Automated Adversary Emulation Platform
Web app that provides basic navigation and annotation of ATT&CK matrices
A python module for working with ATT&CK
Scripts and a (future) library to improve users' interactions with the ATT&CK content
MITRE ATT&CK Website
STIX data representing MITRE ATT&CK
MITRE Caldera™ for OT Plugins & Capabilities
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline se...
A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data
A web application to streamline the development of STIGs from SRGs
InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark
MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
ATT&CK Evaluations website (DEPRECATED)
DEPRECATED: A set of utilities for converting and working with compliance data for viewing in the heimdall applications
(WIP) An ansible playbook to harden a docker host to the CIS CE Benchmark requirements
(WIP) A terraform / kitchen-terraform hardening baseline for the cis-aws-foundations-baseline
STIG Ready Content: InSpec Profile for NGINX Open Source based off the Web SRG V2R3
Heimdall Lite 2.0 is a JavaScript based security results viewer and review tool supporting multiple security results formats, such as: InSpec, SonarQube, OWASP-Zap and Fortify which you can load local...