Need help with ATTPwn?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

Telefonica
148 Stars 27 Forks GNU General Public License v3.0 39 Commits 5 Opened issues

Description

ATTPwn

Services available

!
?

Need anything else?

Contributors list

# 229,431
Shell
nfc
ble
HTML
2 commits

Supported Python versions License

ATTPwn

____  ______  ______  ____  __    __  ____  
/    ||      ||      ||    \|  |__|  ||    \
|  o  ||      ||      ||  o  )  |  |  ||  _  |
|     ||_|  |_||_|  |_||   _/|  |  |  ||  |  |
|  _  |  |  |    |  |  |  |  |  `  '  ||  |  |
|  |  |  |  |    |  |  |  |   \      / |  |  |
|__|__|  |__|    |__|  |__|    \_/\_/  |__|__|

ATTPwn is a computer security tool designed to emulate adversaries. The tool aims to bring emulation of a real threat into closer contact with implementations based on the techniques and tactics from the MITRE ATT&CK framework. The goal is to simulate how a threat works in an intrusion scenario, where the threat has been successfully deployed. It is focused on Microsoft Windows systems through the use of the Powershell command line. This enables the different techniques based on MITRE ATT&CK to be applied. ATTPwn is designed to allow the emulation of adversaries as for a Red Team exercise and to verify the effectiveness and efficiency of the organization's controls in the face of a real threat.

Prerequisities

To run ATTPwn it is mandatory to have PowerShell 3.0 or higher. To run the ATTPwn you need python 3 or higher and some python libraries. You can install this with:

[python]
pip install -r requirements.txt

Note: ATTPwn works in python 3.X. Make sure you run a pip relative to this version.

Usage

python app.py

Now, open your browser: http://localhost:5000

user: root
pass: toor

Docker

You can use:

docker build -t attpwn:latest .

You can create a container:

docker run --rm -d -p 5000:5000 attpwn:latest

Example videos

ATTPwn - All-in-One: Discovery + privilege escalation + credential dumping + lateral movement on W10

ATTPwn - All-in-One: Discovery + privilege escalation + credential dumping + lateral movement on W10

ATTPwn - All-in-One: Discovery + privilege escalation + credential dumping + lateral movement on W7

ATTPwn - All-in-One: Discovery + privilege escalation + credential dumping + lateral movement on W7

ATTPwn: Powerdump + bypass uac + powerdump + minikatz

ATTPwn: Powerdump + bypass uac + powerdump + minikatz

ATTPwn: Generation of a basic threat plan and deployment on machine to check your controls/defenses)

ATTPwn: Generation of a basic threat plan and deployment on machine to check your controls/defenses

License

This project is licensed under the GNU General Public License - see the LICENSE file for details

Contact

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

This software doesn't have a QA Process. This software is a Proof of Concept.

If you have any problems, you can contact:

[email protected] - Ideas Locas CDCO - Telefónica

[email protected] - Ideas Locas CDCO - Telefónica

[email protected] - Ideas Locas CDCO - Telefónica

For more information please visit https://www.elevenpaths.com.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.