ForgeArmory is a repository of attacker Tactics, Techniques, and Procedures (TTPs) that you can download and run with Meta's TTPForge attack simulation engine. Our catalog presently focuses on macOS and Cloud TTPs.
To get started, install TTPForge and then browse the ForgeArmory TTP catalog to find cyberattacks to simulate.
You can add new TTPs to ForgeArmory by forking this repository and adding your TTP YAML files to the appropriate directories in the catalog. Check out the TTPForge documentation to learn the syntax for writing TTPs and all of TTPForge's attack simulation features.
Once your TTPs are ready, feel free to send us a pull request :)
Our automation will run various linters/checks against new pull requests. Several of the linters in this project may be used as pre-commit hooks if desired - you can install and setup pre-commit according to the official instructions.
For quick ad hoc runs, you may wish to run pre-commit in a virtual environment:
python3 -m venv venv
. venv/bin/activate
pip3 install pre-commit
pre-commit run --all-files