Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated daily. Showcased at BlackHat Europe 2025 Arsenal.

Python framework for automated STRIDE threat modeling as code — MITRE ATT&CK mapping, D3FEND mitigations, Attack Flow, CAPEC, severity scoring, SVG/HTML reports & MITRE Navigator layers. DevSecOps & CI/CD ready.

My PhD thesis in Computer Science and related resources: "An Ontological Approach to Security Modeling" (Free University of Bozen-Bolzano)

Express IaC resources as d3fend graphs.

An Ontological Analysis and Redesign of the D3FEND Cybersecurity Model

Correlates CVEs across 8 security frameworks (CWE, CAPEC, ATT&CK, D3FEND, OWASP, CISA KEV, Vulnrichment SSVC, APT Groups). Interactive web interface with dark/light theme. Automated via GitHub Actions.

A collection of tools & guides for the planning and implementation of MITRE D3FEND. This repository is independent research and is not an official nor a sanctioned MITRE D3FEND resource.

Archi-D3FEND test

A collection of Large Language Model (LLM) prompts helpful for various cybersecurity tasks.