# Category: enterprise

This adversary emulation plan is derived from the original APT29 content developed and used in the 2019 ATT&CK Evaluations

This adversary emulation plan is derived from the original APT29 content developed and used in the 2019 ATT&CK Evaluations

APT29 operations have been separated into two scenarios, with steps and granular procedures contained within each.

We hope to capture the general structure of what is reported to have been seen being used by APT29.

APT29 operations have been separated into two scenarios, with steps and granular procedures contained within each.

We hope to capture the general structure of what is reported to have been seen being used by APT29.

The universal, technology-agnostic version of the APT29 emulation plan YAML has been provided as starting point for machine parsing and execution of...

This content was developed as part of the APT29 ATT&CK Evaluations and includes both the resources used to

This repository contains the evals plugin for CALDERA. This plugin contains the TTPs used within the ATT&CK Evaluations round 2 (APT29) and round 1...

Before reporting an issue with GitHub, be sure that:

2016_United_States_presidential_election_-_Wikipedia.html: Staging payload for ADFS.

Please see the formal APT29 emulation document, which includes a break-down of the cited intelligence used for each step of this emulation.

Metasploit ( https://github.com/rapid7/metasploit-framework)

Filename

Atomic Red Team ( https://github.com/redcanaryco/atomic-red-team)

Please note that binary files hosted in Scenario_1 and Scenario_2 have been added to password protected zip files. The password for these files is

Filename

Objectives: APT29 is thought to be an organized and well-resourced cyber threat actor whose collection objectives align with the interests of the...

Please see the formal APT29 Intelligence Summary which includes a break-down of the cited intelligence used for each step of this emulation.

Version