Advanced Purple Team Lab CLI
Project description
🎤 Accepted to Black Hat USA Arsenal 2026, SecTor Arsenal 2026, and SecTor 2026 Briefings. Live Arsenal demos at both conferences, plus the SecTor Briefing talk APTL for Agentic Purple Teaming.
APTL—Advanced Purple Team Lab
Purple-team lab where AI agents drive the red and blue sides against an enterprise target stack.
One aptl lab start brings up: a fictional company's infrastructure (AD, web, DB, file share, DNS, mail), a Kali red-team box, a SOC stack (Wazuh + Suricata + MISP + TheHive + Cortex + Shuffle), a malware-analysis container, and MCP servers giving AI agents programmatic control over all of it. Scenarios are ACES SDL documents, selectable at startup; the Compose topology is realized from the nodes the scenario declares rather than a fixed preset, and each run captures a telemetry archive.
Use cases: autonomous cyber-operations research, purple-team training, AI threat-actor assessment.
Status
🚧 Active development. Not for production. Not hardened. This lab gives AI agents access to real penetration-testing tools and runs intentionally vulnerable services. Container escapes and other security issues are possible—keep it on a host you can rebuild and a network you control. Always monitor red-team agents during scenarios.
Quick Start
git clone https://github.com/Brad-Edwards/aptl.git
cd aptl
pipx install aptl-labs # the released CLI, isolated in its own environment
aptl lab start
You still clone the repo when you install the published package: aptl lab start reads the lab's Compose topology, scenarios, and config templates from
the checkout. pipx installs the CLI into its own
virtualenv, so the system-pip block on modern Debian/Ubuntu/WSL2 hosts
(PEP 668) never applies. Install pipx with
sudo apt install pipx if you do not have it.
To run from source instead (for development), replace the pipx line with a
virtualenv editable install (the python3 -m venv step needs python3-venv on
Debian/Ubuntu):
python3 -m venv .venv && source .venv/bin/activate
pip install -e .
aptl lab start creates .env automatically when it is missing and replaces
template placeholder values with lab credentials that match the running
containers. The startup output points to .env for passwords and tokens. Run
aptl lab info later to reprint the same access summary.
By default it boots the full techvault-operational scenario. List the catalog
and start a smaller curated topology with:
aptl lab scenarios # list startup scenarios
aptl lab start --scenario techvault-attacker-target # or --scenario-path <file>
See Scenarios for the catalog.
Once it's up:
| Surface | URL / command |
|---|---|
| Wazuh Dashboard | https://localhost:443 (admin / your INDEXER_PASSWORD from .env) |
| Victim shell | aptl container shell aptl-victim |
| Kali shell | aptl container shell aptl-kali |
| Reverse engineering SSH | ssh -i ~/.ssh/aptl_lab_key labadmin@localhost -p 2027 |
Lifecycle:
aptl lab status # running containers
aptl lab info # URLs, usernames, and .env credential references
aptl lab stop # graceful stop
aptl lab stop -v # ⚠ destroys all lab data (Wazuh indexes, MISP, TheHive, configs)
aptl kill # emergency: kill MCP server processes
aptl kill -c # emergency: kill MCP processes AND all lab containers
Requirements
- Docker + Docker Compose
- Python 3.11+
- RAM: 8 GB runs the smaller curated scenarios; the full
techvault-operationalstack needs more than 20 GB - 20 GB+ disk
- Linux / macOS / WSL2
- Open ports: 443, 2027, 8443, 9000, 9001, 9200, 55000 (and the rest of the published ports in
docker-compose.yml)
Architecture
flowchart TD
AI([AI Agents])
subgraph MCP[MCP Server Layer]
direction LR
m1[mcp-red] ~~~ m2[mcp-wazuh] ~~~ m3[mcp-indexer] ~~~ m4[mcp-network]
m5[mcp-casemgmt] ~~~ m6[mcp-soar] ~~~ m7[mcp-threatintel] ~~~ m8[mcp-reverse]
end
Kali[Kali Red Team]
Reverse[Malware Analysis]
subgraph Scenario[Scenario Environment]
Targets[Scenario-defined target topology<br/>AD · web · DB · file share · DNS · mail · victim hosts · etc.]
end
subgraph SOC[SOC Stack]
direction LR
S1[Wazuh SIEM] ~~~ S2[Suricata IDS] ~~~ S3[MISP TI]
S4[TheHive + Cortex] ~~~ S5[Shuffle SOAR]
end
AI <--> MCP
MCP --> Kali
MCP --> SOC
MCP --> Reverse
Kali -->|attack| Scenario
Scenario -.->|logs / telemetry| SOC
The scenario environment is whatever the SDL scenario defines—the default techvault-operational topology (AD, web, DB, file share, DNS, mail, victims) is one shape, and other scenarios compose different ones. Component-by-component breakdown: docs/architecture/index.md.
Scenarios
Scenarios are ACES SDL documents under scenarios/. aptl lab scenarios lists the catalog; aptl lab start --scenario <id> (or --scenario-path <file>) selects one. The Compose profiles that come up are realized from the nodes the SDL declares—the topology follows the scenario's content, including dependency closure, rather than a preset keyed off its name.
The catalog ships the operational default plus four curated slices:
| Scenario id | Boots | Omits |
|---|---|---|
techvault-operational |
Full TechVault stack (default) | — |
techvault-attacker-target |
Kali + one monitored victim + Wazuh core + observability | Enterprise web tier, wider SOC stack |
techvault-enterprise-web |
Vulnerable webapp + DB + AD + Wazuh core + observability | Red-team apparatus, wider SOC stack |
techvault-defensive-min |
Wazuh manager / indexer / dashboard + observability | Attacker and enterprise components, wider SOC stack |
techvault-observability-core |
OTEL collector + Tempo + Grafana | Everything else—the smallest bounded surface |
Authoring and selection details: SDL Reference · Curated TechVault Variants.
AI Agents (MCP)
Build the MCP servers:
./mcp/build-all-mcps.sh
Point your AI client (Claude Code, Cursor, Cline) at the entry points under ./mcp/<server>/build/index.js. Full setup: MCP Integration.
Smoke-test the wiring once the lab is up:
- Red side: ask the agent "Use kali_info to show me the lab network"
- Blue side: ask the agent "Use wazuh_query_alerts to show me recent alerts"
Optional: Web UI
Localhost-only web UI for lab control and scenario runs.
pip install -e ".[web]" # in the same .venv from Quick Start
aptl web serve # API server
cd web && npm install && npm run dev # frontend (separate terminal)
Access at http://localhost:5173 (dev) or http://localhost:3000 (prod). The API container needs the host Docker socket; do not expose to untrusted networks.
Documentation
Getting started: Installation · Prerequisites · Quick Start Guide
Architecture: Overview · Networking · Enterprise Infrastructure
Components: Wazuh SIEM · Kali Red Team · Victim Containers · Reverse Engineering · MCP Integration · Default Defensive Posture
Scenarios & SDL: SDL Reference · Curated TechVault Variants · SOC Architecture Spec
Reference: TechVault Scenario Overview · TechVault Company Profile · TechVault OSINT Readiness · Container Template Guide
Ops: Troubleshooting · Smoke Test Plan
Ethics & Disclaimers
APTL uses commodity services and basic integrations. AI agents get Kali access—no enhancements to their latent capabilities beyond that. No red-team enhancements will be added to this public repository. An autonomous cyber-operations range is under development as a separate project.
You are responsible for following all applicable laws. The author takes no responsibility for your use of this lab. The repository contains intentional test credentials (covered by .gitguardian.yaml) for lab functionality—dummy values for educational use, not production secrets.
License
MIT
10-23 AI hacker shenanigans 🚓
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file aptl_labs-4.0.1.tar.gz.
File metadata
- Download URL: aptl_labs-4.0.1.tar.gz
- Upload date:
- Size: 21.7 MB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c951791414540b1a899077fffe53be3b85a633df692b315bf67cc49e6ecacac4
|
|
| MD5 |
d747a897cdc65252de6e7a6047ee4757
|
|
| BLAKE2b-256 |
3edd32416435cd925c2ff447444f5fdc987681ab965e9cc3560b6583c4240948
|
Provenance
The following attestation bundles were made for aptl_labs-4.0.1.tar.gz:
Publisher:
release-please.yml on Brad-Edwards/aptl
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
aptl_labs-4.0.1.tar.gz -
Subject digest:
c951791414540b1a899077fffe53be3b85a633df692b315bf67cc49e6ecacac4 - Sigstore transparency entry: 2084292782
- Sigstore integration time:
-
Permalink:
Brad-Edwards/aptl@984f58b7feaa1103c4ac2f6256a6b5ee1f78f333 -
Branch / Tag:
refs/heads/main - Owner: https://github.com/Brad-Edwards
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release-please.yml@984f58b7feaa1103c4ac2f6256a6b5ee1f78f333 -
Trigger Event:
push
-
Statement type:
File details
Details for the file aptl_labs-4.0.1-py3-none-any.whl.
File metadata
- Download URL: aptl_labs-4.0.1-py3-none-any.whl
- Upload date:
- Size: 351.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
026249b58dfd4d18d326e20f5835130bc5752b0b9a6e4fbff2a7dd017c2875ae
|
|
| MD5 |
c2714971f08218b7642e315ce0fa4c12
|
|
| BLAKE2b-256 |
92dd544e1d32c0100768d4f7b1d2eaed4121a14471f8d1bf46ecb42c7d729ced
|
Provenance
The following attestation bundles were made for aptl_labs-4.0.1-py3-none-any.whl:
Publisher:
release-please.yml on Brad-Edwards/aptl
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
aptl_labs-4.0.1-py3-none-any.whl -
Subject digest:
026249b58dfd4d18d326e20f5835130bc5752b0b9a6e4fbff2a7dd017c2875ae - Sigstore transparency entry: 2084292791
- Sigstore integration time:
-
Permalink:
Brad-Edwards/aptl@984f58b7feaa1103c4ac2f6256a6b5ee1f78f333 -
Branch / Tag:
refs/heads/main - Owner: https://github.com/Brad-Edwards
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release-please.yml@984f58b7feaa1103c4ac2f6256a6b5ee1f78f333 -
Trigger Event:
push
-
Statement type: