Stratus Red team v2.14 releases: emulate offensive attack techniques
Stratus Red team
Stratus Red Team is “Atomic Red Team™” for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner.
Stratus Red Team is a lightweight Go binary you can install easily. It comes packaged with a number of AWS-specific attack techniques. Each attack technique is a documentation page automatically generated from the source code.
Stratus Red Team handles spinning up any infrastructure or configuration needed to execute an attack technique. This is what it calls warming-up an attack technique. Once an attack technique is “warm”, it can be detonated, i.e. executed to emulate the attacker behavior it intends to simulate.
List of all Attack Techniques
This page contains the list of all Stratus Attack Techniques.
Changelog v2.14
Features:
- New AWS attack technique: Delete DNS query logs by @will-giraldo-d (#479)
- New AWS attack technique: Usage of SSM StartSession on multiple instances by @adanalvarez (#477)
- New AWS attack technique: Create a backdoored IAM Role by @adanalvarez (#478)
- New AWS attack technique: Usage of ssm:SendCommand on multiple instances by @christophetd (#482)
Chores:
- Bump alpine from 3.18.5 to 3.19.1 by @dependabot in #475
- Bump actions/upload-artifact from 3.1.2 to 4.3.0 by @dependabot in #474
- Bump goreleaser/goreleaser-action from 44dd9927f499a126e26ae024981569ce889f15aa to 14707cd26fbb4b6c8abf03fb8ea4eb6c59711a62 by @dependabot in #473
- Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /v2 by @dependabot in #455
- Bump github/codeql-action from 2.22.8 to 3.23.2 by @dependabot in #472
- Bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in #459
- Bump ossf/scorecard-action from 2.2.0 to 2.3.1 by @dependabot in #458
Install & Use
Copyright (C) 2022 @christophetd
