/thremulation-station

Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.

Primary LanguageShellApache License 2.0Apache-2.0

Thremulation Station



Threat emulation and detection for your laptop

Collection of open source tools working together to enable a reasonably capable machine to serve as a local cyber range.

Thremulation.io | Github | Twitter | Slack


Thremulation Station is an approachable small-scale threat emulation and detection range. It leans on Atomic Red Team for emulating threats, and the Elastic Endpoint Agent for detection.

TL;DR If you're ready to skip the reading and jump into things, head to the Quickstart / Installation section.

Project Goals

Our goal from the very beginning has been to provide the following:

  1. Lightweight range that can operate on a laptop with a minimum of 4 threads and 8G of RAM
  2. Support the big 3 host operating systems (initial linux path is RHEL-based)
  3. Present users a smooth path to execute threats and observe them with Elastic
  4. Provide a singular TUI (Station Control) that can be used to manage all aspects

Getting Started

Ready to jump into things? Head over to the documentation at docs.thremulation.io!