├── .env.example ├── .github ├── ISSUE_TEMPLATE │ └── feature_request.md ├── pull_request_template.md └── workflows │ └── ci.yaml ├── .gitignore ├── .gitmodules ├── LICENSE ├── LICENSE-3rdparty.csv ├── NOTICE ├── README.md ├── cli ├── .gitignore ├── Dockerfile ├── attacks │ ├── auth.js │ ├── fuzzing.txt │ ├── generic-payloads.txt │ ├── index.js │ ├── rate_limiting.js │ ├── scanners.js │ ├── signup.js │ ├── sqli-payloads.txt │ ├── sqli.js │ ├── ssrf-payloads.txt │ ├── ssrf.js │ └── user-agents.txt ├── cli ├── lib │ └── request.js ├── package-lock.json └── package.json ├── docker-compose.yaml ├── docker-compose.yaml.all-dd-sec ├── docs ├── README.md ├── credential_stuffing.md ├── excessive_signups.md ├── generic_security_scan.md ├── imgs │ ├── attack-tools-signal-1.png │ ├── attack-tools-signal-2.png │ ├── attack-tools-traces.png │ ├── auth-signal-1.png │ ├── auth-signal-2.png │ ├── auth-traces.png │ ├── log4shell-signal.png │ ├── log4shell-trace-1.png │ ├── log4shell-trace-2.png │ ├── ratelimit-signal.png │ ├── ratelimit-traces.png │ ├── security-scanner-signal-1.png │ ├── security-scanner-signal-2.png │ ├── security-scanner-traces.png │ ├── signups-signal.png │ ├── signups-traces.png │ ├── sqli-signal-1.png │ ├── sqli-signal-2.png │ ├── sqli-traces.png │ ├── sqli2-signal-1.png │ ├── sqli2-signal-2.png │ ├── sqli2-traces.png │ ├── ssrf1-traces.png │ ├── ssrf2-signal-1.png │ ├── ssrf2-signal-2.png │ └── ssrf2-traces.png ├── known_attack_tools.md ├── log4shell.md ├── rate_limiting.md ├── server_side_request_forgery.md └── sql_injection.md └── setup.sh /.env.example: -------------------------------------------------------------------------------- 1 | DD_API_KEY="" -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/.github/ISSUE_TEMPLATE/feature_request.md -------------------------------------------------------------------------------- /.github/pull_request_template.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/.github/pull_request_template.md -------------------------------------------------------------------------------- /.github/workflows/ci.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/.github/workflows/ci.yaml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | untracked 2 | docker 3 | .env 4 | # jest-report -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/LICENSE -------------------------------------------------------------------------------- /LICENSE-3rdparty.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/LICENSE-3rdparty.csv -------------------------------------------------------------------------------- /NOTICE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/NOTICE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/README.md -------------------------------------------------------------------------------- /cli/.gitignore: -------------------------------------------------------------------------------- 1 | node_modules -------------------------------------------------------------------------------- /cli/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/Dockerfile -------------------------------------------------------------------------------- /cli/attacks/auth.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/auth.js -------------------------------------------------------------------------------- /cli/attacks/fuzzing.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/fuzzing.txt -------------------------------------------------------------------------------- /cli/attacks/generic-payloads.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/generic-payloads.txt -------------------------------------------------------------------------------- /cli/attacks/index.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/index.js -------------------------------------------------------------------------------- /cli/attacks/rate_limiting.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/rate_limiting.js -------------------------------------------------------------------------------- /cli/attacks/scanners.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/scanners.js -------------------------------------------------------------------------------- /cli/attacks/signup.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/signup.js -------------------------------------------------------------------------------- /cli/attacks/sqli-payloads.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/sqli-payloads.txt -------------------------------------------------------------------------------- /cli/attacks/sqli.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/sqli.js -------------------------------------------------------------------------------- /cli/attacks/ssrf-payloads.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/ssrf-payloads.txt -------------------------------------------------------------------------------- /cli/attacks/ssrf.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/ssrf.js -------------------------------------------------------------------------------- /cli/attacks/user-agents.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/attacks/user-agents.txt -------------------------------------------------------------------------------- /cli/cli: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/cli -------------------------------------------------------------------------------- /cli/lib/request.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/lib/request.js -------------------------------------------------------------------------------- /cli/package-lock.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/package-lock.json -------------------------------------------------------------------------------- /cli/package.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/cli/package.json -------------------------------------------------------------------------------- /docker-compose.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docker-compose.yaml -------------------------------------------------------------------------------- /docker-compose.yaml.all-dd-sec: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docker-compose.yaml.all-dd-sec -------------------------------------------------------------------------------- /docs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/README.md -------------------------------------------------------------------------------- /docs/credential_stuffing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/credential_stuffing.md -------------------------------------------------------------------------------- /docs/excessive_signups.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/excessive_signups.md -------------------------------------------------------------------------------- /docs/generic_security_scan.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/generic_security_scan.md -------------------------------------------------------------------------------- /docs/imgs/attack-tools-signal-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/attack-tools-signal-1.png -------------------------------------------------------------------------------- /docs/imgs/attack-tools-signal-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/attack-tools-signal-2.png -------------------------------------------------------------------------------- /docs/imgs/attack-tools-traces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/attack-tools-traces.png -------------------------------------------------------------------------------- /docs/imgs/auth-signal-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/auth-signal-1.png -------------------------------------------------------------------------------- /docs/imgs/auth-signal-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/auth-signal-2.png -------------------------------------------------------------------------------- /docs/imgs/auth-traces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/auth-traces.png -------------------------------------------------------------------------------- /docs/imgs/log4shell-signal.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/log4shell-signal.png -------------------------------------------------------------------------------- /docs/imgs/log4shell-trace-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/log4shell-trace-1.png -------------------------------------------------------------------------------- /docs/imgs/log4shell-trace-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/log4shell-trace-2.png -------------------------------------------------------------------------------- /docs/imgs/ratelimit-signal.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/ratelimit-signal.png -------------------------------------------------------------------------------- /docs/imgs/ratelimit-traces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/ratelimit-traces.png -------------------------------------------------------------------------------- /docs/imgs/security-scanner-signal-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/security-scanner-signal-1.png -------------------------------------------------------------------------------- /docs/imgs/security-scanner-signal-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/security-scanner-signal-2.png -------------------------------------------------------------------------------- /docs/imgs/security-scanner-traces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/security-scanner-traces.png -------------------------------------------------------------------------------- /docs/imgs/signups-signal.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/signups-signal.png -------------------------------------------------------------------------------- /docs/imgs/signups-traces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/signups-traces.png -------------------------------------------------------------------------------- /docs/imgs/sqli-signal-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/sqli-signal-1.png -------------------------------------------------------------------------------- /docs/imgs/sqli-signal-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/sqli-signal-2.png -------------------------------------------------------------------------------- /docs/imgs/sqli-traces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/sqli-traces.png -------------------------------------------------------------------------------- /docs/imgs/sqli2-signal-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/sqli2-signal-1.png -------------------------------------------------------------------------------- /docs/imgs/sqli2-signal-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/sqli2-signal-2.png -------------------------------------------------------------------------------- /docs/imgs/sqli2-traces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/sqli2-traces.png -------------------------------------------------------------------------------- /docs/imgs/ssrf1-traces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/ssrf1-traces.png -------------------------------------------------------------------------------- /docs/imgs/ssrf2-signal-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/ssrf2-signal-1.png -------------------------------------------------------------------------------- /docs/imgs/ssrf2-signal-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/ssrf2-signal-2.png -------------------------------------------------------------------------------- /docs/imgs/ssrf2-traces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/imgs/ssrf2-traces.png -------------------------------------------------------------------------------- /docs/known_attack_tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/known_attack_tools.md -------------------------------------------------------------------------------- /docs/log4shell.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/log4shell.md -------------------------------------------------------------------------------- /docs/rate_limiting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/rate_limiting.md -------------------------------------------------------------------------------- /docs/server_side_request_forgery.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/server_side_request_forgery.md -------------------------------------------------------------------------------- /docs/sql_injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/docs/sql_injection.md -------------------------------------------------------------------------------- /setup.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/appsec-threat-emulation/HEAD/setup.sh --------------------------------------------------------------------------------