2022-05-01 15:15:00
ARTi-C2 (Atomic-Red-Team-Intelligence-C2)
A post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
ARTi-C2 is a modern execution framework built to empower security teams to scale attack scenario execution from single and multi-breach point targets with the intent to produce actionable attack intelligence that improves the effectiveness of security products and incident response.
USE CASES:
SOCs need to evaluate and improve EDR solutions in minutes
Organizations are evaluating different EDR/AV solutions for Windows OS
Organizations need to:
execute APT group tactics in controlled environments
demonstrate the ability to block common attacks from disk and memory
execute lightweight atomics remotely
benchmark critical risk profiles against MITRE ATT&CK before releasing systems to Corp IT/production
execute ransomware tactics mapped to ATT&CK safely
keep tight margins between (MTTD) and (MTTR) metrics
continually improve SOAR workbooks
evaluate host security controls between different business units, and regions.
https://github.com/blackbotinc/Atomic-Red-Team-Intelligence-C2
198 views12:15