You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The security agent that fights back. Watches your Linux server from inside, detects threats with kernel-level eBPF, and stops them with on-device AI. Open-source, self-hosted, dry-run by default. Apache-2.0.
27 scope-enforced AI agents that run the full pentest kill-chain (recon → exploit → post-ex → DFIR → report) as a one-command Claude Code plugin. Backed by 754 MITRE-mapped skills.
Real-Time Detection of Multi-Stage Attacks using Kill Chain State Machines: Detect multi-stage attacks by correlating alerts from Intrusion Detection Systems (IDS) to generate scenario graphs. By prioritising alerts based on the kill chain model the RT-KCSM reduces false-positive alerts.
MCADDF - A holistic operational framework bridging the gap between on-prem Active Directory and Cloud-native (Entra ID/Azure) security. This repository provides a structured library of verified attack vectors and detection logic, organized via the SERVTEP ID system and mapped to the current MITRE ATT&CK landscape. Curated by Pchelnikau Artur.
An open-standard shared vocabulary for categorizing and detecting human adversary behavior in physical security and insider threat. 154 tactics, 27 actor profiles, 4 target domains, with Cyber-Physical Nexus tagging where digital and physical threat intelligence converge. MIT licensed.
Python CLI that ingests alerts from CSV, Splunk, or Elasticsearch; enriches source IPs via VirusTotal and Shodan; scores priority with a 6-factor weighted model; detects correlated incidents and MITRE ATT&CK kill chains; and generates a self-contained HTML analyst report.
The Kill Chain Evolution of a Middle Eastern Threat Actor Intelligence from Seventeen Months of Deception and Analysis of Politically Targeted Malware Attacks