A structured knowledge base of adversary tactics, techniques, and procedures (TTPs) used in real-world attacks. Commonly referenced for threat modeling, detection engineering, and security assessments.
A defensive counterpart to ATT&CK that catalogs countermeasures mapped to adversary techniques. Useful for blue teamers planning security control implementation and mitigation strategies.
An open repository of malware family information maintained by Fraunhofer Institute. Includes behavioral profiles, YARA rules, threat actor links, and campaign details.
A collaborative platform by AlienVault for sharing IOCs, attack patterns, and pulse intelligence. Allows subscriptions to community-generated threat feeds.
A platform for submitting and retrieving malware-related IOCs (IPs, URLs, domains). Offers enrichment and tagging to support real-time detection and feed integration.
A free, open-source aggregator of threat intelligence with structured IOCs collected from various community sources. Supports API-based access and download in STIX format.
A curated collection of APT reports and related indicators categorized by threat group and geography. Useful for understanding historical APT behaviors and campaigns.