Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated daily. Showcased at BlackHat Europe 2025 Arsenal.

Supporting files for the Chinese State-Sponsored Cyber Operations: Observed TTPs Cybersecurity Advisory. #nsacyber

Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.

Scripts and outputs for ATLAS data in STIX JSON and ATT&CK Navigator layer formats

Python framework for automated STRIDE threat modeling as code — MITRE ATT&CK mapping, D3FEND mitigations, Attack Flow, CAPEC, severity scoring, SVG/HTML reports & MITRE Navigator layers. DevSecOps & CI/CD ready.

Interrelation of APT groups based on their TTPs. Extraction of APT TTP's layers.

Repository for the Jupyter Notebook: Visualizing Cyber Threat Data - Building an Interactive Mitre Attack Navigator Layer and TTPs Timeline using Azure OpenAI.

A Tauri-based desktop app for MITRE's ATT&CK Navigator cybersecurity framework.

No description available

https://mitre-attack.github.io/attack-navigator/#layerURL=

This project is for generating a MITRE Navigator JSON file that can be used to upload to an on-prem or github instance (https://mitre.github.io/attack-navigator/enterprise/).

A Python command-line tool used to attribute a set of TTPs to APT groups. Takes in a Mitre ATTACK Navigator json file, and prints out the top 10 most similar APT groups.

Merge MITRE Navigator layers and retain Procedure information across Group and Software IDs. Create an Analytic Plan as a Static Web Site with mkdocs in a self-contained Jupyter Notebook.

No description available

No description available

No description available

No description available

No description available

MITRE ATT&CK Enterprise Navigator

Python scripts that help manipulate ATT&CK Navigator Layers

Docker container serving the Mitre ATT&CK Navigator.

No description available

Collections of ICS-Mitre-Attacks navigator

No description available

Analyzing a Ransomware Attack Using MITRE ATT&CK Navigator.

A comprehensive guide and resources for mapping cyber threats using MITRE tools, including ATT&CK, Navigator, D3FEND, Caldera, Attack Flow, and MITRE Engenuity. Designed for cybersecurity teams to identify, prioritize, and mitigate risks effectively.

A full-stack application that organizes and presents MITRE ATT&CK techniques, featuring an integrated chatbot with analytical capabilities.

Open-source SIEM arsenal built on Elastic Stack, Dockerized ELK + Elastic Agent simulation + EQL/KQL correlation + ingest pipelines + MITRE ATT&CK Navigator mapping + hybrid Python ML anomaly detection.Real-time threat hunting, automated incident reporting, and live attack simulation. Instant docker-compose + exportable dashboards, rules & scripts.