Atomic Red Team™
A library of simple, focused tests mapped to the MITRE ATT&CK® matrix. Each test runs in five minutes or less, and many tests come with easy-to-use configuration and cleanup commands.
The Maintainers
Atomic Red Team is maintained by an amazing group of volunteers who review and approve all of the changes to the following projects.
ATT&CK Coverage
The Atomic Red Team community is constantly working to improve the project’s breadth and depth coverage of MITRE ATT&CK® Techniques.
Invoke-Atomic
A PowerShell-based framework for developing and executing atomic tests. With PowerShell Core, security teams can execute tests across multiple platforms and over a network.
Atomic Test Harnesses
A PowerShell module for executing many variations of an attack technique at once. AtomicTestHarnesses also includes tests to validate test execution and telemetry.
Chain Reactor
A tool for testing detection and response coverage on Linux machines. Chain Reactor produces customizable executables that simulate sequences of actions like process creation and network connection.
Red Canary Blog
Read about using Atomic Red Team in our blog entries covering testing and validation.
Video Tutorials
Watch instructional videos about Atomic Red Team on this YouTube playlist.