Executes Atomic Red Team tests using atomic-operator Python framework for MITRE ATT&CK validation. Loads YAML definitions, runs attack simulations, verifies SIEM/EDR detection coverage for purple team exercises.
npx claudepluginhub killvxk/cybersecurity-skills-zhThis skill uses the workspace's default tool permissions.
使用 atomic-operator 执行 Atomic Red Team 测试,针对 MITRE ATT&CK 技术验证检测覆盖率。
Executes Atomic Red Team tests for MITRE ATT&CK validation using atomic-operator Python framework. Runs attack simulations from YAML atomics to test SIEM/EDR detection in purple team exercises.
Executes Atomic Red Team tests using atomic-operator to validate MITRE ATT&CK techniques, simulate attacks, and check SIEM/EDR detection coverage for purple team exercises.
Executes Purple Team exercises coordinating red team attack simulations and blue team detection validation with MITRE ATT&CK mapped scenarios and real-time testing. For SOC teams verifying detections and fixing gaps.
Share bugs, ideas, or general feedback.
使用 atomic-operator 执行 Atomic Red Team 测试,针对 MITRE ATT&CK 技术验证检测覆盖率。
from atomic_operator import AtomicOperator
operator = AtomicOperator()
# 运行指定技术测试
operator.run(
technique="T1059.001", # PowerShell 执行
atomics_path="./atomic-red-team/atomics",
)
关键工作流程:
# 解析原子测试 YAML 定义
import yaml
with open("atomics/T1059.001/T1059.001.yaml") as f:
tests = yaml.safe_load(f)
for test in tests.get("atomic_tests", []):
print(f"测试:{test['name']}")
print(f" 支持平台:{test.get('supported_platforms', [])}")