Skip to content
/ APT-Attack-Simulation Public

This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation techniques, stagers, bootloaders, and many other tools that attackers might have used in actual attacks. These tools and TTPs are simulated here.

License

View license
718 stars 123 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

S3N4T0R-0X0/APT-Attack-Simulation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

265 Commits
Chinese APT
Chinese APT
 
 
North Koreans APT
North Koreans APT
 
 
Russian APT
Russian APT
 
 
License
License
 
 
README.md
README.md
 
 

Repository files navigation

APT Attack Simulation Framework

APT Simulation Banner

A comprehensive collection of simulated Advanced Persistent Threat (APT) attacks based on real-world tactics, techniques, and procedures (TTPs) used by state-sponsored threat actors from Russia, China, Iran, and North Korea.

🧠 Overview

This repository contains detailed simulations of APT campaigns targeting various critical sectors. Each simulation includes custom tools, command and control (C2) servers, backdoors, exploitation techniques, stagers, bootloaders, and other malicious tools that mirror those used in actual attacks. The simulations are based on extensive research from leading cybersecurity firms including Palo Alto Unit42, Kaspersky, Microsoft, Cisco, Trellix, CrowdStrike, and WithSecure.

Caution

Important Notice: This project is strictly for educational, research, and defensive security purposes only. Unauthorized use of these techniques may violate laws and result in serious legal consequences.

🎯 Simulated APT Groups

The naming convention for APT groups follows CrowdStrike's taxonomy. Below is the complete list of simulated threat actors:

Country of Origin Russia 🇷🇺 China 🇨🇳 North Korea 🇰🇵 Iran 🇮🇷
APT Groups Cozy Bear ✅ Mustang Panda ✅ Labyrinth Chollima ✅ Helix Kitten
Voodoo Bear ✅ Glacial Panda Velvet Chollima ✅ Pioneer Kitten
Fancy Bear ✅ Wicked Panda ✅ Famous Chollima ✅ Clever Kitten
Energetic Bear ✅ Goblin Panda Stardust Chollima ✅ Static Kitten
Berserk Bear ✅ Anchor Panda Ricochet Chollima Tracer Kitten
Gossamer Bear ✅ Deep Panda Silent Chollima Nemesis Kitten
Primitive Bear ✅ Samurai Panda Spectral Kitten
Ember Bear ✅ Phantom Panda Charming Kitten
Venomous Bear ✅ Sunrise Panda
Ethereal Panda

🛠️ Technical Framework

All adversary simulations are powered by Bear-C2, a custom command and control framework designed for realistic threat emulation.

Bear-C2 GitHub Repository: https://github.com/S3N4T0R-0X0/BEAR

Bear-C2 Framework

📫 Contact

If you have any questions, issues, or suggestions, feel free to join our Telegram channel, you're welcome to join!

🚨 Always Remember: "Be The Threat To Defeat It"

Telegram    Twitter/X    LinkedIn    GitHub

TelegramTwitter/XLinkedInGitHub

About

This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation techniques, stagers, bootloaders, and many other tools that attackers might have used in actual attacks. These tools and TTPs are simulated here.

Resources

Readme

License

View license
Activity

Stars

718 stars

Watchers

17 watching

Forks

123 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages