ATTACKIFY





Simulate numerous exploit techniques as used by attackers & malware to inject into processes, elevate privileges or impersonate users. Modules are designed to emulate core functionality without potwntially damaging systems.

Exploit Modules

ATTACKIFY has a number of exploit modules that have been designed to run as safe as possible within environments. Exploit modules include priviledge escalation, process injection, various anti-malware bypass techniques. The modules are designed to execute on an endpoint in a safe way that would allow security teams to discover malicious behaviour, suspicious processes and potential short falls of currently deployed security products.

Some of the modules in ATTACKIFY include:

  • NTLM Authentication Bypass
  • Privilege Escalation Attacks
  • Process Injection - QueueUserAPC, SetThreadContext & CreateRemoteThread
  • AMSI Bypass Attacks
  • PowerShell Empire Exploits and Techniques
  • Named Pipe Impersonation
  • Generic Drive-By

Great care is taken to test modules in multiple scenarios and configurations but it will always come with a warning platform running these in a production setting, so maybe dont do production (:

Related Modules

Malware

Simulate malware and common malicious functionality as seen in various malware and adverserial techniques. SAFELY execute suspicous functionality and API calls in the same way malware does!

more info

Security Controls

Validate endpoint security controls and perform a number of compliance checks to ensure systems are securely configured.

more info

APT

These modules are based off individual APT tactics, techniques and procedures to assist security teams in identifying suspicious activity usually seen in advanced persistent attackers.

more info