adversary-emulation

There are 24 repositories under adversary-emulation topic.

• monkey

  guardicore / monkey

  Infection Monkey - An open-source adversary emulation platform

  adversary-emulationinfection-monkeypenetration-testingsecurity-automationsecurity-tools
  Language:Python 6705
• caldera

  mitre / caldera

  Automated Adversary Emulation Platform

  adversary-emulationcalderacybersecurityhackingmitremitre-attackmitre-corporationred-teamsecurity-automationsecurity-testing
  Language:Python 5737

• DataDog / stratus-red-team

  :cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

  awsadversary-emulationpurple-teammitre-attackcloud-securitycloud-native-securitydetection-engineeringthreat-detectionsecurityaws-securityazure-securitykubernetes-securitygcp-security
  Language:Go 1868

• center-for-threat-informed-defense / adversary_emulation_library

  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

  adversary-emulationadversary-emulation-plansctidcyber-threat-intelligencecybersecuritymitre-attackred-teamthreat-informed-defense
  Language:C 1741

• nshalabi / ATTACK-Tools

  Utilities for MITRE™ ATT&CK

  mitre-attackmitreadversary-emulationredteamingredteam
  Language:HTML 1011

• DataDog / KubeHound

  Tool for building Kubernetes attack paths

  adversary-emulationattack-graphattack-pathscloud-native-securityexploitkuberneteskubernetes-securitymitre-attackpurple-teamred-teamsecurity-auditsecurity-automationsecurity-tools
  Language:Go 801

• ch33r10 / EnterprisePurpleTeaming

  Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.

  adversaryadversary-emulationadversary-simulationadversaryemulationpurple-teampurpleteamred-teamredteam
  640

• vectra-ai-research / MAAD-AF

  MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).

  adversary-emulationmicrosoftmicrosoft-azure-securitypowershellsecuritycloud-securitymitrered-teamsecurity-testingazureadcloud-administrationmicrosoft365identity-access-managementmicrosoft-graphttpentra-id
  Language:PowerShell 363
• hades

  f1zm0 / hades

  Go shellcode loader that combines multiple evasion techniques

  adversary-emulationav-evasionedr-evasionevasiongolangntapintdlloffensive-securitypentestingred-teamingsyscalls
  Language:Go 356

• f1zm0 / acheron

  indirect syscalls for AV/EDR evasion in Go assembly

  evasionadversary-emulationav-evasionedr-bypassedr-evasionmalware-researchoffensive-securityred-teamred-teamingassemblygogolang
  Language:Assembly 312

• mitre / caldera-ot

  MITRE Caldera™ for OT Plugins & Capabilities

  adversary-emulationbacnetcalderacybersecuritydnp3mitremitre-attackmitre-corporationmodbusoperational-technologyotprofinet
  200

• password-reset / Invoke-Apex

  A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

  adversary-emulationmitre-attackoffensive-securitypentestingpowershellredteam
  Language:PowerShell 182

• Ixve / Red-Team-Tools

  Repo containing cracked red teaming tools.

  adversaryadversary-emulationadversary-simulationbackdoorbackdoorsc2command-and-controlpenetration-testingpenetration-testing-toolspentestpentest-toolpentest-toolspentestingratred-teamred-team-toolsred-teamingred-teaming-toolsremote-controltrojan
  Language:Batchfile 128

• center-for-threat-informed-defense / caldera_pathfinder

  Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.

  adversary-emulationcalderactidcybersecurityred-teamthreat-informed-defense
  Language:Python 123

• maddev-engenuity / AdversaryEmulation

  MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository

  adversary-emulationmitre-attacklabstraining-materials
  Language:Python 110

• jwillyamz / ezEmu

  See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)

  purpleteamadversary-emulationsecurity-testinglinux-securitymitre-attack
  Language:C# 101

• Sam0x90 / CTI

  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on

  adversary-emulationadversary-simulationctipurpleteamthreat-intelligence
  Language:PowerShell 81

• NVISOsecurity / cyber-security-llm-agents

  A collection of agents that use Large Language Models (LLMs) to perform tasks common on our day to day jobs in cyber security.

  adversary-emulationaicalderacybersecurityinfosecllm
  Language:Jupyter Notebook 63

• pygrum / monarch

  Monarch - The Adversary Emulation Toolkit

  c2command-and-controlgolangred-team-engagementred-teamingsecurity-toolsadversary-emulationimplantred-team
  Language:Go 61
• adversarial-threat-modelling

  ssnkhan / adversarial-threat-modelling

  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop

  threat-intelligencemitre-attackpurpleteamadversary-emulationadversary-simulationctiredteamblueteam
  57

• MythicStack / Python-Security-Tool-Database

  Solid Python toolkit for those in the security industry. Some by me, most by smarter people.

  hackingsecurity-toolsadversary-emulationadversary-simulationawesome-listcybersecurityinformation-gatheringinfosecosintpenetration-testing-toolspython
  56
• manticore-cli

  Manticore-Platform / manticore-cli

  Manticore Adversary Emulation Cli

  adversary-emulationredteamredteam-toolsredteamer
  Language:Go 46

• attackevals / ael

  ATT&CK Evaluations Library

  adversary-emulationattackattack-evaluationscybersecuritymitre-attackmitre-engenuitypurple-teamred-team
  Language:C 42

• hideckies / hermit

  A command and control framework.

  adversary-emulationc2command-and-controlimplantredteam
  Language:C++ 37

• VVX7 / nicodemus

  A cross-platform Nim implant for Prelude Operator

  nimpneumaadversary-emulationred-teamimplantoperatorredteamratost
  Language:Nim 32

• mitre / emu

  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense

  adversary-emulationcaldera-plugincaldera
  Language:Python 29

• TartarusLabs / Coyote

  Coyote is a standalone C# post-exploitation implant for maintaining access to compromised Windows infrastructure during red team engagements using DNS tunneling.

  adversary-emulationbackdoorc2command-and-controlcovert-channeldns-tunnelingimplantpenetration-testingpost-exploitationred-teamred-teamingsecurity
  Language:C# 19

• AutomoxSecurity / iShelly

  A tool to generate macOS initial access vectors using Prelude Operator payloads

  macospreludepurpleteamadversary-emulationadversary-simulationoperatorinitial-access
  Language:Python 17

• center-for-threat-informed-defense / m3tid

  The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activities associated with its practice.

  adversary-emulationctidcyber-threat-intelligencecybersecuritydetection-engineeringmitre-attackthreat-informed-defense
  Language:Makefile 12

• mehgrmlhmpf / AttackGraphGeneratorMasterThesis

  This work shows the viability of automatically generated attack graphs that are used for adversary behavior execution in industrial control system environments. This viability is evaluated and confirmed with expert interviews about results of this thesis, generated attack graphs and an implemented prototype.

  adversary-emulationattack-graphsmitre-attackics-securityics
  12

• TartarusLabs / Expeditus

  Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.

  adversary-emulationamsi-bypassamsi-evasioncode-injectiondropperpenetration-testingprocess-injectionred-teamred-teamingsecurityshellcode-injectionshellcode-loader
  Language:C# 12

• Manticore-Platform / public-threats

  Manticore's Public Threats Repository

  threat-sharingthreatadversary-emulation
  10

• hckops / hckctl

  The Security Automation Toolkit

  adversarial-attacksadversary-emulationbugbountydevsecopshackingmitre-attackpentestingpwnboxsecurity-automation
  Language:Go 8

• soheilsec / APT-28-Simulation

  شبیه سازی حمله گروه هکرهای دولتی منتسب به روسیه APT 28

  adversary-emulationadversary-simulationapt28redteam
  7

• Manticore-Platform / public-scenarios

  Manticore's Public Threat Scenarios

  redteamscenariosadversary-emulation
  6

• smeukinou / QRGrabber

  Sliver Extension to monitor target's screen and automatically grab QRCodes displayed during MFA enrollement

  adversary-emulationc2red-teamsliver
  Language:C++ 3