Atomic Red Team

Atomic Red Team^TM is a library of tests that every security team can execute to simulate adversarial activity and validate their defenses. Tests are focused, have few dependencies, align with the MITRE ATT&CK framework, and are defined in a structured format that can be used by automation frameworks. The library’s primary objective is to evaluate whether your monitoring solutions can generate telemetry that aids in identifying adversarial behavior.

For a complete picture of the Atomic Red Team project family and its various offerings, visit the official website.

Running the Tests

The complete library of atomic tests are organized by ATT&CK Technique and platform/OS which can be found at the official website.

Once you’ve selected a test to execute, you can either run the test manually or automated:

• Manually: Copy and paste the provided commands directly into your terminal.

• Automated: Utilize an Execution Framework for streamlined testing. A popular option is Invoke-AtomicRedTeam, and you can learn more about this in the “Getting Started with Atomic Red Team” webcast recording.

Learn More

Dive deeper with the comprehensive Atomic Red Team documentation wiki.

• Videos: Explore curated YouTube playlists covering various topics, from getting started to adversary emulation examples.

• Webinars: Access on-demand webinars for in-depth exploration of specific Atomic Red Team themes.

Stay Connected

• Newsletter: Subscribe to stay informed about the latest Atomic Red Team features.

• Slack Channel: Join the dedicated Slack community to connect and collaborate with other Atomic Red Team users.