adversary-emulation

There are 25 repositories under adversary-emulation topic.

• monkey

  guardicore / monkey

  Infection Monkey - An open-source adversary emulation platform

  adversary-emulationinfection-monkeypenetration-testingsecurity-automationsecurity-tools
  Language:Python 6751
• caldera

  mitre / caldera

  Automated Adversary Emulation Platform

  adversary-emulationcalderacybersecurityhackingmitremitre-attackmitre-corporationred-teamsecurity-automationsecurity-testing
  Language:Python 5932

• DataDog / stratus-red-team

  :cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

  awsadversary-emulationpurple-teammitre-attackcloud-securitycloud-native-securitydetection-engineeringthreat-detectionsecurityaws-securityazure-securitykubernetes-securitygcp-security
  Language:Go 1944

• center-for-threat-informed-defense / adversary_emulation_library

  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

  adversary-emulationadversary-emulation-plansctidcyber-threat-intelligencecybersecuritymitre-attackred-teamthreat-informed-defense
  Language:C 1828

• nshalabi / ATTACK-Tools

  Utilities for MITRE™ ATT&CK

  mitre-attackmitreadversary-emulationredteamingredteam
  Language:HTML 1020

• DataDog / KubeHound

  Tool for building Kubernetes attack paths

  adversary-emulationattack-graphattack-pathscloud-native-securityexploitkuberneteskubernetes-securitymitre-attackpurple-teamred-teamsecurity-auditsecurity-automationsecurity-tools
  Language:Go 827

• ch33r10 / EnterprisePurpleTeaming

  Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.

  adversaryadversary-emulationadversary-simulationadversaryemulationpurple-teampurpleteamred-teamredteam
  643

• vectra-ai-research / MAAD-AF

  MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).

  adversary-emulationazureadcloud-administrationcloud-securityentra-ididentity-access-managementmicrosoftmicrosoft-azure-securitymicrosoft-graphmicrosoft365mitrepowershellred-teamsecuritysecurity-testingttp
  Language:PowerShell 371
• hades

  f1zm0 / hades

  Go shellcode loader that combines multiple evasion techniques

  adversary-emulationav-evasionedr-evasionevasiongolangntapintdlloffensive-securitypentestingred-teamingsyscalls
  Language:Go 362

• f1zm0 / acheron

  indirect syscalls for AV/EDR evasion in Go assembly

  evasionadversary-emulationav-evasionedr-bypassedr-evasionmalware-researchoffensive-securityred-teamred-teamingassemblygogolang
  Language:Assembly 326

• mitre / caldera-ot

  MITRE Caldera™ for OT Plugins & Capabilities

  adversary-emulationbacnetcalderacybersecuritydnp3mitremitre-attackmitre-corporationmodbusoperational-technologyotprofinet
  205

• password-reset / Invoke-Apex

  A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.

  redteampentestingmitre-attackoffensive-securitypowershelladversary-emulation
  Language:PowerShell 184

• Ixve / Red-Team-Tools

  Repo containing cracked red teaming tools.

  adversaryadversary-emulationadversary-simulationbackdoorbackdoorsc2command-and-controlpenetration-testingpenetration-testing-toolspentestpentest-toolpentest-toolspentestingratred-teamred-team-toolsred-teamingred-teaming-toolsremote-controltrojan
  Language:Batchfile 152

• center-for-threat-informed-defense / caldera_pathfinder

  Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.

  cybersecuritythreat-informed-defensered-teamctidadversary-emulationcaldera
  Language:Python 126

• maddev-engenuity / AdversaryEmulation

  MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository

  adversary-emulationlabsmitre-attacktraining-materials
  Language:Python 112

• jwillyamz / ezEmu

  See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)

  purpleteamadversary-emulationsecurity-testinglinux-securitymitre-attack
  Language:C# 102

• NVISOsecurity / cyber-security-llm-agents

  A collection of agents that use Large Language Models (LLMs) to perform tasks common on our day to day jobs in cyber security.

  adversary-emulationaicalderacybersecurityinfosecllm
  Language:Jupyter Notebook 90

• Sam0x90 / CTI

  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on

  adversary-emulationadversary-simulationctipurpleteamthreat-intelligence
  Language:PowerShell 81
• adversarial-threat-modelling

  ssnkhan / adversarial-threat-modelling

  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop

  adversary-emulationadversary-simulationblueteamcbestctidoramitre-attackpurpleteamredteamthreat-intelligencetiber-eu
  Language:Jupyter Notebook 67

• pygrum / monarch

  Monarch - The Adversary Emulation Toolkit

  c2command-and-controlgolangred-team-engagementred-teamingsecurity-toolsadversary-emulationimplantred-team
  Language:Go 60

• attackevals / ael

  ATT&CK Evaluations Library

  adversary-emulationattackattack-evaluationscybersecuritymitre-attackmitre-engenuitypurple-teamred-team
  Language:C 59

• MythicStack / Python-Security-Tool-Database

  Solid Python toolkit for those in the security industry. Some by me, most by smarter people.

  hackingsecurity-toolsadversary-emulationadversary-simulationawesome-listcybersecurityinformation-gatheringinfosecosintpenetration-testing-toolspython
  57

• hideckies / hermit

  A command and control framework.

  adversary-emulationc2command-and-controlredteamimplant
  Language:C++ 48
• manticore-cli

  Manticore-Platform / manticore-cli

  Manticore Adversary Emulation Cli

  adversary-emulationredteamredteam-toolsredteamer
  Language:Go 47

• VVX7 / nicodemus

  A cross-platform Nim implant for Prelude Operator

  nimpneumaadversary-emulationred-teamimplantoperatorredteamratost
  Language:Nim 32

• mitre / emu

  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense

  adversary-emulationcalderacaldera-plugin
  Language:Python 30

• TartarusLabs / Coyote

  Coyote is a standalone C# post-exploitation implant for maintaining access to compromised Windows infrastructure during red team engagements using DNS tunneling.

  adversary-emulationbackdoorc2command-and-controlcovert-channeldns-tunnelingimplantpenetration-testingpost-exploitationred-teamred-teamingsecurity
  Language:C# 19

• AutomoxSecurity / iShelly

  A tool to generate macOS initial access vectors using Prelude Operator payloads

  macospreludepurpleteamadversary-emulationadversary-simulationoperatorinitial-access
  Language:Python 17

• center-for-threat-informed-defense / m3tid

  The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activities associated with its practice.

  adversary-emulationctidcyber-threat-intelligencecybersecuritydetection-engineeringmitre-attackthreat-informed-defense
  Language:Makefile 15

• mehgrmlhmpf / AttackGraphGeneratorMasterThesis

  This work shows the viability of automatically generated attack graphs that are used for adversary behavior execution in industrial control system environments. This viability is evaluated and confirmed with expert interviews about results of this thesis, generated attack graphs and an implemented prototype.

  adversary-emulationattack-graphsmitre-attackics-securityics
  12

• TartarusLabs / Expeditus

  Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.

  adversary-emulationamsi-bypassamsi-evasioncode-injectiondropperpenetration-testingprocess-injectionred-teamred-teamingsecurityshellcode-injectionshellcode-loader
  Language:C# 12

• Manticore-Platform / public-threats

  Manticore's Public Threats Repository

  adversary-emulationthreatthreat-sharing
  10

• hckops / hckctl

  The Security Automation Toolkit

  devsecopshackingpentestingadversary-emulationsecurity-automationadversarial-attacksmitre-attackpwnboxbugbounty
  Language:Go 8

• soheilsec / APT-28-Simulation

  شبیه سازی حمله گروه هکرهای دولتی منتسب به روسیه APT 28

  adversary-emulationadversary-simulationapt28redteam
  7

• Manticore-Platform / public-scenarios

  Manticore's Public Threat Scenarios

  redteamscenariosadversary-emulation
  6

• smeukinou / QRGrabber

  Sliver Extension to monitor target's screen and automatically grab QRCodes displayed during MFA enrollement

  adversary-emulationc2red-teamsliver
  Language:C++ 4