Atomic Operator
Atomic-operator is a module to execute Atomic Red Team tests across multiple operating system environments. It enables security professionals to test detection and defensive capabilities against prescribed techniques.
Description
Atomic-operator is a Python 3 package used to execute Atomic Red Team tests (Atomics) across multiple operating system environments. This tool enables security professionals to test their detection and defensive capabilities against prescribed techniques defined within atomic-red-team. By utilizing a testing framework such as atomic-operator, you can identify both your defensive capabilities as well as gaps in defensive coverage.
The package installs the library for Python 3 and provides commands to run tests, download the repository, search tests, and display help. It is particularly useful for blue teams and defenders to validate their security controls against known adversary techniques.
This tool integrates with the RedCanary atomic-red-team repository, allowing standardized testing of MITRE ATT&CK techniques in controlled environments.
How It Works
Atomic-operator provides a command-line interface with subcommands to interact with Atomic Red Team tests. The 'run' command executes tests, 'get_atomics' downloads the atomic-red-team repository locally, and 'search' queries tests by keyword. It relies on Python libraries like python3-atomic-operator-runner, python3-fire, and python3-rich for execution, argument parsing, and rich output formatting across OS environments.
Installation
sudo apt install python3-atomic-operatorFlags
Examples
atomic-operator -hatomic-operator runatomic-operator get_atomicsatomic-operator search KEYWORDatomic-operator helpatomic-operator -- --help