Halberd
Halberd copied to clipboard
Security testing tool to proactively assess cloud security by executing a comprehensive array of attack techniques across multiple surfaces via a simple web interface.
Halberd
Halberd is an open-source security testing tool to proactively assess cloud security by executing a comprehensive array of attack techniques across multiple surfaces.
Leveraging Halberd, security teams can execute attack techniques such as cloud resource discovery, priv esc by tenant config modification, persistence through backdoor creation, deleting / modifying cloud resources and several others via a simple interactive web interface. This means no need to find or learn commmands to execute techniques.
Evaluate defenses across multiple attack surfaces, including Entra ID, M365, Azure and AWS.
Setup
Halberd works on Linux, macOS & Windows and can be setup easily in just a few minutes.
Install
$ git clone https://github.com/vectra-ai-research/Halberd.git
$ cd Halberd
$ python3 -m venv venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ python3 Halberd.py
Checkout detailed instructions in deployment guide.
Usage
Once setup start testing by accessing the Halberd web interface in your browser.
Visit: http://127.0.0.1:8050/
Overview
Module details & usage elaborates on specific executable techniques and interesting capabalities of Halberd.
- Entra ID Testing Modules
- M365 Testing Modules
- Azure Testing Modules
- AWS Testing Modules
- Reconnaissance Graphs
- Access Manager
- Reporting
- Technique Execution via Web-Interface
Getting Started
Once Halberd is deployed & running, start testing by visiting http://127.0.0.1:8050/ in your browser.
Access
Allows users to manage access tokens / clients and review current access information for various targets.
Attack
Allows users to view and execute attack techniques. From the Attack
view, select an Attack Surface > Tactic > Technique > Execute
.
Recon
Provides numerous advanced reconnaissance dashboards enabling fast and easy information gathering by automatically executing sequence of reconnaissance in the environment.
Example: Navigate to Recon
> Entity Map
> Generate Entity Map
to generate an interactive graph of access & privileges in the cloud environment.
Trace
Displays log of all executed techniques and allows users to download a report.
Note: Different techniques require varying access & privileges for successful execution. Start by establishing relevant access using Initial Access
tactic under each attack surface.
Checkout usage for more information on testing with Halberd.
Contribute
- Thanks for considering contributing to Halberd! Your contributions will make security testing easier & better.
- Submit bugs & issues here
If you are interested in contributing to Halberd, checkout development focus areas & guidance on contributions.
Contact
If you found this tool useful, want to share interesting use-cases or ideas - reach out & share them!
- Author : Arpan Sarkar
- Maintainer : Arpan Sarkar