The MITRE Corporation

All

476 repositories

redhat-enterprise-linux-8-stig-baseline
Public
RHEL 8.X STIG Automated Compliance Validation Profile works with Chef InSpec to perform automated compliance checks of RHEL8.
Ruby
•
Other
•2•1•16•5•Updated Feb 6, 2025Feb 6, 2025
hipcheck
Public
Automatically assess and score software repositories for supply chain risk.
supply-chain-security
Rust
•
Apache License 2.0
•8•94•48•2•Updated Feb 6, 2025Feb 6, 2025
aws-rds-crunchy-data-postgresql-stig-baseline
Public
InSpec profile to validate the secure configuration of AWS RDS hosted Crunchy Data PostgreSQL against DISA's Crunchy Data PostgreSQL STIG Version 3 Release 1.
Ruby
•
Other
•1•3•5•0•Updated Feb 6, 2025Feb 6, 2025
secure-coding-case-studies
Public
Case studies of real secure coding issues to provide educators, project leaders, software development teams, and assessment teams insight into these critical issues and show how to avoid them.
1•1•0•0•Updated Feb 6, 2025Feb 6, 2025
saf-training
Public
This repository contains several courses to learn about using and developing SAF capabilities
JavaScript
•
Other
•4•10•10•2•Updated Feb 6, 2025Feb 6, 2025
inspec
Public
InSpec: Auditing and Testing Framework
Ruby
•
Other
•681•4•0•2•Updated Feb 6, 2025Feb 6, 2025
heimdall2
Public
Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.
mitre-saf
TypeScript
•
Other
•61•212•268•56•Updated Feb 6, 2025Feb 6, 2025
inspec-profile-update-action
Public
Automatically update InSpec profiles using the latest version of DISA STIGs and CIS Benchmarks.
HTML
•
Other
•1•8•10•2•Updated Feb 6, 2025Feb 6, 2025
azure-foundations-cis-baseline
Public
InSpec profile to validate an Azure cloud environment to the standards of the CIS Azure Foundations Benchmark
Ruby
•
Other
•0•0•0•0•Updated Feb 5, 2025Feb 5, 2025
tir-docs
Public
Documentation for the TIR project
JavaScript
•
Other
•0•1•0•3•Updated Feb 5, 2025Feb 5, 2025
WaterSHEDS
Public
Jupyter Notebook
•
Other
•0•0•0•0•Updated Feb 5, 2025Feb 5, 2025
train-pwsh
Public
An Inspec transport to connect to a persistent Powershell session
Ruby
•
Other
•0•0•1•0•Updated Feb 4, 2025Feb 4, 2025
saf
Public
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines
mitre mitre-corporation mitre-saf security-automation-framework security json compliance security-automation devsecops
TypeScript
•
Other
•38•141•110•16•Updated Feb 4, 2025Feb 4, 2025
ts-inspec-objects
Public
Typescript objects for InSpec profiles
TypeScript
•
Other
•1•3•7•7•Updated Feb 4, 2025Feb 4, 2025
inspec-pwsh
Public
A resource pack for Inspec that should be used with train-pwsh
Ruby
•
Other
•0•0•1•0•Updated Feb 3, 2025Feb 3, 2025
crunchy-data-postgresql-stig-baseline
Public
InSpec profile for Crunchy Data PostgreSQL Security Technical Implementation Guide :: Version 3, Release: 1 Benchmark Date: 24 Jul 2024
Ruby
•
Other
•3•6•8•2•Updated Feb 3, 2025Feb 3, 2025
iat
Public
Iris Analysis Toolkit
Shell
•
Other
•0•0•0•0•Updated Feb 3, 2025Feb 3, 2025
blue-agave-rey
Public
Activity Set Viewer
TypeScript
•
Apache License 2.0
•0•0•0•0•Updated Feb 2, 2025Feb 2, 2025
chef-workstation
Public
Chef Workstation gives you everything you need to get started with Chef, so you can automate how you audit, configure, and manage applications end environments.
Go
•
Apache License 2.0
•115•0•0•1•Updated Feb 1, 2025Feb 1, 2025
fast-search-for-tlsh
Public
Preprint, with code, for algorithms for fast searches of TLSH digests.
TeX
•
Other
•0•2•0•0•Updated Jan 31, 2025Jan 31, 2025
salsa
Public
A generic framework for on-demand, incrementalized computation. Inspired by adapton, glimmer, and rustc's query system.
Rust
•
Apache License 2.0
•158•0•0•0•Updated Jan 31, 2025Jan 31, 2025
saf_action
Public
GitHub Action for SAF CLI
mitre mitre-corporation mitre-inspec mitre-saf
JavaScript
•
Other
•0•7•5•0•Updated Jan 30, 2025Jan 30, 2025
homebrew-saf
Public
Ruby
•0•1•0•1•Updated Jan 30, 2025Jan 30, 2025
canonical-ubuntu-22.04-lts-stig-baseline
Public
(WIP) InSpec profile to validate the secure configuration of Ubuntu 22.04, against DISA's Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide (STIG) Version 1, Release 1
Ruby
•
Other
•0•0•1•1•Updated Jan 30, 2025Jan 30, 2025
saf-site-backend
Public
Strapi backend for the SAF site
JavaScript
•
Other
•3•5•5•13•Updated Jan 29, 2025Jan 29, 2025
redhat-enterprise-linux-9-stig-baseline
Public
RHEL 9.X STIG Automated Compliance Validation Profile works with Chef InSpec to perform automated compliance checks of RHEL9.
validation redhat inspec mitre mitre-saf redhat9
Ruby
•
Other
•3•6•3•1•Updated Jan 29, 2025Jan 29, 2025
saf-training-lab-environment
Public template
The SAF Training Lab is a GitHub Codespaces environment that makes it quick and easy for you to use, learn and participate in the MITRE Security Automation Framework Training Classes.
saf mitre-corporation mitre-saf saf-training mitre-training
Shell
•
Other
•145•12•1•1•Updated Jan 29, 2025Jan 29, 2025
caldera
Public
Automated Adversary Emulation Platform
hacking cybersecurity mitre red-team security-automation security-testing mitre-attack adversary-emulation caldera mitre-corporation
Python
•
Apache License 2.0
•1.1k•5.8k•58•8•Updated Jan 27, 2025Jan 27, 2025
pickled-canary
Public
Assembly-based binary pattern search!
Rust
•
Apache License 2.0
•3•14•0•1•Updated Jan 27, 2025Jan 27, 2025
vulcan
Public
A web application to streamline the development of STIGs from SRGs
disa compliance inspec stig srg mitre-corporation mitre-inspec compliance-automation
Ruby
•
Other
•18•69•72•7•Updated Jan 26, 2025Jan 26, 2025