Implant drop-in for EDR testing

BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detections via yaml files

A tool to run and validate telemetry for Atomic Red Team tests

A shrimple guide to deploying the Elastic Stack to create your own local SIEM setup for shrimple Windows event log shipping and analysis; for simulations and more, plus mock DFIR simulations using Atomic Red Team!

Slides, notes and more related to Atomics on a Friday

This project sets up an Active Directory environment and configures Splunk to ingest events from a Windows Server and a target machine. We perform a brute force attack using Kali Linux to observe telemetry and use Atomic Red Team for additional testing. Goals: enhance IT administration skills, event monitoring, and threat detection.

A library of post-exploitation MacOS scripts based on threat emulation, LOObins, CTI, and MITRE ATT&CK.

The lab involves setting up a virtualized environment with Oracle VM VirtualBox, creating Windows 10, Kali Linux, Windows Server, and Ubuntu Server VMs. Tools like Splunk, Sysmon, and Crowbar are used for security testing. Participants configure networks, join Windows to Active Directory, and practice PowerShell scripting.

A Kathara Framework Cyber Lab, for attack and defense emulation

Project for Project 1 course of SoICT - HUST

Hands-on SOC lab showcasing AD attack detection and endpoint hardening using Atomic Red Team, Wazuh, and CIS compliance frameworks.

Create a complete Active Directory lab environment, configure Windows servers, and test security using tools like Kali Linux, Splunk, and Atomic Red Team.

GitHub Action for local execution of Atomic Red Team tests using Invoke-Atomic

Simulated SOC environment using Splunk, Sysmon & Atomic Red Team

A shrimple guide on how to host Active Directory on a Windows 2019 Server using VirtualBox, and how to attack AD using Vulnerable-AD-Plus and Atomic Red Team!

Home Lab for red/blue team practice.

Helper web app for the Atomic Red Team project

Multiplatform scripts used to orchestrate the setup and execution of atomic red team.

The lab involves setting up a virtualized environment with Oracle VM VirtualBox, creating Windows 10, Kali Linux, Windows Server, and Ubuntu Server VMs. Tools like Splunk, Sysmon, and Crowbar are used for security testing. Participants configure networks, join Windows to Active Directory, and practice PowerShell scripting.