Skip to main content

AttackMate is an attack orchestration tool that executes full attack-chains based on playbooks.

Project description

AttackMate Logo

Build Status

AttackMate is a tool to automate cyber attack scenarios that supports scripting of attack techniques across all phases of the Cyber Kill Chain. AttackMate's design principles aim to integrate with penetration testing and attack emulation frameworks such as Metasploit and Sliver Framework and enables simple execution of commands via shell or ssh. For example, AttackMate enables to execute Metasploit modules or generate payloads and run commands in Metasploit sessions. Moreover, it is able to generate Sliver implants, automatize Sliver to send C2 commands, and configure and compile LD_PRELOAD-rootkits. AttackMate also offers a simple interface to automate shell or ssh interaction, run commands in background mode, transfer files via sftp, and start http clients or servers. All attack steps may be scheduled, chained, and repeatedly executed using a simple configuration file that supports variable declarations and conditional workflows.

AttackMate Schema

Requirements

  • python >= 3.10
  • libmagic

Installation

Manually:

$ git clone https://github.com/ait-aecid/attackmate.git
$ cd attackmate
$ pip3 install .

Using pip:

$ pip3 install attackmate

Execute

$ attackmate playbook.yml

AttackMate Demo

Documentation

Please take a look at our documentation for how to install and use attackmate:

Disclaimer

AttackMate is purely for educational and academic purposes. The software is provided "as is" and the authors are not responsible for any damage or mishaps that may occur during its use.

Do not attempt to use AttackMate to violate the law. Misuse of the provided software and information may result in criminal charges.

Security

AttackMate should only be executed against own test or training systems. For this reason, every software bug is treated equally, regardless of whether it is security relevant or not.

*Please note that AttackMate could easily be executed in a dangerous way. For example, by parsing the RESULT_STDOUT of a malicious server. The server response could lead to a command injection. Keep that in mind!

License

GPL-3.0

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

attackmate-0.2.1.tar.gz (55.1 kB view details)

Uploaded Source

Built Distribution

attackmate-0.2.1-py3-none-any.whl (69.0 kB view details)

Uploaded Python 3

File details

Details for the file attackmate-0.2.1.tar.gz.

File metadata

  • Download URL: attackmate-0.2.1.tar.gz
  • Upload date:
  • Size: 55.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/5.1.0 CPython/3.12.4

File hashes

Hashes for attackmate-0.2.1.tar.gz
Algorithm Hash digest
SHA256 708ab955d3ee4fe9b2f6fea786f4ea178729c47707761c50f0bf66da41052bf6
MD5 52a72127f9b90991dfe46c66c26b8933
BLAKE2b-256 639d3a50b25abea2a1a15caa7c57e68c8923d8c4783594e4b22addf0752df17c

See more details on using hashes here.

File details

Details for the file attackmate-0.2.1-py3-none-any.whl.

File metadata

  • Download URL: attackmate-0.2.1-py3-none-any.whl
  • Upload date:
  • Size: 69.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/5.1.0 CPython/3.12.4

File hashes

Hashes for attackmate-0.2.1-py3-none-any.whl
Algorithm Hash digest
SHA256 4a7561fe79477a5f82dea00299dc36e35e123c1470643c3bc3242f76519d600a
MD5 1545bdf5e3816b95f93b04f0ee874ecd
BLAKE2b-256 6ce14ef9aee824ddce6b18655bcc3523cfd639cd536cb17fe812c5888c137c56

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page