ASF is an Attack Script Framework that draws inspiration from modular C2 architecture, interoperability, portability, efficient script building, and execution workflows.
ASF provides a framework for building, managing, deploying, and executing attack scripts on macOS and Linux systems.
| Feature | Description |
|---|---|
| Attack Script Builder | Build custom scripts to simulate attacker behaviors beyond ARMADO's existing library. |
| Attack Script Execution | C2 style architecture designed to execute scripts remotely on macOS or Linux, instantly log and review outcomes. |
| MITRE ATT&CK Mapping | Maps script functions to MITRE ATT&CK techniques. |
| Modular Architecture | Creates consistent, modular, and interoperable scripts. |
| Platform Support | Targets macOS and Linux environments. |
| Extensibility | Adds new scripts and functionalities easily. |
| Integration | Supports output in JSON and STIX 2.1 formats for integration with tools like VECTR. |
- macOS
- Linux
ASF is under active development. Expect changes to features and documentation.
TBD
MITRE ATT&CK Disclaimer MITRE ATT&CK® is a registered trademark of The MITRE Corporation. Visit https://attack.mitre.org/ for more information.
https://itea.org/images/pdf/conferences/2017_Cyber/Proceedings/Shaffer_AutomatedAttackFramework.pdf https://research.swtch.com/xz-script https://www.deepinstinct.com/blog/what-are-script-based-attacks-and-what-can-be-done-to-prevent-them https://www.usenix.org/conference/usenixsecurity13/technical-sessions/papers/wang
This project uses the Apache License 2.0. See the LICENSE file for details.