Windows Batch Script APT Simulator ToolSet

(Last Updated On: 4th February 2018)

Reading time ~1min


APT Simulator is a toolset that allows you to make a system to look as if it has been compromised by an Advanced Persistence Threat (APT) actor. There are multiply use-cases to use this tool. For example,  it can allow attack simulation against your SOC environment to measure the effectiveness of your team against time-to-respond and time-to-contain during an incident. Another use-case could be to launch it in a PC to train your team against Digital Forensics and Incident Response (DFIR) capabilities.

According to @cyb3rops (aka Florian Roth), APT Simulator is a Windows Batch script that uses a set of tools and output files to make a system look as if has been compromised. The focus of this tool is to simulate adversary activity, not malware. See the Advanced Solutions section for advanced tools to simulate adversary and malware activity.

Advanced Solutions:

The CALDERA automated adversary emulation system https://github.com/mitre/caldera

Infection Monkey – An automated pentest tool https://github.com/guardicore/monkey

Flightsim – A utility to generate malicious network traffic and evaluate controls https://github.com/alphasoc/flightsim