckl2POAM
Standalone tool for converting DISA Checklists to eMASS POA&M Excel spreadsheets.ecqm
Server side components to support electronic clinical quality measure calculationdemodocus
Project dedicated to extending the capabilities of automated accessibility testing tools to include testing interactive web content.ecqm-frontend
Web application to provide an interface for clinical quality measure calculationmock
A CALDERA plugincompass
saf-training-lab-environment
The SAF Training Lab is a GitHub Codespaces environment that makes it quick and easy for you to use, learn and participate in the MITRE Security Automation Framework Training Classes.icap
Internet Content Adaptation Protocol (ICAP) Analyzer for Bro and Zeek.FMACM
An aircraft and control model for Flight Deck Interval Management MOPS testing by RTCA SC-186 members.canonical-ubuntu-18.04-lts-stig-baseline
(WIP) canonical-ubuntu-18.04-lts-stig-baselinecpsaexp
Experimental CPSA -- the Cryptographic Protocol Shapes Analyzer experimental versiongocat
Simplified go-cat agent for calderacaltack
Plugin that serves the ATT&CK website alongside CALDERA.arlin
ARLIN is a research library written in Python that provides explainability outputs and vulnerability detection for DRL models, specifically designed to increase model assurance and identify vulnerabilities and potential points of failure within a trained model. https://mitre.github.io/arlin/mitre_fast_layered_map
A high-speed lidar based mapping package for use with large scale robotics such as autonomous vehicles.caldera-crater
credentials
Insulates package authors from worrying about how to collect user credentialsbiqt
The core engine of the BIQT framework.stixmarx
Data Markings API for STIX 1.xcql-translation-service
CQL to ELM translator packaged as a microservice.serverless-inspec-deprecated
(wip) InSpec run from serverless environments (lambda)scorecard_app
Scorecard for a FHIR Patient Record -- SMART on FHIR Appheimdall-vue
(deprecated) A refactor of the heimdall-lite project using vue, see:Love Open Source and this site? Check out how you can help us