Attack simulation tool based on CVE

This page summarizes the projects mentioned and recommended in the original post on /r/redteamsec
mitre adversary-emulation Cybersecurity mitre-attack caldera

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • atomic-red-team

    Small and highly portable detection tests based on MITRE's ATT&CK.

    • A lot of tools exist for testing and it depends on what you want to test for which is the right thing. MITRE Atomic Red Team for example will test via PowerShell on a SOE, https://github.com/redcanaryco/atomic-red-team and includes payloads that it calls over the network from GitHub for example.

  • nuclei-templates

    Community curated list of templates for the nuclei engine to find security vulnerabilities.

    • Nmap can run scripts that trigger NIPS, as does Nuclei. https://nmap.org/ & https://github.com/projectdiscovery/nuclei you can look at a list of vuln scanners here. https://owasp.org/www-community/Vulnerability_Scanning_Tools. Nessus would be a common one to look at for Enterprise. Rapid 7, Qualys.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • caldera

    Automated Adversary Emulation Platform

  • caldera_pathfinder

    Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Testing an XDR solution

    3 projects | /r/blueteamsec | 1 Jan 2023

  • SOC Malware/Detection lab

    2 projects | /r/cybersecurity | 3 Jul 2023

  • Automated penetration testing software?

    2 projects | /r/AskNetsec | 16 May 2023

  • Initial acess simulation tests

    4 projects | /r/redteamsec | 24 Mar 2023

  • Endpoint Attack Simulation

    1 project | /r/cybersecurity | 24 Feb 2023