├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── dependabot.yml ├── pull_request_template.md └── workflows │ ├── docker.yml │ ├── docs.yml │ ├── release.yml │ ├── scorecards.yml │ ├── static-analysis.yml │ ├── terraform-lint.yml │ └── test.yml ├── .gitignore ├── .goreleaser.yaml ├── Dockerfile ├── Formula └── stratus-red-team.rb ├── LICENSE ├── LICENSE-3rdparty.csv ├── Makefile ├── NOTICE ├── README.md ├── SECURITY.md ├── bin └── .gitkeep ├── docs ├── CNAME ├── attack-techniques │ ├── AWS │ │ ├── aws.credential-access.ec2-get-password-data.md │ │ ├── aws.credential-access.ec2-steal-instance-credentials.md │ │ ├── aws.credential-access.secretsmanager-batch-retrieve-secrets.md │ │ ├── aws.credential-access.secretsmanager-retrieve-secrets.md │ │ ├── aws.credential-access.ssm-retrieve-securestring-parameters.md │ │ ├── aws.defense-evasion.cloudtrail-delete.md │ │ ├── aws.defense-evasion.cloudtrail-event-selectors.md │ │ ├── aws.defense-evasion.cloudtrail-lifecycle-rule.md │ │ ├── aws.defense-evasion.cloudtrail-stop.md │ │ ├── aws.defense-evasion.dns-delete-logs.md │ │ ├── aws.defense-evasion.organizations-leave.md │ │ ├── aws.defense-evasion.vpc-remove-flow-logs.md │ │ ├── aws.discovery.ec2-download-user-data.md │ │ ├── aws.discovery.ec2-enumerate-from-instance.md │ │ ├── aws.discovery.ses-enumerate.md │ │ ├── aws.execution.ec2-launch-unusual-instances.md │ │ ├── aws.execution.ec2-user-data.md │ │ ├── aws.execution.ssm-send-command.md │ │ ├── aws.execution.ssm-start-session.md │ │ ├── aws.exfiltration.ec2-security-group-open-port-22-ingress.md │ │ ├── aws.exfiltration.ec2-share-ami.md │ │ ├── aws.exfiltration.ec2-share-ebs-snapshot.md │ │ ├── aws.exfiltration.rds-share-snapshot.md │ │ ├── aws.exfiltration.s3-backdoor-bucket-policy.md │ │ ├── aws.impact.bedrock-invoke-model.md │ │ ├── aws.impact.s3-ransomware-batch-deletion.md │ │ ├── aws.impact.s3-ransomware-client-side-encryption.md │ │ ├── aws.impact.s3-ransomware-individual-deletion.md │ │ ├── aws.initial-access.console-login-without-mfa.md │ │ ├── aws.lateral-movement.ec2-instance-connect.md │ │ ├── aws.lateral-movement.ec2-serial-console-send-ssh-public-key.md │ │ ├── aws.persistence.iam-backdoor-role.md │ │ ├── aws.persistence.iam-backdoor-user.md │ │ ├── aws.persistence.iam-create-admin-user.md │ │ ├── aws.persistence.iam-create-backdoor-role.md │ │ ├── aws.persistence.iam-create-user-login-profile.md │ │ ├── aws.persistence.lambda-backdoor-function.md │ │ ├── aws.persistence.lambda-layer-extension.md │ │ ├── aws.persistence.lambda-overwrite-code.md │ │ ├── aws.persistence.rolesanywhere-create-trust-anchor.md │ │ ├── aws.persistence.sts-federation-token.md │ │ ├── aws.privilege-escalation.iam-update-user-login-profile.md │ │ └── index.md │ ├── EKS │ │ ├── eks.lateral-movement.create-access-entry.md │ │ ├── eks.persistence.backdoor-aws-auth-configmap.md │ │ └── index.md │ ├── GCP │ │ ├── gcp.credential-access.secretmanager-retrieve-secrets.md │ │ ├── gcp.exfiltration.share-compute-disk.md │ │ ├── gcp.exfiltration.share-compute-image.md │ │ ├── gcp.exfiltration.share-compute-snapshot.md │ │ ├── gcp.persistence.backdoor-service-account-policy.md │ │ ├── gcp.persistence.create-admin-service-account.md │ │ ├── gcp.persistence.create-service-account-key.md │ │ ├── gcp.persistence.invite-external-user.md │ │ ├── gcp.privilege-escalation.impersonate-service-accounts.md │ │ └── index.md │ ├── azure │ │ ├── azure.execution.vm-custom-script-extension.md │ │ ├── azure.execution.vm-run-command.md │ │ ├── azure.exfiltration.disk-export.md │ │ ├── azure.persistence.create-bastion-shareable-link.md │ │ └── index.md │ ├── entra-id │ │ ├── entra-id.persistence.backdoor-application-sp.md │ │ ├── entra-id.persistence.backdoor-application.md │ │ ├── entra-id.persistence.guest-user.md │ │ ├── entra-id.persistence.hidden-au.md │ │ ├── entra-id.persistence.new-application.md │ │ ├── entra-id.persistence.restricted-au.md │ │ └── index.md │ ├── index.md │ ├── kubernetes │ │ ├── index.md │ │ ├── k8s.credential-access.dump-secrets.md │ │ ├── k8s.credential-access.steal-serviceaccount-token.md │ │ ├── k8s.persistence.create-admin-clusterrole.md │ │ ├── k8s.persistence.create-client-certificate.md │ │ ├── k8s.persistence.create-token.md │ │ ├── k8s.privilege-escalation.hostpath-volume.md │ │ ├── k8s.privilege-escalation.nodes-proxy.md │ │ └── k8s.privilege-escalation.privileged-pod.md │ ├── list.md │ ├── mitre-attack-coverage-matrices.md │ ├── philosophy.md │ └── supported-platforms.md ├── comparison.md ├── contributing.md ├── css │ ├── extra.css │ └── w3.css ├── demo.gif ├── detonation-logs │ ├── aws.credential-access.ec2-get-password-data.json │ ├── aws.credential-access.ec2-steal-instance-credentials.json │ ├── aws.credential-access.secretsmanager-batch-retrieve-secrets.json │ ├── aws.credential-access.secretsmanager-retrieve-secrets.json │ ├── aws.credential-access.ssm-retrieve-securestring-parameters.json │ ├── aws.defense-evasion.cloudtrail-delete.json │ ├── aws.defense-evasion.cloudtrail-event-selectors.json │ ├── aws.defense-evasion.cloudtrail-stop.json │ ├── aws.defense-evasion.dns-delete-logs.json │ ├── aws.defense-evasion.organizations-leave.json │ ├── aws.defense-evasion.vpc-remove-flow-logs.json │ ├── aws.discovery.ec2-download-user-data.json │ ├── aws.execution.ec2-launch-unusual-instances.json │ ├── aws.execution.ec2-user-data.json │ ├── aws.execution.ssm-send-command.json │ ├── aws.execution.ssm-start-session.json │ ├── aws.exfiltration.ec2-security-group-open-port-22-ingress.json │ ├── aws.exfiltration.ec2-share-ami.json │ ├── aws.exfiltration.ec2-share-ebs-snapshot.json │ ├── aws.exfiltration.rds-share-snapshot.json │ ├── aws.impact.bedrock-invoke-model.json │ ├── aws.initial-access.console-login-without-mfa.json │ ├── aws.lateral-movement.ec2-instance-connect.json │ ├── aws.lateral-movement.ec2-serial-console-send-ssh-public-key.json │ ├── aws.persistence.iam-backdoor-role.json │ ├── aws.persistence.iam-backdoor-user.json │ ├── aws.persistence.iam-create-admin-user.json │ ├── aws.persistence.iam-create-backdoor-role.json │ ├── aws.persistence.iam-create-user-login-profile.json │ ├── aws.persistence.lambda-backdoor-function.json │ ├── aws.persistence.lambda-layer-extension.json │ ├── aws.persistence.lambda-overwrite-code.json │ ├── aws.persistence.rolesanywhere-create-trust-anchor.json │ ├── aws.persistence.sts-federation-token.json │ └── aws.privilege-escalation.iam-update-user-login-profile.json ├── faq.md ├── index.md ├── index.yaml ├── javascripts │ ├── ga.js │ └── tablesort.js ├── logo.png ├── logo2.png └── user-guide │ ├── commands │ ├── autocompletion.md │ ├── cleanup.md │ ├── detonate.md │ ├── index.md │ ├── list.md │ ├── revert.md │ ├── show.md │ ├── status.md │ └── warmup.md │ ├── examples.md │ ├── getting-started.md │ ├── programmatic-usage.md │ ├── state-machine.drawio │ ├── state-machine.png │ ├── troubleshooting.md │ └── usage.md ├── examples ├── README.md ├── basic │ ├── README.md │ ├── detonate_stratus_red_team_technique.go │ ├── go.mod │ └── go.sum ├── custom │ ├── README.md │ ├── detonate_custom_technique.go │ ├── go.mod │ ├── go.sum │ └── prerequisites.tf └── detonate-and-dump-cloudtrail-logs │ ├── README.md │ ├── dump-logs.go │ ├── go.mod │ └── go.sum ├── mkdocs.yml └── v2 ├── cmd └── stratus │ ├── cleanup_cmd.go │ ├── detonate_cmd.go │ ├── list_cmd.go │ ├── main.go │ ├── revert_cmd.go │ ├── show_cmd.go │ ├── status_cmd.go │ ├── util.go │ ├── version_cmd.go │ └── warmup_cmd.go ├── go.mod ├── go.sum ├── internal ├── attacktechniques │ ├── aws │ │ ├── credential-access │ │ │ ├── ec2-get-password-data │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── ec2-steal-instance-credentials │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── secretsmanager-batch-retrieve-secrets │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── secretsmanager-retrieve-secrets │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ └── ssm-retrieve-securestring-parameters │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ ├── defense-evasion │ │ │ ├── cloudtrail-delete │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── cloudtrail-event-selectors │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── cloudtrail-lifecycle-rule │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── cloudtrail-stop │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── dns-delete-logs │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── organizations-leave │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ └── vpc-remove-flow-logs │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ ├── discovery │ │ │ ├── ec2-enumerate-from-instance │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── ec2-get-user-data │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ └── ses-enumerate │ │ │ │ └── main.go │ │ ├── execution │ │ │ ├── ec2-launch-unusual-instances │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── ec2-user-data │ │ │ │ ├── main.go │ │ │ │ ├── main.tf │ │ │ │ └── malicious-user-data.sh │ │ │ ├── ssm-send-command │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ └── ssm-start-session │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ ├── exfiltration │ │ │ ├── ec2-security-group-open-port-22-ingress │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── ec2-share-ami │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── ec2-share-ebs-snapshot │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── rds-share-snapshot │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ └── s3-backdoor-bucket-policy │ │ │ │ ├── main.go │ │ │ │ ├── main.tf │ │ │ │ └── malicious_policy.json │ │ ├── impact │ │ │ ├── bedrock-invoke-model │ │ │ │ └── main.go │ │ │ ├── s3-ransomware-batch-deletion │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── s3-ransomware-client-side-encryption │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ └── s3-ransomware-individual-deletion │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ ├── initial-access │ │ │ └── console-login-without-mfa │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ ├── lateral-movement │ │ │ ├── ec2-send-serial-console-send-ssh-public-key │ │ │ │ ├── main.go │ │ │ │ ├── main.tf │ │ │ │ └── my_key.pub │ │ │ └── ec2-send-ssh-public-key │ │ │ │ ├── main.go │ │ │ │ ├── main.tf │ │ │ │ └── my_key.pub │ │ ├── persistence │ │ │ ├── iam-backdoor-role │ │ │ │ ├── main.go │ │ │ │ ├── main.tf │ │ │ │ └── malicious_policy.json │ │ │ ├── iam-backdoor-user │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── iam-create-admin-user │ │ │ │ └── main.go │ │ │ ├── iam-create-backdoor-role │ │ │ │ ├── main.go │ │ │ │ └── malicious_trust_policy.json │ │ │ ├── iam-create-user-login-profile │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── lambda-backdoor-function │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── lambda-layer-extension │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── lambda-overwrite-code │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── rolesanywhere-create-trust-anchor │ │ │ │ ├── ca.crt │ │ │ │ ├── ca.key │ │ │ │ ├── client.crt │ │ │ │ ├── client.key │ │ │ │ ├── generate-client-side-certificates.sh │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ └── sts-federation-token │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ └── privilege-escalation │ │ │ └── change-iam-user-password │ │ │ ├── main.go │ │ │ └── main.tf │ ├── azure │ │ ├── execution │ │ │ ├── vm-custom-script-extension │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ └── vm-run-command │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ ├── exfiltration │ │ │ └── disk-export │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ └── persistence │ │ │ └── create-bastion-shareable-link │ │ │ ├── main.go │ │ │ └── main.tf │ ├── eks │ │ ├── lateral-movement │ │ │ └── create-access-entry │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ └── persistence │ │ │ └── backdoor-aws-auth-configmap │ │ │ ├── main.go │ │ │ └── main.tf │ ├── entra-id │ │ └── persistence │ │ │ ├── backdoor-application-sp │ │ │ ├── main.go │ │ │ └── main.tf │ │ │ ├── backdoor-application │ │ │ ├── main.go │ │ │ └── main.tf │ │ │ ├── guest-user │ │ │ └── main.go │ │ │ ├── hidden-au │ │ │ ├── main.go │ │ │ └── main.tf │ │ │ ├── new-application │ │ │ └── main.go │ │ │ └── restricted-au │ │ │ ├── main.go │ │ │ └── main.tf │ ├── gcp │ │ ├── credential-access │ │ │ └── secretmanager-retrieve-secrets │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ ├── exfiltration │ │ │ ├── share-compute-disk │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── share-compute-image │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ └── share-compute-snapshot │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ ├── persistence │ │ │ ├── backdoor-service-account-policy │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── create-admin-service-account │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ ├── create-service-account-key │ │ │ │ ├── main.go │ │ │ │ └── main.tf │ │ │ └── invite-external-user │ │ │ │ └── main.go │ │ └── privilege-escalation │ │ │ └── impersonate-service-accounts │ │ │ ├── main.go │ │ │ └── main.tf │ ├── k8s │ │ ├── credential-access │ │ │ ├── dump-secrets │ │ │ │ └── main.go │ │ │ └── steal-serviceaccount-token │ │ │ │ ├── main.go │ │ │ │ ├── main.tf │ │ │ │ └── sample.pub │ │ ├── persistence │ │ │ ├── create-admin-clusterrole │ │ │ │ └── main.go │ │ │ ├── create-client-certificate │ │ │ │ └── main.go │ │ │ └── create-token │ │ │ │ └── main.go │ │ └── privilege-escalation │ │ │ ├── hostpath-volume │ │ │ ├── main.go │ │ │ └── main.tf │ │ │ ├── nodes-proxy │ │ │ ├── main.go │ │ │ └── main.tf │ │ │ └── privileged-pod │ │ │ ├── main.go │ │ │ └── main.tf │ └── main.go ├── providers │ ├── aws.go │ ├── azure.go │ ├── eks.go │ ├── entra_id.go │ ├── gcp.go │ └── kubernetes.go ├── state │ ├── mocks │ │ ├── FileSystem.go │ │ └── StateManager.go │ ├── state.go │ └── state_test.go └── utils │ ├── aws_utils.go │ ├── aws_utils_test.go │ ├── env.go │ ├── file.go │ ├── functions.go │ ├── functions_test.go │ └── gcp │ └── gcp_utils.go ├── pkg └── stratus │ ├── attack_technique.go │ ├── attack_technique_state.go │ ├── framework.go │ ├── loader │ └── main.go │ ├── mitreattack │ └── tactics.go │ ├── platform.go │ ├── providers.go │ ├── registry.go │ ├── registry_test.go │ ├── runner │ ├── mocks │ │ └── TerraformManager.go │ ├── runner.go │ ├── runner_test.go │ └── terraform.go │ └── useragent │ └── user_agent.go └── tools ├── doc.tpl ├── full-list.tpl ├── generate-coverage-matrices.go ├── generate-docs.go ├── generate-techniques-documentation.go ├── generate-yaml.go ├── index-by-platform.tpl └── index.go /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/ISSUE_TEMPLATE/bug_report.md -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/ISSUE_TEMPLATE/feature_request.md -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/pull_request_template.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/pull_request_template.md -------------------------------------------------------------------------------- /.github/workflows/docker.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/workflows/docker.yml -------------------------------------------------------------------------------- /.github/workflows/docs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/workflows/docs.yml -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/workflows/release.yml -------------------------------------------------------------------------------- /.github/workflows/scorecards.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/workflows/scorecards.yml -------------------------------------------------------------------------------- /.github/workflows/static-analysis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/workflows/static-analysis.yml -------------------------------------------------------------------------------- /.github/workflows/terraform-lint.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/workflows/terraform-lint.yml -------------------------------------------------------------------------------- /.github/workflows/test.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.github/workflows/test.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.gitignore -------------------------------------------------------------------------------- /.goreleaser.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/.goreleaser.yaml -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/Dockerfile -------------------------------------------------------------------------------- /Formula/stratus-red-team.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/Formula/stratus-red-team.rb -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/LICENSE -------------------------------------------------------------------------------- /LICENSE-3rdparty.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/LICENSE-3rdparty.csv -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/Makefile -------------------------------------------------------------------------------- /NOTICE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/NOTICE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/SECURITY.md -------------------------------------------------------------------------------- /bin/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /docs/CNAME: -------------------------------------------------------------------------------- 1 | stratus-red-team.cloud 2 | -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.credential-access.ec2-get-password-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.credential-access.ec2-get-password-data.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.credential-access.ec2-steal-instance-credentials.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.credential-access.ec2-steal-instance-credentials.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.credential-access.secretsmanager-batch-retrieve-secrets.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.credential-access.secretsmanager-batch-retrieve-secrets.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.credential-access.secretsmanager-retrieve-secrets.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.credential-access.secretsmanager-retrieve-secrets.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.credential-access.ssm-retrieve-securestring-parameters.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.credential-access.ssm-retrieve-securestring-parameters.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.defense-evasion.cloudtrail-delete.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.defense-evasion.cloudtrail-delete.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.defense-evasion.cloudtrail-event-selectors.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.defense-evasion.cloudtrail-event-selectors.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.defense-evasion.cloudtrail-lifecycle-rule.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.defense-evasion.cloudtrail-lifecycle-rule.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.defense-evasion.cloudtrail-stop.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.defense-evasion.cloudtrail-stop.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.defense-evasion.dns-delete-logs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.defense-evasion.dns-delete-logs.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.defense-evasion.organizations-leave.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.defense-evasion.organizations-leave.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.defense-evasion.vpc-remove-flow-logs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.defense-evasion.vpc-remove-flow-logs.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.discovery.ec2-download-user-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.discovery.ec2-download-user-data.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.discovery.ec2-enumerate-from-instance.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.discovery.ec2-enumerate-from-instance.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.discovery.ses-enumerate.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.discovery.ses-enumerate.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.execution.ec2-launch-unusual-instances.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.execution.ec2-launch-unusual-instances.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.execution.ec2-user-data.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.execution.ec2-user-data.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.execution.ssm-send-command.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.execution.ssm-send-command.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.execution.ssm-start-session.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.execution.ssm-start-session.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.exfiltration.ec2-security-group-open-port-22-ingress.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.exfiltration.ec2-security-group-open-port-22-ingress.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.exfiltration.ec2-share-ami.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.exfiltration.ec2-share-ami.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.exfiltration.ec2-share-ebs-snapshot.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.exfiltration.ec2-share-ebs-snapshot.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.exfiltration.rds-share-snapshot.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.exfiltration.rds-share-snapshot.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.exfiltration.s3-backdoor-bucket-policy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.exfiltration.s3-backdoor-bucket-policy.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.impact.bedrock-invoke-model.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.impact.bedrock-invoke-model.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.impact.s3-ransomware-batch-deletion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.impact.s3-ransomware-batch-deletion.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.impact.s3-ransomware-client-side-encryption.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.impact.s3-ransomware-client-side-encryption.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.impact.s3-ransomware-individual-deletion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.impact.s3-ransomware-individual-deletion.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.initial-access.console-login-without-mfa.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.initial-access.console-login-without-mfa.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.lateral-movement.ec2-instance-connect.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.lateral-movement.ec2-instance-connect.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.lateral-movement.ec2-serial-console-send-ssh-public-key.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.lateral-movement.ec2-serial-console-send-ssh-public-key.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.persistence.iam-backdoor-role.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.persistence.iam-backdoor-role.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.persistence.iam-backdoor-user.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.persistence.iam-backdoor-user.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.persistence.iam-create-admin-user.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.persistence.iam-create-admin-user.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.persistence.iam-create-backdoor-role.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.persistence.iam-create-backdoor-role.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.persistence.iam-create-user-login-profile.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.persistence.iam-create-user-login-profile.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.persistence.lambda-backdoor-function.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.persistence.lambda-backdoor-function.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.persistence.lambda-layer-extension.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.persistence.lambda-layer-extension.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.persistence.lambda-overwrite-code.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.persistence.lambda-overwrite-code.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.persistence.rolesanywhere-create-trust-anchor.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.persistence.rolesanywhere-create-trust-anchor.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.persistence.sts-federation-token.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.persistence.sts-federation-token.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/aws.privilege-escalation.iam-update-user-login-profile.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/aws.privilege-escalation.iam-update-user-login-profile.md -------------------------------------------------------------------------------- /docs/attack-techniques/AWS/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/AWS/index.md -------------------------------------------------------------------------------- /docs/attack-techniques/EKS/eks.lateral-movement.create-access-entry.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/EKS/eks.lateral-movement.create-access-entry.md -------------------------------------------------------------------------------- /docs/attack-techniques/EKS/eks.persistence.backdoor-aws-auth-configmap.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/EKS/eks.persistence.backdoor-aws-auth-configmap.md -------------------------------------------------------------------------------- /docs/attack-techniques/EKS/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/EKS/index.md -------------------------------------------------------------------------------- /docs/attack-techniques/GCP/gcp.credential-access.secretmanager-retrieve-secrets.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/GCP/gcp.credential-access.secretmanager-retrieve-secrets.md -------------------------------------------------------------------------------- /docs/attack-techniques/GCP/gcp.exfiltration.share-compute-disk.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/GCP/gcp.exfiltration.share-compute-disk.md -------------------------------------------------------------------------------- /docs/attack-techniques/GCP/gcp.exfiltration.share-compute-image.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/GCP/gcp.exfiltration.share-compute-image.md -------------------------------------------------------------------------------- /docs/attack-techniques/GCP/gcp.exfiltration.share-compute-snapshot.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/GCP/gcp.exfiltration.share-compute-snapshot.md -------------------------------------------------------------------------------- /docs/attack-techniques/GCP/gcp.persistence.backdoor-service-account-policy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/GCP/gcp.persistence.backdoor-service-account-policy.md -------------------------------------------------------------------------------- /docs/attack-techniques/GCP/gcp.persistence.create-admin-service-account.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/GCP/gcp.persistence.create-admin-service-account.md -------------------------------------------------------------------------------- /docs/attack-techniques/GCP/gcp.persistence.create-service-account-key.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/GCP/gcp.persistence.create-service-account-key.md -------------------------------------------------------------------------------- /docs/attack-techniques/GCP/gcp.persistence.invite-external-user.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/GCP/gcp.persistence.invite-external-user.md -------------------------------------------------------------------------------- /docs/attack-techniques/GCP/gcp.privilege-escalation.impersonate-service-accounts.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/GCP/gcp.privilege-escalation.impersonate-service-accounts.md -------------------------------------------------------------------------------- /docs/attack-techniques/GCP/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/GCP/index.md -------------------------------------------------------------------------------- /docs/attack-techniques/azure/azure.execution.vm-custom-script-extension.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/azure/azure.execution.vm-custom-script-extension.md -------------------------------------------------------------------------------- /docs/attack-techniques/azure/azure.execution.vm-run-command.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/azure/azure.execution.vm-run-command.md -------------------------------------------------------------------------------- /docs/attack-techniques/azure/azure.exfiltration.disk-export.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/azure/azure.exfiltration.disk-export.md -------------------------------------------------------------------------------- /docs/attack-techniques/azure/azure.persistence.create-bastion-shareable-link.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/azure/azure.persistence.create-bastion-shareable-link.md -------------------------------------------------------------------------------- /docs/attack-techniques/azure/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/azure/index.md -------------------------------------------------------------------------------- /docs/attack-techniques/entra-id/entra-id.persistence.backdoor-application-sp.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/entra-id/entra-id.persistence.backdoor-application-sp.md -------------------------------------------------------------------------------- /docs/attack-techniques/entra-id/entra-id.persistence.backdoor-application.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/entra-id/entra-id.persistence.backdoor-application.md -------------------------------------------------------------------------------- /docs/attack-techniques/entra-id/entra-id.persistence.guest-user.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/entra-id/entra-id.persistence.guest-user.md -------------------------------------------------------------------------------- /docs/attack-techniques/entra-id/entra-id.persistence.hidden-au.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/entra-id/entra-id.persistence.hidden-au.md -------------------------------------------------------------------------------- /docs/attack-techniques/entra-id/entra-id.persistence.new-application.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/entra-id/entra-id.persistence.new-application.md -------------------------------------------------------------------------------- /docs/attack-techniques/entra-id/entra-id.persistence.restricted-au.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/entra-id/entra-id.persistence.restricted-au.md -------------------------------------------------------------------------------- /docs/attack-techniques/entra-id/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/entra-id/index.md -------------------------------------------------------------------------------- /docs/attack-techniques/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/index.md -------------------------------------------------------------------------------- /docs/attack-techniques/kubernetes/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/kubernetes/index.md -------------------------------------------------------------------------------- /docs/attack-techniques/kubernetes/k8s.credential-access.dump-secrets.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/kubernetes/k8s.credential-access.dump-secrets.md -------------------------------------------------------------------------------- /docs/attack-techniques/kubernetes/k8s.credential-access.steal-serviceaccount-token.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/kubernetes/k8s.credential-access.steal-serviceaccount-token.md -------------------------------------------------------------------------------- /docs/attack-techniques/kubernetes/k8s.persistence.create-admin-clusterrole.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/kubernetes/k8s.persistence.create-admin-clusterrole.md -------------------------------------------------------------------------------- /docs/attack-techniques/kubernetes/k8s.persistence.create-client-certificate.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/kubernetes/k8s.persistence.create-client-certificate.md -------------------------------------------------------------------------------- /docs/attack-techniques/kubernetes/k8s.persistence.create-token.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/kubernetes/k8s.persistence.create-token.md -------------------------------------------------------------------------------- /docs/attack-techniques/kubernetes/k8s.privilege-escalation.hostpath-volume.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/kubernetes/k8s.privilege-escalation.hostpath-volume.md -------------------------------------------------------------------------------- /docs/attack-techniques/kubernetes/k8s.privilege-escalation.nodes-proxy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/kubernetes/k8s.privilege-escalation.nodes-proxy.md -------------------------------------------------------------------------------- /docs/attack-techniques/kubernetes/k8s.privilege-escalation.privileged-pod.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/kubernetes/k8s.privilege-escalation.privileged-pod.md -------------------------------------------------------------------------------- /docs/attack-techniques/list.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/list.md -------------------------------------------------------------------------------- /docs/attack-techniques/mitre-attack-coverage-matrices.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/mitre-attack-coverage-matrices.md -------------------------------------------------------------------------------- /docs/attack-techniques/philosophy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/philosophy.md -------------------------------------------------------------------------------- /docs/attack-techniques/supported-platforms.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/attack-techniques/supported-platforms.md -------------------------------------------------------------------------------- /docs/comparison.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/comparison.md -------------------------------------------------------------------------------- /docs/contributing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/contributing.md -------------------------------------------------------------------------------- /docs/css/extra.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/css/extra.css -------------------------------------------------------------------------------- /docs/css/w3.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/css/w3.css -------------------------------------------------------------------------------- /docs/demo.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/demo.gif -------------------------------------------------------------------------------- /docs/detonation-logs/aws.credential-access.ec2-get-password-data.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.credential-access.ec2-get-password-data.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.credential-access.ec2-steal-instance-credentials.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.credential-access.ec2-steal-instance-credentials.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.credential-access.secretsmanager-batch-retrieve-secrets.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.credential-access.secretsmanager-batch-retrieve-secrets.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.credential-access.secretsmanager-retrieve-secrets.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.credential-access.secretsmanager-retrieve-secrets.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.credential-access.ssm-retrieve-securestring-parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.credential-access.ssm-retrieve-securestring-parameters.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.defense-evasion.cloudtrail-delete.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.defense-evasion.cloudtrail-delete.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.defense-evasion.cloudtrail-event-selectors.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.defense-evasion.cloudtrail-event-selectors.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.defense-evasion.cloudtrail-stop.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.defense-evasion.cloudtrail-stop.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.defense-evasion.dns-delete-logs.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.defense-evasion.dns-delete-logs.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.defense-evasion.organizations-leave.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.defense-evasion.organizations-leave.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.defense-evasion.vpc-remove-flow-logs.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.defense-evasion.vpc-remove-flow-logs.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.discovery.ec2-download-user-data.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.discovery.ec2-download-user-data.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.execution.ec2-launch-unusual-instances.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.execution.ec2-launch-unusual-instances.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.execution.ec2-user-data.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.execution.ec2-user-data.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.execution.ssm-send-command.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.execution.ssm-send-command.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.execution.ssm-start-session.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.execution.ssm-start-session.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.exfiltration.ec2-security-group-open-port-22-ingress.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.exfiltration.ec2-security-group-open-port-22-ingress.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.exfiltration.ec2-share-ami.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.exfiltration.ec2-share-ami.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.exfiltration.ec2-share-ebs-snapshot.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.exfiltration.ec2-share-ebs-snapshot.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.exfiltration.rds-share-snapshot.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.exfiltration.rds-share-snapshot.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.impact.bedrock-invoke-model.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.impact.bedrock-invoke-model.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.initial-access.console-login-without-mfa.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.initial-access.console-login-without-mfa.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.lateral-movement.ec2-instance-connect.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.lateral-movement.ec2-instance-connect.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.lateral-movement.ec2-serial-console-send-ssh-public-key.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.lateral-movement.ec2-serial-console-send-ssh-public-key.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.persistence.iam-backdoor-role.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.persistence.iam-backdoor-role.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.persistence.iam-backdoor-user.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.persistence.iam-backdoor-user.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.persistence.iam-create-admin-user.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.persistence.iam-create-admin-user.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.persistence.iam-create-backdoor-role.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.persistence.iam-create-backdoor-role.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.persistence.iam-create-user-login-profile.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.persistence.iam-create-user-login-profile.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.persistence.lambda-backdoor-function.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.persistence.lambda-backdoor-function.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.persistence.lambda-layer-extension.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.persistence.lambda-layer-extension.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.persistence.lambda-overwrite-code.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.persistence.lambda-overwrite-code.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.persistence.rolesanywhere-create-trust-anchor.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.persistence.rolesanywhere-create-trust-anchor.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.persistence.sts-federation-token.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.persistence.sts-federation-token.json -------------------------------------------------------------------------------- /docs/detonation-logs/aws.privilege-escalation.iam-update-user-login-profile.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/detonation-logs/aws.privilege-escalation.iam-update-user-login-profile.json -------------------------------------------------------------------------------- /docs/faq.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/faq.md -------------------------------------------------------------------------------- /docs/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/index.md -------------------------------------------------------------------------------- /docs/index.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/index.yaml -------------------------------------------------------------------------------- /docs/javascripts/ga.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/javascripts/ga.js -------------------------------------------------------------------------------- /docs/javascripts/tablesort.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/javascripts/tablesort.js -------------------------------------------------------------------------------- /docs/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/logo.png -------------------------------------------------------------------------------- /docs/logo2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/logo2.png -------------------------------------------------------------------------------- /docs/user-guide/commands/autocompletion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/commands/autocompletion.md -------------------------------------------------------------------------------- /docs/user-guide/commands/cleanup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/commands/cleanup.md -------------------------------------------------------------------------------- /docs/user-guide/commands/detonate.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/commands/detonate.md -------------------------------------------------------------------------------- /docs/user-guide/commands/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/commands/index.md -------------------------------------------------------------------------------- /docs/user-guide/commands/list.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/commands/list.md -------------------------------------------------------------------------------- /docs/user-guide/commands/revert.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/commands/revert.md -------------------------------------------------------------------------------- /docs/user-guide/commands/show.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/commands/show.md -------------------------------------------------------------------------------- /docs/user-guide/commands/status.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/commands/status.md -------------------------------------------------------------------------------- /docs/user-guide/commands/warmup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/commands/warmup.md -------------------------------------------------------------------------------- /docs/user-guide/examples.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/examples.md -------------------------------------------------------------------------------- /docs/user-guide/getting-started.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/getting-started.md -------------------------------------------------------------------------------- /docs/user-guide/programmatic-usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/programmatic-usage.md -------------------------------------------------------------------------------- /docs/user-guide/state-machine.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/state-machine.drawio -------------------------------------------------------------------------------- /docs/user-guide/state-machine.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/state-machine.png -------------------------------------------------------------------------------- /docs/user-guide/troubleshooting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/troubleshooting.md -------------------------------------------------------------------------------- /docs/user-guide/usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/docs/user-guide/usage.md -------------------------------------------------------------------------------- /examples/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/README.md -------------------------------------------------------------------------------- /examples/basic/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/basic/README.md -------------------------------------------------------------------------------- /examples/basic/detonate_stratus_red_team_technique.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/basic/detonate_stratus_red_team_technique.go -------------------------------------------------------------------------------- /examples/basic/go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/basic/go.mod -------------------------------------------------------------------------------- /examples/basic/go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/basic/go.sum -------------------------------------------------------------------------------- /examples/custom/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/custom/README.md -------------------------------------------------------------------------------- /examples/custom/detonate_custom_technique.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/custom/detonate_custom_technique.go -------------------------------------------------------------------------------- /examples/custom/go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/custom/go.mod -------------------------------------------------------------------------------- /examples/custom/go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/custom/go.sum -------------------------------------------------------------------------------- /examples/custom/prerequisites.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/custom/prerequisites.tf -------------------------------------------------------------------------------- /examples/detonate-and-dump-cloudtrail-logs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/detonate-and-dump-cloudtrail-logs/README.md -------------------------------------------------------------------------------- /examples/detonate-and-dump-cloudtrail-logs/dump-logs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/detonate-and-dump-cloudtrail-logs/dump-logs.go -------------------------------------------------------------------------------- /examples/detonate-and-dump-cloudtrail-logs/go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/detonate-and-dump-cloudtrail-logs/go.mod -------------------------------------------------------------------------------- /examples/detonate-and-dump-cloudtrail-logs/go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/examples/detonate-and-dump-cloudtrail-logs/go.sum -------------------------------------------------------------------------------- /mkdocs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/mkdocs.yml -------------------------------------------------------------------------------- /v2/cmd/stratus/cleanup_cmd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/cmd/stratus/cleanup_cmd.go -------------------------------------------------------------------------------- /v2/cmd/stratus/detonate_cmd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/cmd/stratus/detonate_cmd.go -------------------------------------------------------------------------------- /v2/cmd/stratus/list_cmd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/cmd/stratus/list_cmd.go -------------------------------------------------------------------------------- /v2/cmd/stratus/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/cmd/stratus/main.go -------------------------------------------------------------------------------- /v2/cmd/stratus/revert_cmd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/cmd/stratus/revert_cmd.go -------------------------------------------------------------------------------- /v2/cmd/stratus/show_cmd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/cmd/stratus/show_cmd.go -------------------------------------------------------------------------------- /v2/cmd/stratus/status_cmd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/cmd/stratus/status_cmd.go -------------------------------------------------------------------------------- /v2/cmd/stratus/util.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/cmd/stratus/util.go -------------------------------------------------------------------------------- /v2/cmd/stratus/version_cmd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/cmd/stratus/version_cmd.go -------------------------------------------------------------------------------- /v2/cmd/stratus/warmup_cmd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/cmd/stratus/warmup_cmd.go -------------------------------------------------------------------------------- /v2/go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/go.mod -------------------------------------------------------------------------------- /v2/go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/go.sum -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/credential-access/ec2-get-password-data/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/credential-access/ec2-get-password-data/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/credential-access/ec2-get-password-data/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/credential-access/ec2-get-password-data/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/credential-access/ec2-steal-instance-credentials/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/credential-access/ec2-steal-instance-credentials/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/credential-access/ec2-steal-instance-credentials/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/credential-access/ec2-steal-instance-credentials/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/credential-access/secretsmanager-batch-retrieve-secrets/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/credential-access/secretsmanager-batch-retrieve-secrets/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/credential-access/secretsmanager-batch-retrieve-secrets/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/credential-access/secretsmanager-batch-retrieve-secrets/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/credential-access/secretsmanager-retrieve-secrets/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/credential-access/secretsmanager-retrieve-secrets/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/credential-access/secretsmanager-retrieve-secrets/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/credential-access/secretsmanager-retrieve-secrets/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/credential-access/ssm-retrieve-securestring-parameters/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/credential-access/ssm-retrieve-securestring-parameters/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/credential-access/ssm-retrieve-securestring-parameters/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/credential-access/ssm-retrieve-securestring-parameters/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-delete/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-delete/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-delete/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-delete/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-event-selectors/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-event-selectors/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-event-selectors/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-event-selectors/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-lifecycle-rule/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-lifecycle-rule/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-lifecycle-rule/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-lifecycle-rule/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-stop/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-stop/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-stop/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/cloudtrail-stop/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/dns-delete-logs/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/dns-delete-logs/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/dns-delete-logs/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/dns-delete-logs/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/organizations-leave/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/organizations-leave/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/organizations-leave/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/organizations-leave/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/vpc-remove-flow-logs/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/vpc-remove-flow-logs/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/defense-evasion/vpc-remove-flow-logs/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/defense-evasion/vpc-remove-flow-logs/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/discovery/ec2-enumerate-from-instance/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/discovery/ec2-enumerate-from-instance/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/discovery/ec2-enumerate-from-instance/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/discovery/ec2-enumerate-from-instance/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/discovery/ec2-get-user-data/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/discovery/ec2-get-user-data/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/discovery/ec2-get-user-data/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/discovery/ec2-get-user-data/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/discovery/ses-enumerate/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/discovery/ses-enumerate/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/execution/ec2-launch-unusual-instances/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/execution/ec2-launch-unusual-instances/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/execution/ec2-launch-unusual-instances/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/execution/ec2-launch-unusual-instances/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/execution/ec2-user-data/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/execution/ec2-user-data/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/execution/ec2-user-data/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/execution/ec2-user-data/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/execution/ec2-user-data/malicious-user-data.sh: -------------------------------------------------------------------------------- 1 | #cloud-boothook 2 | 3 | id > /tmp/id.txt -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/execution/ssm-send-command/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/execution/ssm-send-command/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/execution/ssm-send-command/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/execution/ssm-send-command/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/execution/ssm-start-session/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/execution/ssm-start-session/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/execution/ssm-start-session/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/execution/ssm-start-session/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/ec2-security-group-open-port-22-ingress/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/ec2-security-group-open-port-22-ingress/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/ec2-security-group-open-port-22-ingress/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/ec2-security-group-open-port-22-ingress/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/ec2-share-ami/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/ec2-share-ami/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/ec2-share-ami/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/ec2-share-ami/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/ec2-share-ebs-snapshot/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/ec2-share-ebs-snapshot/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/ec2-share-ebs-snapshot/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/ec2-share-ebs-snapshot/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/rds-share-snapshot/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/rds-share-snapshot/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/rds-share-snapshot/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/rds-share-snapshot/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/s3-backdoor-bucket-policy/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/s3-backdoor-bucket-policy/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/s3-backdoor-bucket-policy/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/s3-backdoor-bucket-policy/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/exfiltration/s3-backdoor-bucket-policy/malicious_policy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/exfiltration/s3-backdoor-bucket-policy/malicious_policy.json -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/impact/bedrock-invoke-model/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/impact/bedrock-invoke-model/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/impact/s3-ransomware-batch-deletion/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/impact/s3-ransomware-batch-deletion/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/impact/s3-ransomware-batch-deletion/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/impact/s3-ransomware-batch-deletion/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/impact/s3-ransomware-client-side-encryption/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/impact/s3-ransomware-client-side-encryption/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/impact/s3-ransomware-client-side-encryption/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/impact/s3-ransomware-client-side-encryption/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/impact/s3-ransomware-individual-deletion/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/impact/s3-ransomware-individual-deletion/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/impact/s3-ransomware-individual-deletion/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/impact/s3-ransomware-individual-deletion/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/initial-access/console-login-without-mfa/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/initial-access/console-login-without-mfa/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/initial-access/console-login-without-mfa/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/initial-access/console-login-without-mfa/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/lateral-movement/ec2-send-serial-console-send-ssh-public-key/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/lateral-movement/ec2-send-serial-console-send-ssh-public-key/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/lateral-movement/ec2-send-serial-console-send-ssh-public-key/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/lateral-movement/ec2-send-serial-console-send-ssh-public-key/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/lateral-movement/ec2-send-serial-console-send-ssh-public-key/my_key.pub: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/lateral-movement/ec2-send-serial-console-send-ssh-public-key/my_key.pub -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/lateral-movement/ec2-send-ssh-public-key/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/lateral-movement/ec2-send-ssh-public-key/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/lateral-movement/ec2-send-ssh-public-key/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/lateral-movement/ec2-send-ssh-public-key/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/lateral-movement/ec2-send-ssh-public-key/my_key.pub: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/lateral-movement/ec2-send-ssh-public-key/my_key.pub -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/iam-backdoor-role/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/iam-backdoor-role/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/iam-backdoor-role/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/iam-backdoor-role/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/iam-backdoor-role/malicious_policy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/iam-backdoor-role/malicious_policy.json -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/iam-backdoor-user/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/iam-backdoor-user/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/iam-backdoor-user/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/iam-backdoor-user/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/iam-create-admin-user/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/iam-create-admin-user/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/iam-create-backdoor-role/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/iam-create-backdoor-role/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/iam-create-backdoor-role/malicious_trust_policy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/iam-create-backdoor-role/malicious_trust_policy.json -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/iam-create-user-login-profile/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/iam-create-user-login-profile/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/iam-create-user-login-profile/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/iam-create-user-login-profile/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/lambda-backdoor-function/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/lambda-backdoor-function/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/lambda-backdoor-function/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/lambda-backdoor-function/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/lambda-layer-extension/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/lambda-layer-extension/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/lambda-layer-extension/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/lambda-layer-extension/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/lambda-overwrite-code/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/lambda-overwrite-code/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/lambda-overwrite-code/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/lambda-overwrite-code/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/ca.crt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/ca.crt -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/ca.key: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/ca.key -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/client.crt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/client.crt -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/client.key: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/client.key -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/generate-client-side-certificates.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/generate-client-side-certificates.sh -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/rolesanywhere-create-trust-anchor/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/sts-federation-token/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/sts-federation-token/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/persistence/sts-federation-token/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/persistence/sts-federation-token/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/privilege-escalation/change-iam-user-password/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/privilege-escalation/change-iam-user-password/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/aws/privilege-escalation/change-iam-user-password/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/aws/privilege-escalation/change-iam-user-password/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/azure/execution/vm-custom-script-extension/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/azure/execution/vm-custom-script-extension/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/azure/execution/vm-custom-script-extension/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/azure/execution/vm-custom-script-extension/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/azure/execution/vm-run-command/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/azure/execution/vm-run-command/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/azure/execution/vm-run-command/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/azure/execution/vm-run-command/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/azure/exfiltration/disk-export/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/azure/exfiltration/disk-export/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/azure/exfiltration/disk-export/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/azure/exfiltration/disk-export/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/azure/persistence/create-bastion-shareable-link/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/azure/persistence/create-bastion-shareable-link/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/azure/persistence/create-bastion-shareable-link/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/azure/persistence/create-bastion-shareable-link/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/eks/lateral-movement/create-access-entry/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/eks/lateral-movement/create-access-entry/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/eks/lateral-movement/create-access-entry/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/eks/lateral-movement/create-access-entry/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/eks/persistence/backdoor-aws-auth-configmap/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/eks/persistence/backdoor-aws-auth-configmap/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/eks/persistence/backdoor-aws-auth-configmap/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/eks/persistence/backdoor-aws-auth-configmap/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/entra-id/persistence/backdoor-application-sp/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/entra-id/persistence/backdoor-application-sp/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/entra-id/persistence/backdoor-application-sp/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/entra-id/persistence/backdoor-application-sp/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/entra-id/persistence/backdoor-application/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/entra-id/persistence/backdoor-application/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/entra-id/persistence/backdoor-application/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/entra-id/persistence/backdoor-application/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/entra-id/persistence/guest-user/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/entra-id/persistence/guest-user/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/entra-id/persistence/hidden-au/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/entra-id/persistence/hidden-au/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/entra-id/persistence/hidden-au/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/entra-id/persistence/hidden-au/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/entra-id/persistence/new-application/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/entra-id/persistence/new-application/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/entra-id/persistence/restricted-au/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/entra-id/persistence/restricted-au/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/entra-id/persistence/restricted-au/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/entra-id/persistence/restricted-au/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/credential-access/secretmanager-retrieve-secrets/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/credential-access/secretmanager-retrieve-secrets/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/credential-access/secretmanager-retrieve-secrets/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/credential-access/secretmanager-retrieve-secrets/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/exfiltration/share-compute-disk/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/exfiltration/share-compute-disk/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/exfiltration/share-compute-disk/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/exfiltration/share-compute-disk/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/exfiltration/share-compute-image/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/exfiltration/share-compute-image/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/exfiltration/share-compute-image/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/exfiltration/share-compute-image/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/exfiltration/share-compute-snapshot/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/exfiltration/share-compute-snapshot/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/exfiltration/share-compute-snapshot/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/exfiltration/share-compute-snapshot/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/persistence/backdoor-service-account-policy/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/persistence/backdoor-service-account-policy/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/persistence/backdoor-service-account-policy/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/persistence/backdoor-service-account-policy/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/persistence/create-admin-service-account/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/persistence/create-admin-service-account/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/persistence/create-admin-service-account/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/persistence/create-admin-service-account/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/persistence/create-service-account-key/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/persistence/create-service-account-key/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/persistence/create-service-account-key/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/persistence/create-service-account-key/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/persistence/invite-external-user/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/persistence/invite-external-user/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/privilege-escalation/impersonate-service-accounts/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/privilege-escalation/impersonate-service-accounts/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/gcp/privilege-escalation/impersonate-service-accounts/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/gcp/privilege-escalation/impersonate-service-accounts/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/credential-access/dump-secrets/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/credential-access/dump-secrets/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/credential-access/steal-serviceaccount-token/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/credential-access/steal-serviceaccount-token/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/credential-access/steal-serviceaccount-token/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/credential-access/steal-serviceaccount-token/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/credential-access/steal-serviceaccount-token/sample.pub: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/credential-access/steal-serviceaccount-token/sample.pub -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/persistence/create-admin-clusterrole/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/persistence/create-admin-clusterrole/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/persistence/create-client-certificate/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/persistence/create-client-certificate/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/persistence/create-token/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/persistence/create-token/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/privilege-escalation/hostpath-volume/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/privilege-escalation/hostpath-volume/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/privilege-escalation/hostpath-volume/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/privilege-escalation/hostpath-volume/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/privilege-escalation/nodes-proxy/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/privilege-escalation/nodes-proxy/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/privilege-escalation/nodes-proxy/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/privilege-escalation/nodes-proxy/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/privilege-escalation/privileged-pod/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/privilege-escalation/privileged-pod/main.go -------------------------------------------------------------------------------- /v2/internal/attacktechniques/k8s/privilege-escalation/privileged-pod/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/k8s/privilege-escalation/privileged-pod/main.tf -------------------------------------------------------------------------------- /v2/internal/attacktechniques/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/attacktechniques/main.go -------------------------------------------------------------------------------- /v2/internal/providers/aws.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/providers/aws.go -------------------------------------------------------------------------------- /v2/internal/providers/azure.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/providers/azure.go -------------------------------------------------------------------------------- /v2/internal/providers/eks.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/providers/eks.go -------------------------------------------------------------------------------- /v2/internal/providers/entra_id.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/providers/entra_id.go -------------------------------------------------------------------------------- /v2/internal/providers/gcp.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/providers/gcp.go -------------------------------------------------------------------------------- /v2/internal/providers/kubernetes.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/providers/kubernetes.go -------------------------------------------------------------------------------- /v2/internal/state/mocks/FileSystem.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/state/mocks/FileSystem.go -------------------------------------------------------------------------------- /v2/internal/state/mocks/StateManager.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/state/mocks/StateManager.go -------------------------------------------------------------------------------- /v2/internal/state/state.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/state/state.go -------------------------------------------------------------------------------- /v2/internal/state/state_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/state/state_test.go -------------------------------------------------------------------------------- /v2/internal/utils/aws_utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/utils/aws_utils.go -------------------------------------------------------------------------------- /v2/internal/utils/aws_utils_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/utils/aws_utils_test.go -------------------------------------------------------------------------------- /v2/internal/utils/env.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | const AttackerEmailEnvVarKey = "STRATUS_RED_TEAM_ATTACKER_EMAIL" 4 | -------------------------------------------------------------------------------- /v2/internal/utils/file.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/utils/file.go -------------------------------------------------------------------------------- /v2/internal/utils/functions.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/utils/functions.go -------------------------------------------------------------------------------- /v2/internal/utils/functions_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/utils/functions_test.go -------------------------------------------------------------------------------- /v2/internal/utils/gcp/gcp_utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/internal/utils/gcp/gcp_utils.go -------------------------------------------------------------------------------- /v2/pkg/stratus/attack_technique.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/attack_technique.go -------------------------------------------------------------------------------- /v2/pkg/stratus/attack_technique_state.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/attack_technique_state.go -------------------------------------------------------------------------------- /v2/pkg/stratus/framework.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/framework.go -------------------------------------------------------------------------------- /v2/pkg/stratus/loader/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/loader/main.go -------------------------------------------------------------------------------- /v2/pkg/stratus/mitreattack/tactics.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/mitreattack/tactics.go -------------------------------------------------------------------------------- /v2/pkg/stratus/platform.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/platform.go -------------------------------------------------------------------------------- /v2/pkg/stratus/providers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/providers.go -------------------------------------------------------------------------------- /v2/pkg/stratus/registry.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/registry.go -------------------------------------------------------------------------------- /v2/pkg/stratus/registry_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/registry_test.go -------------------------------------------------------------------------------- /v2/pkg/stratus/runner/mocks/TerraformManager.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/runner/mocks/TerraformManager.go -------------------------------------------------------------------------------- /v2/pkg/stratus/runner/runner.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/runner/runner.go -------------------------------------------------------------------------------- /v2/pkg/stratus/runner/runner_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/runner/runner_test.go -------------------------------------------------------------------------------- /v2/pkg/stratus/runner/terraform.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/runner/terraform.go -------------------------------------------------------------------------------- /v2/pkg/stratus/useragent/user_agent.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/pkg/stratus/useragent/user_agent.go -------------------------------------------------------------------------------- /v2/tools/doc.tpl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/tools/doc.tpl -------------------------------------------------------------------------------- /v2/tools/full-list.tpl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/tools/full-list.tpl -------------------------------------------------------------------------------- /v2/tools/generate-coverage-matrices.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/tools/generate-coverage-matrices.go -------------------------------------------------------------------------------- /v2/tools/generate-docs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/tools/generate-docs.go -------------------------------------------------------------------------------- /v2/tools/generate-techniques-documentation.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/tools/generate-techniques-documentation.go -------------------------------------------------------------------------------- /v2/tools/generate-yaml.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/tools/generate-yaml.go -------------------------------------------------------------------------------- /v2/tools/index-by-platform.tpl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/tools/index-by-platform.tpl -------------------------------------------------------------------------------- /v2/tools/index.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DataDog/stratus-red-team/HEAD/v2/tools/index.go --------------------------------------------------------------------------------