center-for-threat-informed-defense / adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
https://ctid.io/adversary-emulation
Apache License 2.0
1.73k stars 314 forks source link

GitHub Action to build all the things #141

Open cat-alyst opened 1 year ago

cat-alyst commented 1 year ago

Problem 💔 Our repo is huge and having executables is a GitHub nono. We want to fix this in a sustainable way that scales for all of our emulation plans. Here is an example of a the zipped file that we are trying to out grow. 🌱

For each emulation plan we have a Binaries folder. This folder contains all the preconfigured executables required to execute the emulation plan. Our how was to make it easy for the community to quickly download the preconfigured executables of each implant, control server, and supporting software and emulate a villian plug & play style. We want to continue to provide this, just not by hosting executables. We also understand that when building executables it's easy to run into dependency, linker, and OS version issues. 😬

Solution ❤️‍🩹 Using the Micro Emulation plans as an example, we want a GitHub Action to build each emulation plan's binaries, encrypt, & zip them for download. Bonus, this also takes into account the OS version & software dependencies behind the scenes. This will allow us to remove the /Binaries folder from each of the Emulation plans resulting in the removal of all executables and hopefully a lighter repo.

Catch: There might be some dependencies for Caldera support to watch out for.