There are 6 repositories under adversary-simulation topic.
PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Collection of OPSEC Tradecraft and TTPs for Red Team Operations
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
This lightweight C# demo application showcases interactive remote shell access via named pipes and the SMB protocol.
A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.
Repo containing cracked red teaming tools.
Solid Python toolkit for those in the security industry. Some by me, most by smarter people.
Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"
PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpose of generating attack telemetry in properly monitored Windows enterprise environments
A tool to generate macOS initial access vectors using Prelude Operator payloads
A post-exploitation toolkit to simulate the weaponization and detection of native Windows binaries based on LOLBas framework.
Computer Network Exploitation (CNE) Field Manual
Dumping ground for attacker example exploit scripts. Use for adversary simulation workshop
Ansible playbook to invoke red-canary. Used for adversary simulation.
An REST API client library for Prelude Operator.
AtomicThreatProfile is a Python script that creates custom adversary profiles for use in Caldera using json formatted data from Control Validation Compass
PurpleSharpEnhanced is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments