It’s crazy how many (free!) OSS projects are popping up for threat and attack simulation! We are working on research about Breach and Attack Simulation (BAS) tools, and we’ll certainly mention these projects, buy I thought it would be valuable to provide a list of links on the blog as well. Here are all the projects that I’ve managed to track in the past few weeks.

So what? No excuse to not run some of these and see how your environment and your detection and response practices react. Go ahead and try some of these

 Invoke-Adversary – Simulating Adversary Operations – Windows Security

 GitHub – endgameinc/RTA

 GitHub – guardicore/monkey: Infection Monkey – An automated pentest tool

 GitHub – alphasoc/flightsim: A utility to generate malicious network traffic and evaluate controls

 GitHub – uber-common/metta: An information security preparedness tool to do adversarial simulation.

 GitHub – NextronSystems/APTSimulator: A toolset to make a system look as if it was the victim of an APT attack

 GitHub – mitre/caldera: An automated adversary emulation system

 GitHub – redcanaryco/atomic-red-team: Small and highly portable detection tests based on MITRE’s ATT&CK.

The post Threat Simulation Open Source Projects appeared first on Augusto Barros.

from Augusto Barros https://ift.tt/2vqjKWA
via IFTTT