ATTPwn – Tool Designed To Emulate Adversaries

ATTPwn is a computer security device designed to emulate opponents. The aim of the tool is to bring simulation of real interaction with an implementation based on techniques and strategy from the MITER ATT & CK framework. The goal is to simulate how a threat works in an intrusion scenario, where the threat has been successfully deployed. It focuses on Microsoft Windows systems through the use of the Powershell command line. This enables MITER to implement various technologies based on ATT & CK. ATTPwn is designed to allow simulation of the adversary for Red Team practice and to verify the effectiveness and efficiency of the organization’s control in the face of a real threat

Prerequisites

to run ATTPwn It is mandatory to have PowerShell 3.0 or higher. to run ATTPwn You need Python 3 or higher and some Python libraries. You can install it with:

pip install -r requirements.txt  

pay attention: Works in ATTPwn Python 3.x. Make sure you run a pipe relative to this version.

Use

python app.py  

Now, open your browser: http: // localhost: 5000

pip install -r requirements.txt

Doctor

you can use:

docker build -t attpwn:latest .  

You can make a container:

docker run --rm -d -p 5000:5000 attpwn:latest  

Example video

ATTPwn – All-in-One: Discovery + Privilege Addition + Credential Dumping + Playback Movement on W10

ATTPwn – All-in-One: Discovery + Privilege Enhancement + Credit Dumping + Playback Movement on W7

ATTPwn: powerdump + bypass uac + powerdump + minikjet

ATTPwn: Origin of a basic threat plan and deployment on a machine to check its control/defense)

Stay on top - Get the daily news in your inbox

DMCA / Correction Notice

Recent Articles

Related Stories