Leonidas – Automated Attack Simulation In The Cloud, Complete With Detection Use Cases

Leonidas is a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties. These definitions can then be compiled into: A web API exposing each test case as an individual endpoint Sigma rules (https://github.com/Neo23x0/sigma) for detection Documentation –Read More

PurpleSharp – C# Adversary Simulation Tool That Executes Adversary Techniques With The Purpose Of Generating Attack Telemetry In Monitored Windows Environments

Defending enterprise networks against attackers continues to present a difficult challenge for blue teams. Prevention has fallen short; improving detection & response capabilities has proven to be a step in the right direction. However, without the telemetry produced by adversary behavior, building new and testing existing detection capabilities will be constrained.PurpleSharp is an open sourceRead More

BSF – Botnet Simulation Framework

BSF provides a discrete simulation environment to implement and extend peer-to-peer botnets, tweak their settings and allow defenders to evaluate monitoring and countermeasures.SynopsisIn the arms race between botmasters and defenders, the botmasters have the upper hand, as defenders have to react to actions and novel threats introduced by botmasters. The Botnet Simulation Framework (BSF) addressesRead More