Offensive Security Tool: Stratus Red Team

by | Feb 4, 2022 | Tools

Premium Content

Patreon

Subscribe to Patreon to watch this episode.

Reading Time: 3 Minutes

Offensive Security Tool: Stratus Red Team

GitHub Link

 

 

Stratus Red Team

Cloud computing is crucial for building systems that can perform offensive security. The performance and customization from red team can significantly enhance the outcome, so we will focus on another tool that aims to do that.

Stratus Red Team by DataDog is “Atomic Red Team” for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner.

Atomic Red Team is library of tests mapped to the MITRE ATTACK framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.

 

demo

Read the announcement blog posts:

 

Some Techniques include:

  • Credential access: Steal EC2 instance credentials
  • Discovery: Execute discovery commands on an EC2 instance
  • Defense evasion: Stop a CloudTrail trail
  • Exfiltration: Exfiltrate data from an S3 bucket by backdooring its bucket policy

 

A core challenge for threat detection engineering is reproducing common attacker behavior. Stratus Red Team will help you do that with ease as part of your Pentesting Assessments or Bug Bounty Hunting.

 

See Also: Complete Offensive Security and Ethical Hacking Course

 

Getting Started

 

Stratus Red Team is a self-contained Go binary.

See the documentation at stratus-red-team.cloud:

 

See Also: How ILOVEYOU worm became the first global computer virus pandemic

 

Installation

 

  • Mac OS:

brew tap datadog/stratus-red-team https://github.com/DataDog/stratus-red-team

brew install datadog/stratus-red-team/stratus-red-team

IMAGE="ghcr.io/datadog/stratus-red-team"
alias stratus="docker run --rm -v $HOME/.stratus-red-team/:/root/.stratus-red-team/ -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN -e AWS_DEFAULT_REGION $IMAGE"

 

 

Using Stratus Red Team as a Go Library

 

See Examples and Programmatic Usage.

 

 

Development

 

Building locally

make
./bin/stratus --help

 

Running locally

go run cmd/stratus/*.go list

 

Running the tests

make test

 

Building the documentation

For local usage:

pip install mkdocs-material mkdocs-awesome-pages-plugin

make docs
mkdocs serve

 

See Also: Cisco patches critical vulnerabilities in SMB routers, exploitation available


 

merch

 

Recent Tools

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!


Information Security Solutions

Find out how Pentesting Services can help you.


Join our Community

Share This