caldera
Ghostwriter
Our great sponsors
| caldera | Ghostwriter | |
|---|---|---|
| 16 | 2 | |
| 5,175 | 1,179 | |
| 3.0% | 2.8% | |
| 9.2 | 9.4 | |
| 6 days ago | 6 days ago | |
| Python | Python | |
| Apache License 2.0 | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
caldera
-
SOC Malware/Detection lab
Also, for the attack emulation part you might be interested in CALDERA.
- Automated penetration testing software?
-
Endpoint Attack Simulation
Mitre made Caldera to drive this. https://github.com/mitre/caldera
- Testing an XDR solution
-
Do you know the Mitre tool "Caldera"? How can I build a plugin for it?
Did you join the Slack and ask your question there, or on the discussion forum? The CALDERA team will answer... (both links are at https://caldera.mitre.org/)
- New blue team
- Attack simulation tool based on CVE
-
Attack Chain/Exploitation Path Diagram Generation Tools?
There's also a plugin for Caldera (https://github.com/mitre/caldera) called Pathfinder (https://github.com/center-for-threat-informed-defense/caldera_pathfinder and https://www.youtube.com/watch?v=gQRWkHFRG-s) that can help.
- Malware testing service/site for our EDR Testing of SentinelOne
- Worm/ Replicating virus for demonstrating spread/lateral movement through a network.
Ghostwriter
-
How do you make writing reports more pleasant?
We used Serpico for a long time, even after they stopped supporting it. Finally, we switched over to Ghostwriter, and it's been pretty good for us.
-
Red Team Equipment for Budget Proposal
For software, pretty much everything you might need to start out is available as open source. Besides the actual testing stuff, don't forget to look at tools to facilitate collaboration + reporting (highly recommend looking at https://github.com/GhostManager/Ghostwriter). Also checkout: https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
What are some alternatives?
Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
mediator - An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
Empire - Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
kubestriker - A Blazing fast Security Auditing tool for Kubernetes
CTF-Difficulty - This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
Awesome-Red-Teaming - List of Awesome Red Teaming Resources
Incident-Playbook - GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
ShonyDanza - A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
WSLab - Azure Stack HCI, Windows 10 and Windows Server rapid lab deployment scripts
Kraken - Kraken, a modular multi-language webshell coded by @secu_x11
can-i-take-over-xyz - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
DumpsterFire - "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.