ttpforge

command module

v1.0.12 Latest Latest Go to latest Published: Nov 21, 2023 License: MIT Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/facebookincubator/ttpforge

Links

Open Source Insights

README ¶

TTPForge

TTPForge is a cyber attack simulation platform. This project promotes a Purple Team approach to cybersecurity with the following goals:

To help blue teams accurately measure their detection and response capabilities through high-fidelity simulations of real attacker activity.
To help red teams improve the ROI/actionability of their findings by packaging their attacks as automated, repeatable simulations.

TTPForge allows you to automate attacker tactics, techniques, and procedures (TTPs) using a powerful but easy-to-use YAML format. Check out the links below to learn more!

Installation

Get latest TTPForge release:

bashutils_url="https://raw.githubusercontent.com/l50/dotfiles/main/bashutils"

bashutils_path="/tmp/bashutils"

if [[ ! -f "${bashutils_path}" ]]; then
   curl -s "${bashutils_url}" -o "${bashutils_path}"
fi

source "${bashutils_path}"

fetchFromGithub "facebookincubator" "TTPForge" "latest" ttpforge

At this point, the latest ttpforge release should be in $HOME/.local/bin/ttpforge and subsequently, the $USER's $PATH.

If running in a stripped down system, you can add TTPForge to your $PATH with the following command:

export PATH=$HOME/.local/bin:$PATH

Initialize TTPForge configuration

This command will place a configuration file at the default location ~/.ttpforge/config.yaml and configure the examples and forgearmory TTP repositories:
```
ttpforge init
```
List available TTP repositories (should show examples and forgearmory)
```
ttpforge list repos
```
The examples repository contains the TTPForge examples found in this repository. The ForgeArmory repository contains our arsenal of attacker TTPs powered by TTPForge.
List available TTPs that you can run:
```
ttpforge list ttps
```

Examine an example TTP:

ttpforge show ttp examples//args/basic.yaml

Run the specified example:

ttpforge run examples//args/basic.yaml \
  --arg str_to_print=hello \
  --arg run_second_step=true

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd
pkg
args
blocks
checks
fileutils
logging
outputs
platforms
preprocess
repos
testutils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL