Open Source Tool

Atomic Red Team

Atomic Red Team is a collection of small, highly portable detection tests mapped to MITRE ATT&CK®. This gives defenders a highly actionable way to immediately start testing their defenses against a broad spectrum of attacks.

How to get started

Learn 3 steps to start testing your defenses in minutes.

Atomic tests for Windows, macOS, and Linux—all mapped to ATT&CK

Ongoing discussions, questions, and ideas

What Others are Saying

Testing with Atomic Red Team is quite possibly the most important thing you can do this year. What can you detect?”

John Strand

Black Hills Information Security

Useful Resources

Atomic Meets PowerShell

Easily run atomic tests at scale with Invoke-Atomic, a PowerShell-based framework.

Popular Atomic Red Team Articles

Testing the Top MITRE ATT&CK Techniques: PowerShell, Scripting, Regsvr32

Password Filters (T1174): Live Discussion on Detection Challenges and Strategies

Introducing the Next Chapter of Atomic Red Team

Testing Detection and Prevention Tools With Atomic Red Team “Chain Reactions”

Atomic Red Team Tests: Catching the Dragon by the Tail

Red Canary Introduces Atomic Red Team, a New Testing Framework for Defenders

Atomic Red Team Videos

On-Demand Training

Automating Atomic Red Team

On-Demand Training

Testing Your Defenses on MacOS and Linux

On-Demand Training

Taking Atomic Red Team to the Proving Grounds

Atomic Friday on demand