Skip to content

Simulate Attacks

Open-source tools you can use to simulate attacks

These tools and this approach is helpful in testing your defenses to make sure they're detecting what you expect, and that they're able to detect common Azure cloud attacks.

  • Stratus Red Team by DataDog - Granular, Actionable Adversary Emulation for the Cloud
  • Atomic Red Team - Small and highly portable detection tests based on MITRE's ATT&CK. (Not specific to cloud but includes Azure)
  • Cloud Katana - Cloud native tool developed from the need to automate simulation steps on-demand in multi-cloud and hybrid cloud environments. This tool is an event-driven, serverless compute application built on the top of Azure Functions that expedites the research process and validation of security controls. (Shout out to Christophe Tafani-Dereeper and this page for this add)