Initial acess simulation tests

This page summarizes the projects mentioned and recommended in the original post on /r/redteamsec
mitre Attack mitre-attack stix Cybersecurity

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • atomic-red-team

    Small and highly portable detection tests based on MITRE's ATT&CK.

    • Do some searches for adversary tactics, techniques, and procedures (TTPs) mapped tothe MITRE ATT&CK framework at https://attack.mitre.org/ or go to the website and look at the Groups tab to see some of the TTP IDs for a given group. What you are wanting to do is map a given attack chain to those TTP IDs and note them down. Those IDs are what another poster mentioned for a tool like Red Canary's Atomic Red Team at https://github.com/redcanaryco/atomic-red-team There are other tools that do similar stuff but that is a great suggestion. When you go to the Atomic Red Team "atomics" folder you will see the tests broken down by those TTP IDs you've noted down. So then you can look at the tests. Depending on your test machines you may need to modify them for their specifics, but the the tests should give you enough information to see if you need or want to customize.

  • attack-stix-data

    STIX data representing MITRE ATT&CK

    • Do some searches for adversary tactics, techniques, and procedures (TTPs) mapped tothe MITRE ATT&CK framework at https://attack.mitre.org/ or go to the website and look at the Groups tab to see some of the TTP IDs for a given group. What you are wanting to do is map a given attack chain to those TTP IDs and note them down. Those IDs are what another poster mentioned for a tool like Red Canary's Atomic Red Team at https://github.com/redcanaryco/atomic-red-team There are other tools that do similar stuff but that is a great suggestion. When you go to the Atomic Red Team "atomics" folder you will see the tests broken down by those TTP IDs you've noted down. So then you can look at the tests. Depending on your test machines you may need to modify them for their specifics, but the the tests should give you enough information to see if you need or want to customize.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • ace-firefist

    Attack chain emulator. Write recipes for initial access easily

    • To test initial access with file execution can try something like https://github.com/dobin/ace-firefist

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Mitre ATT&CK: knowledge base of adversary tactics and techniques

    1 project | news.ycombinator.com | 21 Dec 2023

  • Mitre attack framework

    1 project | /r/cissp | 10 Dec 2023

  • PT and VA, how to do it practically?

    1 project | /r/HowToHack | 7 Dec 2023

  • "The Case for Memory Safe Roadmaps" CIA, FBI & Global Cyber Security agencies pan C/C++

    2 projects | /r/cpp | 7 Dec 2023

  • CTF Challenges: Reconnaissance

    1 project | dev.to | 12 Sep 2023