Automated Adversary Emulation Platform
Web app that provides basic navigation and annotation of ATT&CK matrices
Scripts and a (future) library to improve users' interactions with the ATT&CK content
A python module for working with ATT&CK
MITRE ATT&CK Website
STIX data representing MITRE ATT&CK
MITRE Caldera™ for OT Plugins & Capabilities
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline se...
A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data
InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark
A web application to streamline the development of STIGs from SRGs
MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
ATT&CK Evaluations website (DEPRECATED)
DEPRECATED: A set of utilities for converting and working with compliance data for viewing in the heimdall applications
(WIP) An ansible playbook to harden a docker host to the CIS CE Benchmark requirements
(WIP) A terraform / kitchen-terraform hardening baseline for the cis-aws-foundations-baseline
STIG Ready Content: InSpec Profile for NGINX Open Source based off the Web SRG V2R3
Heimdall Lite 2.0 is a JavaScript based security results viewer and review tool supporting multiple security results formats, such as: InSpec, SonarQube, OWASP-Zap and Fortify which you can load local...