EDR Attack Simulation

• atomic-red-team

  32 9,059 9.7 C

  Small and highly portable detection tests based on MITRE's ATT&CK.

  

Atomic Red Team is one of the more extensive options. Just don't run it on production machines, use it on lab machines that can be wiped after testing is done. https://github.com/redcanaryco/atomic-red-team

• EDR-Telemetry

  4 1,183 7.3 PowerShell

  This project aims to compare and evaluate the telemetry of various EDR products.

You can easily see some of the weak points of each EDR through the telemetry project. Be sure to update it if you find differences. https://github.com/tsale/EDR-Telemetry

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• ThreatSim

  2 11 10.0 Python

  Threat Simulator for Enterprise Networks

Self promotion, but I wrote a tool for doing this in one of my previous positions : https://github.com/joeavanzato/ThreatSim

• APTSimulator

  7 2,371 0.0 Batchfile

  A toolset to make a system look as if it was the victim of an APT attack

  

https://github.com/NextronSystems/APTSimulator is another common choice for this.

• invoke-atomicredteam

  5 767 8.3 PowerShell

  Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.

  

Also, if you want to use Atomic Red Team (which you should), look towards https://github.com/redcanaryco/invoke-atomicredteam, a framework for automating usage of tests through that.

• WorkOS

  workos.com featured

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

Suggest a related project