ttp-bench icon indicating copy to clipboard operation
ttp-bench copied to clipboard

Published 20 hours ago verified publisher icon tstromberg

Metadata

Adversary emulation for EDR/SIEM testing (macOS/Linux)

Results 2 ttp-bench issues
Sort by recently updated
recently updated
newest added

privesc-traitor-dirty-pipe needs stress testing

I'm concerned that traitor could leave a modified passwd file in place if the test times out. Unfortunately, I don't have a vulnerable machine for testing at this time. Because...

tstromberg avatar tstromberg

Add crypto-currency miner simulation [T1496]

As some compromises hysterically end up mining crypto-coins, we should simulate appropriately: https://attack.mitre.org/techniques/T1496/ Perhaps we can rig something up to use XMrig to mine Monero for 15 seconds?

tstromberg avatar tstromberg

Metadata

34
Stars
2
Forks
Watchers

Owner

verified publisher icon tstromberg

Metadata

Adversary emulation for EDR/SIEM testing (macOS/Linux)

Back