ATTACKIFY has a number of exploit modules that have been designed to run as safe as possible within environments. Exploit modules include priviledge escalation, process injection, various anti-malware bypass techniques. The modules are designed to execute on an endpoint in a safe way that would allow security teams to discover malicious behaviour, suspicious processes and potential short falls of currently deployed security products.
Some of the modules in ATTACKIFY include:
- NTLM Authentication Bypass - Privilege Escalation Attacks - Process Injection - QueueUserAPC, SetThreadContext & CreateRemoteThread - AMSI Bypass Attacks - PowerShell Empire Exploits and Techniques - Named Pipe Impersonation - Generic Drive-By
Great care is taken to test modules in multiple scenarios and configurations but it will always come with a warning about running these in a production setting, so maybe dont do production (: