Unlocking Serverless Computing to Assess Security Controls

Tool to extract powerful tokens from Office desktop apps memory

Extensible Azure Security Tool - Documentation

Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.

Building environments to replicate small networks and deploy applications

Re-play Security Events

Python Script to access ATT&CK content available in STIX via a public TAXII server

AADInternals PowerShell module for administering Azure AD and Office 365

Understand adversary tradecraft and improve detection strategies

a CLI that provides a generic automation layer for assessing the security of ML models

See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)

Open Source Security Events Metadata (OSSEM)

Understanding ATT&CK Matrix for Enterprise

Web-based notebook that enables data-driven, interactive data analytics and collaborative documents with SQL, Scala and more.

Morpheus brings the leading graph query language, Cypher, onto the leading distributed processing platform, Spark.

Web app that provides basic navigation and annotation of ATT&CK matrices

The database purpose-built for stream processing applications.

The Hunting ELK

A feature extension to ease the automation of Threat Hunting with ElastAlert and the ELK Stack

How to use GitHub

Python module to interact with the MITRE attack framework via the MITRE API

Automated, Collection, and Enrichment Platform

Module to provide PowerShell functions that abstract Win32 API functions

InjectProc - Process Injection Techniques [This project is not maintained anymore]