Stratus Red Team is a cloud-focused attack simulation framework that enables security professionals to emulate offensive techniques in cloud environments. The tool provides a self-contained Go binary that implements granular attack techniques mapped to the MITRE ATT&CK framework. It allows users to execute individual attack scenarios in a controlled manner without requiring complex setup or infrastructure. The framework focuses specifically on cloud attack techniques, providing an "Atomic Red Team" approach for cloud security testing. Each attack technique is designed to be self-contained and can be executed independently. Installation options include Homebrew for macOS users, Docker images for containerized deployments, and pre-built binaries for direct execution. The tool supports various cloud platforms and attack vectors commonly used in cloud environments. The framework maps its attack techniques to MITRE ATT&CK tactics and techniques, providing standardized categorization and reference points for security teams conducting red team exercises or security assessments.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
A suite of tools for Wi-Fi network security assessment and penetration testing.
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
Interactive online malware sandbox for real-time analysis and threat intelligence
A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.
A digital archive of the internet, allowing users to capture and browse archived web pages.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.