WINTRE

Adversary Simulation Tool by Martin Earls

Get Started

WINTRE

About

Simulation tool focussing around the MITRE ATT&CK Framework.

  • Reduce external security testing cost
  • Validate the costs of your security controls (anti-virus / EDR)
  • Highlight weaknesses of existing security controls
  • Automate telemetry creation for SIEM pipeline

Improve your organisation's security posture.

  • Generate security alerts and test your detection analytics
  • Note visibility gaps and record technique coverage
  • Mitigate and re-test with ease
  • Test your resilience against ransomware, spyware, and password stealers.

Link to Github

Post Exploitation Techniques

Tactics (Category of Technique)

Techniques

Run various post-exploitation techniques.

Campaigns

Keep track of what you've simulated, easily re-test your security controls.

Custom Techniques

Easily extend technique coverage leveraging PowerShell or Command Prompt.

Reports

Generate word reports automatically during testing.

Documentation

Research Document

Research into developing the solution.

Functional Specification

Planning out the functional requirements of the application.

Design Specification

Consideration of use cases and control flow logic including diagrams and example proposals.

Technical Manual

Code listings.

User Manual

Instructions on how to use the tool.

Final Report

Summarises what was achieved and future design considerations.

Contact

As a certified network penetration tester, I've found great interest in threat emulation and intend to further develop and experiment with solutions in this area. If you have any questions about the project or would like to contact me feel free to email me directly or message me on Linked In.