ATTPwn

ATTPwn is a computer security tool designed to emulate adversaries. The tool aims to bring emulation of a real threat into closer contact with implementations based on the techniques and tactics from the MITRE ATT&CK framework. The goal is to simulate how a threat works in an intrusion scenario, where the threat has been successfully deployed. It is focused on Microsoft Windows systems through the use of the Powershell command line. This enables the different techniques based on MITRE ATT&CK to be applied. It is designed to allow the emulation of adversaries as for a Red Team exercise and to verify the effectiveness and efficiency of the organization’s controls in the face of a real threat.

Prerequisites

To run ATTPwn it is mandatory to have PowerShell 3.0 or higher. To run the ATTPwn you need python 3 or higher and some python libraries.

Install

git clone https://github.com/ElevenPaths/ATTPwn.git
cd ATTPwn
pip3 install -r requirements.txt

Use

python app.py

Now, open your browser: http://localhost:5000

Demo

ATTPwn – All-in-One: Discovery + privilege escalation + credential dumping + lateral movement on W10

ATTPwn – All-in-One: Discovery + privilege escalation + credential dumping + lateral movement on W7

ATTPwn: Powerdump + bypass uac + powerdump + minikatz

ATTPwn: Generation of a basic threat plan and deployment on a

machine to check your controls/defenses)

Copyright (C) 2020 ElevenPaths

Source: https://github.com/ElevenPaths/