Skip to main content

Advanced Purple Team Lab CLI

Project description

Quality gate

🎤 Accepted to Black Hat USA Arsenal 2026, SecTor Arsenal 2026, and SecTor 2026 Briefings. Live Arsenal demos at both conferences, plus the SecTor Briefing talk APTL for Agentic Purple Teaming.

APTL—Advanced Purple Team Lab

Purple-team lab where AI agents drive the red and blue sides against an enterprise target stack.

One aptl lab start brings up: a fictional company's infrastructure (AD, web, DB, file share, DNS, mail), a Kali red-team box, a SOC stack (Wazuh + Suricata + MISP + TheHive + Cortex + Shuffle), a malware-analysis container, and MCP servers giving AI agents programmatic control over all of it. Scenarios are ACES SDL documents, selectable at startup; the Compose topology is realized from the nodes the scenario declares rather than a fixed preset, and each run captures a telemetry archive.

Use cases: autonomous cyber-operations research, purple-team training, AI threat-actor assessment.

Status

🚧 Active development. Not for production. Not hardened. This lab gives AI agents access to real penetration-testing tools and runs intentionally vulnerable services. Container escapes and other security issues are possible—keep it on a host you can rebuild and a network you control. Always monitor red-team agents during scenarios.

Quick Start

Install the released CLI and materialize a lab, no clone required:

pipx install aptl-labs          # the released CLI, isolated in its own environment
aptl lab init my-lab            # materialize the lab assets into ./my-lab
cd my-lab
aptl lab start

aptl lab init <dir> copies the bundled lab assets (the Compose topology, scenarios, config templates, and container build contexts) out of the installed package into <dir>, which becomes your lab project directory. The published wheel ships those assets, so a PyPI install alone can run a lab. pipx installs the CLI into its own virtualenv, so the system-pip block on modern Debian/Ubuntu/WSL2 hosts (PEP 668) never applies. Install pipx with sudo apt install pipx if you do not have it.

To run from source instead (for development), clone the repo and use a virtualenv editable install (the python3 -m venv step needs python3-venv on Debian/Ubuntu). The checkout is itself the project directory, so no lab init is needed:

git clone https://github.com/Brad-Edwards/aptl.git
cd aptl
python3 -m venv .venv && source .venv/bin/activate
pip install -e .
aptl lab start

aptl lab start creates .env automatically when it is missing and replaces template placeholder values with lab credentials that match the running containers. The startup output points to .env for passwords and tokens. Run aptl lab info later to reprint the same access summary.

By default it boots the full techvault-operational scenario. List the catalog and start a smaller curated topology with:

aptl lab scenarios                                   # list startup scenarios
aptl lab start --scenario techvault-attacker-target  # or --scenario-path <file>

See Scenarios for the catalog.

Once it's up:

Surface URL / command
Wazuh Dashboard https://localhost:443 (admin / your INDEXER_PASSWORD from .env)
Victim shell aptl container shell aptl-victim
Kali shell aptl container shell aptl-kali
Reverse engineering SSH ssh -i ~/.ssh/aptl_lab_key labadmin@localhost -p 2027

Lifecycle:

aptl lab status   # running containers
aptl lab info     # URLs, usernames, and .env credential references
aptl lab stop     # graceful stop
aptl lab stop -v  # ⚠ destroys all lab data (Wazuh indexes, MISP, TheHive, configs)
aptl kill         # emergency: kill MCP server processes
aptl kill -c      # emergency: kill MCP processes AND all lab containers

Requirements

  • Docker + Docker Compose
  • Python 3.11+
  • RAM: 8 GB runs the smaller curated scenarios; the full techvault-operational stack needs more than 20 GB
  • 20 GB+ disk
  • Linux / macOS / WSL2
  • Open ports: 443, 2027, 8443, 9000, 9001, 9200, 55000 (and the rest of the published ports in docker-compose.yml)

Architecture

flowchart TD
    AI([AI Agents])

    subgraph MCP[MCP Server Layer]
        direction LR
        m1[mcp-red] ~~~ m2[mcp-wazuh] ~~~ m3[mcp-indexer] ~~~ m4[mcp-network]
        m5[mcp-casemgmt] ~~~ m6[mcp-soar] ~~~ m7[mcp-threatintel] ~~~ m8[mcp-reverse]
    end

    Kali[Kali Red Team]
    Reverse[Malware Analysis]

    subgraph Scenario[Scenario Environment]
        Targets[Scenario-defined target topology<br/>AD · web · DB · file share · DNS · mail · victim hosts · etc.]
    end

    subgraph SOC[SOC Stack]
        direction LR
        S1[Wazuh SIEM] ~~~ S2[Suricata IDS] ~~~ S3[MISP TI]
        S4[TheHive + Cortex] ~~~ S5[Shuffle SOAR]
    end

    AI <--> MCP
    MCP --> Kali
    MCP --> SOC
    MCP --> Reverse

    Kali -->|attack| Scenario
    Scenario -.->|logs / telemetry| SOC

The scenario environment is whatever the SDL scenario defines. The default techvault-operational topology (AD, web, DB, file share, DNS, mail, victims) is one shape, and other scenarios compose different ones. Component-by-component breakdown: docs/architecture/index.md.

Scenarios

Scenarios are ACES SDL documents under scenarios/. aptl lab scenarios lists the catalog; aptl lab start --scenario <id> (or --scenario-path <file>) selects one. The Compose profiles that come up are realized from the nodes the SDL declares—the topology follows the scenario's content, including dependency closure, rather than a preset keyed off its name.

The catalog ships the operational default plus four curated slices:

Scenario id Boots Omits
techvault-operational Full TechVault stack (default)
techvault-attacker-target Kali + one monitored victim + Wazuh core + observability Enterprise web tier, wider SOC stack
techvault-enterprise-web Vulnerable webapp + DB + AD + Wazuh core + observability Red-team apparatus, wider SOC stack
techvault-defensive-min Wazuh manager / indexer / dashboard + observability Attacker and enterprise components, wider SOC stack
techvault-observability-core OTEL collector + Tempo + Grafana Everything else—the smallest bounded surface

Authoring and selection details: SDL Reference · Curated TechVault Variants.

AI Agents (MCP)

Build the MCP servers:

./mcp/build-all-mcps.sh

Point your AI client (Claude Code, Cursor, Cline) at the entry points under ./mcp/<server>/build/index.js. Full setup: MCP Integration.

Smoke-test the wiring once the lab is up:

  • Red side: ask the agent "Use kali_info to show me the lab network"
  • Blue side: ask the agent "Use wazuh_query_alerts to show me recent alerts"

Optional: Web UI

Localhost-only web UI for lab control and scenario runs.

pip install -e ".[web]"        # in the same .venv from Quick Start
aptl web serve                 # API server
cd web && npm install && npm run dev   # frontend (separate terminal)

Access at http://localhost:5173 (dev) or http://localhost:3000 (prod). The API container needs the host Docker socket; do not expose to untrusted networks.

Documentation

Getting started: Installation · Prerequisites · Quick Start Guide

Architecture: Overview · Networking · Enterprise Infrastructure

Components: Wazuh SIEM · Kali Red Team · Victim Containers · Reverse Engineering · MCP Integration · Default Defensive Posture

Scenarios & SDL: SDL Reference · Curated TechVault Variants · SOC Architecture Spec

Reference: TechVault Scenario Overview · TechVault Company Profile · TechVault OSINT Readiness · Container Template Guide

Ops: Troubleshooting · Smoke Test Plan

Ethics & Disclaimers

APTL uses commodity services and basic integrations. AI agents get Kali access—no enhancements to their latent capabilities beyond that. No red-team enhancements will be added to this public repository. An autonomous cyber-operations range is under development as a separate project.

You are responsible for following all applicable laws. The author takes no responsibility for your use of this lab. The repository contains intentional test credentials (covered by .gitguardian.yaml) for lab functionality—dummy values for educational use, not production secrets.

License

MIT


10-23 AI hacker shenanigans 🚓

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aptl_labs-4.1.0.tar.gz (21.7 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

aptl_labs-4.1.0-py3-none-any.whl (3.7 MB view details)

Uploaded Python 3

File details

Details for the file aptl_labs-4.1.0.tar.gz.

File metadata

  • Download URL: aptl_labs-4.1.0.tar.gz
  • Upload date:
  • Size: 21.7 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for aptl_labs-4.1.0.tar.gz
Algorithm Hash digest
SHA256 6ad2c8b1af39f48f76ab3a2c681c943e0a9ba96c8d3a532b242cd12dd2874024
MD5 ff216805790eabfe7bc3292c7db422f6
BLAKE2b-256 f5ccb3d55a899fccb6182d15c62f7d231f00b1b6197e948b96121b3304049687

See more details on using hashes here.

Provenance

The following attestation bundles were made for aptl_labs-4.1.0.tar.gz:

Publisher: release-please.yml on Brad-Edwards/aptl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file aptl_labs-4.1.0-py3-none-any.whl.

File metadata

  • Download URL: aptl_labs-4.1.0-py3-none-any.whl
  • Upload date:
  • Size: 3.7 MB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for aptl_labs-4.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 9c021239ad247a3dedc95a6d2cace34040c8e978fc9820bad29c1fa5a98d281e
MD5 e1868ade7788b7e582650150a1111d53
BLAKE2b-256 b677dad78e94ed1bd2ab79c2eea058ef588ce6229c92cb2f7d63b918142aea59

See more details on using hashes here.

Provenance

The following attestation bundles were made for aptl_labs-4.1.0-py3-none-any.whl:

Publisher: release-please.yml on Brad-Edwards/aptl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page