caldera_pathfinder
SILENTTRINITY
caldera_pathfinder | SILENTTRINITY | |
---|---|---|
3 | 2 | |
118 | 2,144 | |
4.2% | - | |
3.3 | 3.4 | |
26 days ago | 6 months ago | |
Python | Boo | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
caldera_pathfinder
- Attack simulation tool based on CVE
-
Attack Chain/Exploitation Path Diagram Generation Tools?
There's also a plugin for Caldera (https://github.com/mitre/caldera) called Pathfinder (https://github.com/center-for-threat-informed-defense/caldera_pathfinder and https://www.youtube.com/watch?v=gQRWkHFRG-s) that can help.
-
Guidance on certs in Cybersecurity Field
Pathfinder: https://github.com/center-for-threat-informed-defense/caldera_pathfinder
SILENTTRINITY
- Guidance on certs in Cybersecurity Field
-
Cobalt Strike detection
You're certainly right that it doesn't need an XML extension. But it also frequently will due to many tools using it by default (e.g. line 13 in https://github.com/byt3bl33d3r/SILENTTRINITY/blob/master/silenttrinity/core/teamserver/stagers/msbuild.py).
What are some alternatives?
Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
Starkiller - Starkiller is a Frontend for PowerShell Empire.
Empire - Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
caldera - Automated Adversary Emulation Platform
bzar - A set of Zeek scripts to detect ATT&CK techniques.
attack-flow - Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
Atomic-Red-Team-Intelligence-C2 - ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
tram - TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CKĀ®.
Automata - Automatic detection engineering technical state compliance