In this chapter, we are going to review the concept of adversary emulation and some of the open source tools available to carry it out. We are going to start covering the design of an emulation plan following a MITRE ATT&CK APT3 example. Then, we are going to cover different sets of tools (Atomic Red Team, MITRE CALDERA, the Mordor project, and the C2 Matrix) that we can use to emulate those threats. Finally, we are going to close the chapter with a quiz involving the core topics we have discussed.
In this chapter, we're going to review the following topics:
- Creating an adversary emulation plan
- How to emulate a threat
- Test yourself