#
Machine-Readable FIN7 Emulation Plan
The universal, technology-agnostic version of the FIN7 emulation plan YAML has been provided as starting point for machine parsing and execution of the FIN7 emulation plan. This folder will store all versions of this yaml file, including those formatted to work with specific execution runners (such as automated agents like CALDERA or other breach simulation frameworks).
As Scenario 2 uses almost the same content as Scenario 1, but packages it into independent objectives, the YAML contains procedures linked only to the steps from Scenario 1. A table has been provided below to link the procedures within the YAML to the specific Scenario 2 steps.
#
Included Formats
As new files are added, please list them in the below table.
#
Skipped Procedures
A number of procedures within the emulation plan are not present within the YAML file. This is because these procedures integrate with external frameworks or involve interaction with a GUI, which cannot be simply expressed in an automatable format.
The table below lists the steps/procedures that were skipped along with the reason why.
#
Procedures to Note
Certain procedures included in the YAML have been modified or have external dependencies that are not captured within the YAML file.
The table below captures these steps/procedures.
#
Scenario 2 Procedure Mapping
The procedures in the YAML are mapped directly to the steps in Scenario 1. The table below maps the procedures to the steps of Scenario 2.