diff --git a/README.md b/README.md index d2088b5..92b2298 100644 --- a/README.md +++ b/README.md @@ -93,10 +93,6 @@ This repository is created as an online bookmark for useful links, resources and RTA provides a framework of scripts designed to allow blue teams to test their detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK - fireeye/capa-rules - Standard collection of rules for capa: the tool for enumerating the capabilities of programs - - FSecureLABS/leonidas Automated Attack Simulation in the Cloud, complete with detection use cases. @@ -136,6 +132,10 @@ This repository is created as an online bookmark for useful links, resources and praetorian-code/purple-team-attack-automation Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs + + qsecure-labs/overlord + Overlord - Red Teaming Infrastructure Automation + ReconInfoSec/adversary-emulation-map Creates an ATT&CK Navigator map of an Adversary Emulation Plan @@ -463,6 +463,10 @@ This repository is created as an online bookmark for useful links, resources and fireeye/capa capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do. For example, it might suggest that the file is a backdoor, is capable of installing services, or relies on HTTP to communicate. + + fireeye/capa-rules + Standard collection of rules for capa: the tool for enumerating the capabilities of programs + fireeye/flare-floss FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.