Stratus Red team v2.4.9 releases: emulate offensive attack techniques

by do son · Published February 1, 2022 · Updated November 22, 2022

Stratus Red team

Stratus Red Team is “Atomic Red Team™” for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner.

Stratus Red Team is a lightweight Go binary you can install easily. It comes packaged with a number of AWS-specific attack techniques. Each attack technique is a documentation page automatically generated from the source code.

Stratus Red Team handles spinning up any infrastructure or configuration needed to execute an attack technique. This is what it calls warming-up an attack technique. Once an attack technique is “warm”, it can be detonated, i.e. executed to emulate the attacker behavior it intends to simulate.

List of all Attack Techniques

This page contains the list of all Stratus Attack Techniques.

Name	Platform	MITRE ATT&CK Tactics
Retrieve EC2 Password Data	AWS	Credential Access
Steal EC2 Instance Credentials	AWS	Credential Access
Retrieve a High Number of Secrets Manager secrets	AWS	Credential Access
Retrieve And Decrypt SSM Parameters	AWS	Credential Access
Delete CloudTrail Trail	AWS	Defense Evasion
Disable CloudTrail Logging Through Event Selectors	AWS	Defense Evasion
CloudTrail Logs Impairment Through S3 Lifecycle Rule	AWS	Defense Evasion
Stop CloudTrail Trail	AWS	Defense Evasion
Attempt to Leave the AWS Organization	AWS	Defense Evasion
Remove VPC Flow Logs	AWS	Defense Evasion
Execute Discovery Commands on an EC2 Instance	AWS	Discovery
Open Ingress Port 22 on a Security Group	AWS	Exfiltration
Exfiltrate an AMI by Sharing It	AWS	Exfiltration
Exfiltrate EBS Snapshot by Sharing It	AWS	Exfiltration
Exfiltrate RDS Snapshot by Sharing	AWS	Exfiltration
Backdoor an S3 Bucket via its Bucket Policy	AWS	Exfiltration
Backdoor an IAM Role	AWS	Persistence
Create an Access Key on an IAM User	AWS	Persistence, Privilege Escalation
Create an administrative IAM User	AWS	Persistence, Privilege Escalation
Create a Login Profile on an IAM User	AWS	Persistence, Privilege Escalation
Backdoor Lambda Function Through Resource-Based Policy	AWS	Persistence

Changelog v2.4.9

Bug fixes:

Fix roles trust policy in some edge cases for 4 attack techniques (#224), thanks @mario-areias!

Enhancements:

Align resource names created (#242), thanks @sjhood!

Other:

Bump dependencies
Add Terraform linting in CI
make docs now generates a YAML file with all available attack techniques (#218), thanks @mario-areias!)

Stratus Red team v2.4.9 releases: emulate offensive attack techniques

Search

Brilliantly

Content & Links

Technology News

Popular Tags

Stratus Red team v2.4.9 releases: emulate offensive attack techniques

Stratus Red team

List of all Attack Techniques

Changelog v2.4.9

Install & Use

Search

Brilliantly

Content & Links

Technology News

Popular Tags