Compilation of resources to help with Adversary Simulation automation harness
☆100Aug 7, 2020Updated 5 years ago
Alternatives and similar repositories for AdversarySimulation
Users that are interested in AdversarySimulation are comparing it to the libraries listed below
Sorting:
- ☆15Dec 16, 2020Updated 5 years ago
- ☆14Oct 25, 2019Updated 6 years ago
- Bunch of honey related items that spoof/decoy powersploit functions.☆18Apr 23, 2020Updated 5 years ago
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆843Feb 23, 2026Updated 3 weeks ago
- Targeted Payload Execution☆100Apr 9, 2020Updated 5 years ago
- Ansible playbooks for instrumenting a Red Team environment with RedElk☆52Oct 6, 2020Updated 5 years ago
- Atomic Purple Team Framework and Lifecycle☆299Feb 11, 2021Updated 5 years ago
- Risk Based Alerting Supporting Add-On (SA) for Splunk☆44Oct 28, 2021Updated 4 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆356Nov 3, 2020Updated 5 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,174Jul 26, 2023Updated 2 years ago
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,553Mar 12, 2026Updated last week
- This is a repository that is meant to hold detections for various process injection techniques.☆34Mar 3, 2020Updated 6 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 5 years ago
- BloodHound Cypher Queries Ported to a Jupyter Notebook☆53Jun 20, 2020Updated 5 years ago
- Detect Tactics, Techniques & Combat Threats☆2,268Jan 21, 2026Updated 2 months ago
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆115Mar 26, 2023Updated 2 years ago
- Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.☆66Oct 3, 2020Updated 5 years ago
- C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely☆38Jan 3, 2020Updated 6 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆115May 18, 2020Updated 5 years ago
- This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-…☆87Jul 2, 2019Updated 6 years ago
- Indicator of Compromise Scanner for CVE-2019-19781☆58Mar 25, 2020Updated 5 years ago
- An information security preparedness tool to do adversarial simulation.☆1,137Apr 1, 2019Updated 6 years ago
- ☆37Apr 30, 2020Updated 5 years ago
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆12Apr 18, 2020Updated 5 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆730Jan 21, 2020Updated 6 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆59Apr 1, 2022Updated 3 years ago
- ☆57May 13, 2020Updated 5 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,080Nov 28, 2024Updated last year
- ☆19Oct 23, 2020Updated 5 years ago
- Repository for my ATT&CK analysis research.☆70May 16, 2019Updated 6 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- Re-play Security Events☆1,728Mar 20, 2024Updated 2 years ago
- Test Blue Team detections without running any attack.☆272May 2, 2024Updated last year
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆355Dec 1, 2020Updated 5 years ago
- Microsoft External Attack Tool☆178Dec 8, 2022Updated 3 years ago
- Sunburst IOCs for Splunk Ingest☆18Jan 28, 2021Updated 5 years ago
- Cobalt Strike log state tracking, parsing, and storage☆24Jul 18, 2019Updated 6 years ago
- C# Situational Awareness Script☆34Apr 26, 2019Updated 6 years ago
- Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.☆79Apr 6, 2021Updated 4 years ago