redcanaryco/AtomicTestHarnesses external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

redcanaryco/AtomicTestHarnesses

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/redcanaryco/AtomicTestHarnesses)

Close

redcanaryco / AtomicTestHarnessesView on GitHubMore

• External links
• Readme badge

Public Repo for Atomic Test Harness

☆284Apr 8, 2025Updated 10 months ago

Alternatives and similar repositories for AtomicTestHarnesses

Users that are interested in AtomicTestHarnesses are comparing it to the libraries listed below

• redcanaryco / invoke-atomicredteam

  View on GitHub
  Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…
  ☆1,010Sep 8, 2025Updated 5 months ago
• mvelazc0 / PurpleSharp

  View on GitHub
  PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…
  ☆843Feb 23, 2026Updated last week
• bohops / GhostBuild

  View on GitHub
  GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects
  ☆251Sep 26, 2020Updated 5 years ago
• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆786Feb 22, 2026Updated last week
• ion-storm / sysmon-edr

  View on GitHub
  Sysmon EDR POC Build within Powershell to prove ability.
  ☆223May 1, 2021Updated 4 years ago
• atc-project / atomic-threat-coverage

  View on GitHub
  Actionable analytics designed to combat threats
  ☆1,005May 25, 2022Updated 3 years ago
• jwillyamz / ezEmu

  View on GitHub
  See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
  ☆108Feb 12, 2023Updated 3 years ago
• edoardogerosa / sentinel-attack

  View on GitHub
  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
  ☆1,078Nov 28, 2024Updated last year
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,725Mar 20, 2024Updated last year
• center-for-threat-informed-defense / adversary_emulation_library

  View on GitHub
  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
  ☆2,072May 28, 2025Updated 9 months ago
• two06 / AMSI_Handler

  View on GitHub
  Automate AV evasion by calling AMSI
  ☆88May 31, 2023Updated 2 years ago
• lorentzenman / sheepl

  View on GitHub
  Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environments
  ☆401Feb 27, 2024Updated 2 years ago
• mandiant / SilkETW

  View on GitHub
  ☆825Jun 1, 2023Updated 2 years ago
• cyberdefenders / DetectionLabELK

  View on GitHub
  DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
  ☆573Dec 12, 2021Updated 4 years ago
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,264Jan 21, 2026Updated last month
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,517Jan 24, 2023Updated 3 years ago
• outflanknl / Ps-Tools

  View on GitHub
  Ps-Tools, an advanced process monitoring toolkit for offensive operations
  ☆355Dec 1, 2020Updated 5 years ago
• darmado / Atomic-Red-Team-C2

  View on GitHub
  ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabili…
  ☆178Feb 14, 2026Updated 2 weeks ago
• improsec / ImproHound

  View on GitHub
  Identify the attack paths in BloodHound breaking your AD tiering
  ☆326Nov 6, 2022Updated 3 years ago
• OTRF / SimuLand

  View on GitHub
  Cloud Templates and scripts to deploy mordor environments
  ☆129Mar 3, 2021Updated 5 years ago
• airbus-cert / Invoke-Bof

  View on GitHub
  Load any Beacon Object File using Powershell!
  ☆260Dec 9, 2021Updated 4 years ago
• MichaelKoczwara / Awesome-CobaltStrike-Defence

  View on GitHub
  Defences against Cobalt Strike
  ☆1,296Jul 14, 2022Updated 3 years ago
• jokezone / Update-Sysmon

  View on GitHub
  This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
  ☆83Mar 20, 2023Updated 2 years ago
• vadim-hunter / Detection-Ideas-Rules

  View on GitHub
  Detection Ideas & Rules repository.
  ☆178Sep 10, 2021Updated 4 years ago
• whickey-r7 / grab_beacon_config

  View on GitHub
  ☆451Aug 4, 2021Updated 4 years ago
• theflakes / reg_hunter

  View on GitHub
  Blueteam operational triage registry hunting/forensic tool.
  ☆149Sep 2, 2025Updated 6 months ago
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆2,987Aug 21, 2024Updated last year
• trustedsec / SysmonCommunityGuide

  View on GitHub
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,372Feb 10, 2026Updated 3 weeks ago
• ScarredMonk / SysmonSimulator

  View on GitHub
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆864Jan 20, 2022Updated 4 years ago
• Cyb3r-Monk / Threat-Hunting-and-Detection

  View on GitHub
  Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
  ☆804Jan 14, 2026Updated last month
• michaelweber / Macrome

  View on GitHub
  Excel Macro Document Reader/Writer for Red Teamers & Analysts
  ☆524Feb 1, 2022Updated 4 years ago
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,908Jul 6, 2024Updated last year
• mnemonic-no / SNIcat

  View on GitHub
  SNIcat
  ☆128Aug 19, 2021Updated 4 years ago
• bats3c / shad0w

  View on GitHub
  A post exploitation framework designed to operate covertly on heavily monitored environments
  ☆2,168Sep 29, 2021Updated 4 years ago
• NextronSystems / APTSimulator

  View on GitHub
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,714Sep 23, 2025Updated 5 months ago
• SpecterOps / at-ps

  View on GitHub
  Adversary Tactics - PowerShell Training
  ☆1,606Jan 22, 2020Updated 6 years ago
• mkorman90 / sysmon-config-bypass-finder

  View on GitHub
  Detect possible sysmon logging bypasses given a specific configuration
  ☆111Dec 26, 2018Updated 7 years ago
• timfrazier1 / AdversarySimulation

  View on GitHub
  Compilation of resources to help with Adversary Simulation automation harness
  ☆100Aug 7, 2020Updated 5 years ago
• cyberark / Evasor

  View on GitHub
  A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies
  ☆325Apr 8, 2023Updated 2 years ago