vectra-ai-research / Halberd

Halberd : Multi-Cloud Security Testing Tool to execute attacks across multiple surfaces via a intuitive web interface.
https://www.vectra.ai/blog/halberd-the-open-source-tool-democratizing-multi-cloud-security-testing
GNU General Public License v3.0
177 stars 11 forks source link
aws azure azuread blueteam-tools cloud-security entra-id m365 microsoft mitre-attack offensive-security redteam redteam-tools security-testing security-tools ttp

Halberd: Multi-Cloud Security Testing Tool ๐Ÿ›ก๏ธ

logo

Halberd is a powerful, multi-cloud security testing tool. Born out of the need for a unified, easy-to-use tool, Halberd enables you to proactively assess your cloud defenses by executing a comprehensive array of attack techniques across Entra ID, M365, Azure, and AWS. With its intuitive web interface, you can simulate real-world attacks, generate valuable telemetry, and validate your security controls with ease & speed.

What's the big deal? ๐Ÿค”

Halberd lets you:

Features that make Halberd awesome! ๐Ÿ˜ฎ

Getting Started: 0 to Testing in 5 Minutes โฑ๏ธ

  1. Clone that repo:

    git clone https://github.com/vectra-ai-research/Halberd.git
  2. Set up your playground:

    cd Halberd
    python3 -m venv venv
    source venv/bin/activate  # On Windows: venv\Scripts\activate
    pip install -r requirements.txt
  3. Install Azure CLI:

    • Windows: Official Microsoft guide
    • Linux: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
    • macOS: brew update && brew install azure-cli
  4. Launch Halberd:

    python3 Halberd.py
  5. Point your browser to http://127.0.0.1:8050/ and start testing

Using Halberd: Choose Your Own Adventure ๐Ÿ—บ๏ธ

  1. Attack: Pick your poison โ€“ surface, tactic, technique โ€“ and start your testing!
    • Access: Manage your tokens and sessions like a digital locksmith.
  2. Recon: Gather intel with visual dashboards. Try the "Entity Map" for a nice visualization!
  3. Automator: Chain attacks together like a mastermind.
  4. Trace: Review your handiwork and generate reports.

Checkout usage for more information on testing with Halberd.

Pro tip: Start with "Initial Access" under each attack surface. You can't hack what you can't reach!

Want to Join the Party? ๐ŸŽ‰

Got ideas? Found a bug? Want to add that one cool feature? We're all ears! Check out our contribution guidelines and let's make Halberd even more awesome together.

Who's Behind This Madness? ๐Ÿ•ต๏ธโ€โ™‚๏ธ

Halberd is the brainchild of Arpan Sarkar, a cloud security enthusiast with a penchant for making life harder for attackers (and easier for defenders).

Standing on the Shoulders of Giants ๐Ÿ”๏ธ

We didn't reinvent the wheel โ€“ we just made it roll smoother. Check out our inspirations and show some love to the amazing security tools that paved the way.

Now go forth and hack responsibly! ๐Ÿš€