Top 10 adversary-emulation Open-Source Projects

monkey

5 6,487 10.0 Python

Infection Monkey - An open-source adversary emulation platform

Project mention: Security Audit Scan | /r/msp | 2023-06-14

caldera

16 5,182 9.1 Python

Automated Adversary Emulation Platform

Project mention: SOC Malware/Detection lab | /r/cybersecurity | 2023-07-03

Also, for the attack emulation part you might be interested in CALDERA.

InfluxDB

www.influxdata.com featured

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
stratus-red-team

8 1,621 8.7 Go

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
adversary_emulation_library

8 1,545 9.5 C

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Project mention: What adversary emulation options are there nowadays to test SIEMs and IDSs? | /r/AskNetsec | 2023-11-07

Unfortunately I don't have the background and knowledge of cybersecurity needed to plan a pentest of my own. Also, it would be more interesting to emulate the attacks of actual APTs known in the wild. So far, I've tested Caldera, Invoke-AtomicRedTeam and manual tests from CTID's adversary emulation library: https://github.com/center-for-threat-informed-defense/adversary_emulation_library

KubeHound

2 651 9.0 Go

Kubernetes Attack Graph

Project mention: KubeHound: Kubernetes Attack Graph | /r/blueteamsec | 2023-10-09

EnterprisePurpleTeaming

6 622 3.3

Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.
MAAD-AF

15 333 7.6 PowerShell

MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
SaaSHub

www.saashub.com featured

SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
acheron

1 285 6.9 Assembly

indirect syscalls for AV/EDR evasion in Go assembly (by f1zm0)

Project mention: acheron: indirect syscalls for AV/EDR evasion in Go assembly | /r/blueteamsec | 2023-05-07

caldera_pathfinder

3 113 0.0 Python

Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.
AdversaryEmulation

1 99 0.0 Python

MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

adversary-emulation related posts

KubeHound: Kubernetes Attack Graph

1 project | /r/blueteamsec | 9 Oct 2023
SOC Malware/Detection lab

2 projects | /r/cybersecurity | 3 Jul 2023
Security Audit Scan

1 project | /r/msp | 14 Jun 2023
Automated penetration testing software?

2 projects | /r/AskNetsec | 16 May 2023
Endpoint Attack Simulation

1 project | /r/cybersecurity | 24 Feb 2023
Open source security tool to test Microsoft 365 and Azure AD security.

1 project | /r/technology | 24 Feb 2023
Open source security testing tool

1 project | /r/hacking | 23 Feb 2023
A note from our sponsor - InfluxDB
www.influxdata.com | 2 May 2024

Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

What are some of the best open-source adversary-emulation projects? This list will help you:

	Project	Stars
1	monkey	6,487
2	caldera	5,182
3	stratus-red-team	1,621
4	adversary_emulation_library	1,545
5	KubeHound	651
6	EnterprisePurpleTeaming	622
7	MAAD-AF	333
8	acheron	285
9	caldera_pathfinder	113
10	AdversaryEmulation	99