• Stars
    star
    1,329
  • Rank 35,342 (Top 0.7 %)
  • Language
  • Created over 7 years ago
  • Updated 7 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios

VECTR documentation: https://docs.vectr.io

VECTR Community Discord Channel: https://discord.gg/2FRd8zf728

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios. VECTR provides the ability to create assessment groups, which consist of a collection of Campaigns and supporting Test Cases to simulate adversary threats. Campaigns can be broad and span activity across the kill chain, from initial compromise to privilege escalation and lateral movement and so on, or can be a narrow in scope to focus on specific detection layers, tools, and infrastructure. VECTR is designed to promote full transparency between offense and defense, encourage training between team members, and improve detection & prevention success rate across the environment.

VECTR is focused on common indicators of attack and behaviors that may be carried out by any number of threat actor groups, with varying objectives and levels of sophistication. VECTR can also be used to replicate the step-by-step TTPs associated with specific groups and malware campaigns, however its primary purpose is to replicate attacker behaviors that span multiple threat actor groups and malware campaigns, past, present and future. VECTR is meant to be used over time with targeted campaigns, iteration, and measurable enhancements to both red team skills and blue team detection capabilities. Ultimately the goal of VECTR is to make a network resilient to all but the most sophisticated adversaries and insider attacks.

VECTR Heatmap

Historial Trending

Data Import

Attack Escalation Graph

Attack Automation

Getting Started

See the Install Guide.

Supported Platforms

  • Current Ubuntu LTS Releases (18.04 - 22.04)

Community support is primarily limited to Ubuntu LTS Releases. If you encounter issues feel free to open an issue on GitHub or join us on Discord.

VECTR should run in most containerization environments. If in enterprise we recommend consulting your Infrastructure/Containerization team for guidance. Or reach out directly via the contact form at bottom of page for a consulting engagement.

Please read the instructions carefully for Upgrading a VECTR instance.

Browsers

Most modern browsers, such as Chrome, Firefox, Edge (Chromium) up to two prior releases are supported. We recommend using the latest of either:

  • Chrome
  • Firefox

General

  • Presentation layer built on Vue 3 with some legacy AngularJS components.
  • GraphQL API
  • Support for TLS endpoints (VECTR Community Edition will auto-generate an untrusted self-signed cert or can be supplied with certs).

Contributors

  • Galen Fisher
  • Ryan Fortin
  • James Geraghty
  • Zara Gunner
  • Dan Guzek
  • Patrick Hislop
  • Daniel Hong
  • Fevzi Kipici
  • Bhavika Patel
  • Paul Spencer
  • Carl Vonderheid
  • Phil Wainwright

Security Risk Advisors

License

Please see the EULA

Atomic Red LICENSE

More Repositories

1

cmd.jsp

A super small jsp webshell with file upload capabilities.
Java
281
star
2

msspray

Password attacks and MFA validation against various endpoints in Azure and Office 365
Python
142
star
3

RedTeamSIEM

Repository of resources for configuring a Red Team SIEM using Elastic
Shell
97
star
4

TALR

Threat Alert Logic Repository
Shell
89
star
5

PDBlaster

Python
48
star
6

letItGo

Enumerate and check domains for Azure tenants
Go
43
star
7

indexes

Test case indexes
35
star
8

dredd

Automated detection rule analysis utility
Python
29
star
9

ATTiRe

Attack Tool Timing and Reporting - Structured Attack Logging Format
20
star
10

logstash-input-okta_system_log

Create Logstash events from the Okta API!
Ruby
19
star
11

Burp-Load-Balancer-Cookie-Scanner

Burp extension to find and decode BigIP and Netscaler cookies
Java
15
star
12

sra-taxii2-server

TAXII 2.0 Server implemented in Node JS with MongoDB backend
JavaScript
11
star
13

mitreevalsdb

MITRE Evaluations Database
HTML
9
star
14

logstash-input-okta_enterprise

Ruby
8
star
15

Struts-Checker

Proof of concept Apache Struts/JAR identification and versioning tool for *nix platforms.
Shell
8
star
16

SHADOWSTAR

Internet registry shadowing service
Python
8
star
17

invoke-atomic-attire-logger

ATTiRe logging for Invoke-Atomicredteam
PowerShell
8
star
18

vectr-tools

Sample tools for use with VECTR
Python
6
star
19

wireguard_remote_access

A python(3) script for managing a remote access Wireguard VPN server
Python
6
star
20

covid19-payloads

Phishing payloads for simulating itw COVID-19 related attacks and CTI export for tracking with VECTR
VBA
5
star
21

DMA-offsets

Python
5
star
22

dnstwist-monitor

Monitor client domains for typosquatting attacks using dnstwist + AWS
Python
5
star
23

lifesciences-index

Life Sciences Threat Index
4
star
24

timberlake

AWS attack automation utility
Python
4
star
25

llmnr-sphinx

Ask questions of your network to find a rogue LLMNR server.
Python
3
star
26

sra-stix2-validator

stix2 schema validation for Node JS
JavaScript
3
star
27

marketmaker

Python
3
star
28

repoharvester

Harvest email addresses from commit entries from Github -- faster
Go
2
star
29

azure-security-tools

A collection of tools for azure security
2
star
30

sra-taxii2-server-model

Mongoose model for SRA Taxii 2.0 ecosystem. Shared data model and access across services for ease of maintenance.
JavaScript
1
star
31

sra-taxii2-manager-server

TAXII2 server manager for sra-taxii2-server, provides initial auth management and CRUD operations for TAXII2 server pieces
JavaScript
1
star
32

GetInTheBox

HCL
1
star
33

logstash-input-box_enterprise

A plugin to pull enterprise events from box.com.
Ruby
1
star
34

pdcd

Tool that orchestrates executing Docker containers to build payloads
Python
1
star
35

vectr-sql-migration

A tool to migrate VECTR data from 8.x to 9.x
1
star