Compilation of resources to help with Adversary Simulation automation harness

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic

Ransomware simulator written in Golang

Threatest is a CLI and Go framework for end-to-end testing threat detection rules.