Red Team Automation (RTA)
Red Team Automation (RTA) is a framework of Python scripts designed to help blue teams test their detection capabilities against malicious tradecraft modeled after MITRE ATT&CK tactics. The framework consists of Python scripts that generate evidence of over 50 different ATT&CK tactics, along with a compiled binary application that performs activities such as file timestopping, process injections, and beacon simulation. RTA attempts to perform actual malicious activities where possible, while emulating all or parts of activities in other cases. For lateral movement testing, the framework defaults to targeting localhost but supports parameters for multi-host testing scenarios. The tool includes capabilities for renaming executables such as cmd.exe or python.exe to simulate scenarios where Windows binaries appear to be performing non-standard activities. Installation requires Python 2.7 and involves downloading the repository from GitHub, extracting contents to a designated folder, and optionally downloading additional files to the bin subdirectory for enhanced functionality.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
A suite of tools for Wi-Fi network security assessment and penetration testing.
AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
Interactive online malware sandbox for real-time analysis and threat intelligence
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.