Background

This can be used an easy way of simulating a cloud and container compromise - to trigger detections

It is inspired by Florian Roth's APTSimulator

This allows you to trigger detections without running real world malware. Still, do not run this on production systems as it can reduce their security.

How to Run

Copy the files to a Linux system and run:

chmod +x ./setup.sh
./setup.sh

You can also clone the repository directly, for example you can run on Amazon Linux like this:

sudo yum install git
git clone https://github.com/cado-security/CloudAndContainerCompromiseSimulator.git
cd CloudAndContainerCompromiseSimulator
chmod +x ./setup.sh
sudo ./setup.sh

Name		Name	Last commit message	Last commit date
Latest commit History 27 Commits
bins		bins
licenses		licenses
logs		logs
LICENSE		LICENSE
ReadMe.md		ReadMe.md
Screenshot.png		Screenshot.png
cloud-yara.rules		cloud-yara.rules
setup.sh		setup.sh
setup_dont_install_docker.sh		setup_dont_install_docker.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Background

How to Run

Tools Deployed

About

Releases 1

Packages

Languages

License

cado-security/CloudAndContainerCompromiseSimulator

Folders and files

Latest commit

History

Repository files navigation

Background

How to Run

Tools Deployed

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 1

Packages 0

Languages

Packages