redcanaryco/AtomicTestHarnesses redcanaryco/AtomicTestHarnesses

  • Stars
    star
    234
  • Rank 166,583 (Top 4 %)
  • Language
    PowerShell
  • License
    BSD 3-Clause "New...
  • Created over 3 years ago
  • Updated 2 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
redcanaryco/AtomicTestHarnesses
github

redcanaryco

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Public Repo for Atomic Test Harness

AtomicTestHarnesses

AtomicTestHarnesses is a library that simulates and validates attack technique execution. It consists of a Powershell module for running attack techniques on Windows and also a Python package for running on macOS and Linux

The details of a technique can vary from attack to attack; AtomicTestHarnesses accounts for this by allowing you to execute many variations of a technique at once. AtomicTestHarnesses also validates the telemetry generated during execution, so you always know whether your simulations were successful.

Get started

To start testing with AtomicTestHarnesses, see the Getting started page of the wiki.

Learn more

The AtomicTestHarnesses documentation is available as a wiki.

For information about the philosophy and development of the atomic family of projects, visit our website at https://atomicredteam.io.

Check the license for information regarding the distribution and modification of AtomicTestHarnesses.

Contribute to AtomicTestHarnesses

AtomicTestHarnesses currently isn't open to public development. However, you can still contribute to the project by finding and fixing bugs.

You can report bugs and other problems by submitting an issue. If you fixed a bug, let us know by committing your code and opening a pull request.

More Repositories

1

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.
C
9,179
star
2

mac-monitor

Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.
Swift
825
star
3

invoke-atomicredteam

Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.
PowerShell
774
star
4

chain-reactor

Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
C
281
star
5

surveyor

A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.
Python
161
star
6

oxidebpf

A Rust library for managing eBPF programs.
Rust
114
star
7

redcanary-response-utils

Tools to automate and/or expedite response.
Python
112
star
8

redcanary-ebpf-sensor

Red Canary's eBPF Sensor
C
85
star
9

ebpfmon

Go
72
star
10

wwhf

Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.
HTML
64
star
11

exploit-primitive-playground

C
55
star
12

vscode-attack

Visual Studio Code extension for MITRE ATT&CK
TypeScript
49
star
13

public-research

Public repository for Red Canary Research
C
31
star
14

cbapi2

Red Canary Carbon Black API
Python
20
star
15

ansible-atomic-red-team

This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
Shell
19
star
16

cb-response-smb1-utility

A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.
Python
15
star
17

cbconnect-2019

Ruby
7
star
18

openapi

Public API clients for connecting to the Red Canary APIs
Python
7
star
19

rtlshtree

C++
3
star
20

helm-charts

Red Canary's Public Helm Chart Repository
Smarty
1
star