Welcome to this month's edition of the Atomic Newsletter, a monthly email with updates and news about Atomic Red Team™ and its related projects such as MITRE ATT&CK®, Invoke-AtomicRedTeam, AtomicTestHarnesses, and more. Visit our website and join the community chat with us on Slack!

The latest from Atomic Red Team
LISTEN: The Mysteries of Detection Engineering

In this episode of the Google Cloud Security Podcast, Atomic Red Team maintainer and testing enthusiast Keith McCammon talks about the many curiosities of detection engineering, threat intelligence, and testing detections in the real world. This is a great listen for cloud environment detection and testing enthusiasts.

READ: Real Time Threat Detection for Kubernetes with Atomic Red Tests & Falco

Once again, our friends at Black Hills Information Security produce interesting content on new strategies for real time threat detection. In this blog, Developer Advocate for Project Falco Nigel Douglas breaks down the process of installing and using Project Falco for custom rules and event generation.

ESXi test batch

This massive PR from blueteam0ps brings the power of anti-ESXi tactics to Atomic Red Team! These tests are built to run on Windows, leveraging PowerCLI and Plink/PSCP to communicate with remote ESXi hosts. These tests include everything from virtual machine (VM) discovery and termination to policy changes and information discovery.

GitHub Codespace support

Want easy testing in a VM computing environment? Codespaces are free for up to 60 hours a month and allow curious users to test out atomics and create PRs with ease. Atomic Red Team maintainer Hare Sudhan has put together a helpful wiki for those unfamiliar with GitHub Codespace.


Top contributors

  • cyberbuff

New contributors

  • eltociear
  • Rosan091
The Emu-lation series

Have you ever read an article or blog on a recent threat and wanted to pull out your Atomic toolbelt to test against all of its TTPs? This is the series for you. In the newest release of the Emu-lation series, our mischievous emus provide base detector logic and some closely aligned atomic tests for SocGholish.

  Twitter   LinkedIn   GitHub   YouTube   Slack