ENNAENNA

Stratus Red Team

Apache-2.0

☁️ Cloud Recon · Go

Stratus Red Team is Datadog's open-source adversary emulation tool specifically designed for cloud environments. While tools like CALDERA focus on endpoint and network attacks, Stratus Red Team provides granular, atomic attack techniques for AWS, Azure, GCP, and Kubernetes — mapped directly to the MITRE ATT&CK Cloud Matrix. Each technique is self-contained: Stratus handles all prerequisite infrastructure setup (creating test IAM roles, S3 buckets, EC2 instances), executes the attack technique, and then cleans up. This makes it ideal for purple team exercises where you need to validate that your cloud detection rules actually fire when specific attack patterns occur. Techniques cover initial access (stolen credentials, malicious Lambda layers), persistence (backdoor IAM users, modified trust policies), privilege escalation (IAM policy manipulation), and impact (S3 ransomware simulation). The CLI-based interface supports warm-up, detonate, and revert phases for repeatable testing.

2.3kstars
295forks
77issues
Updated 2d ago
View on GitHubOfficial Website

Installation

$ go install github.com/datadog/stratus-red-team/v2/cmd/stratus@latest

Use Cases

  • Cloud-specific adversary emulation exercises
  • Testing cloud detection and response capabilities
  • Validating cloud security controls against ATT&CK

Tags

cloud-attackadversary-emulationawsazuremitre-attackaws-securityazure-securitycloud-native-securitycloud-securitydetection-engineeringgcp-securitykubernetes-securitypurple-teamsecuritythreat-detection

Details

Category
☁️ Cloud Recon
Language
Go
License
Apache-2.0
Platforms
🐧linux🍎macos🪟windows

Links

GitHub Repository

github.com/DataDog/stratus-red-team

Official Website

stratus-red-team.cloud

Releases

github.com/DataDog/stratus-red-team/releases

Issues

github.com/DataDog/stratus-red-team/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Used in 1 Workflow

☁️

Cloud Security Audit

Intermediate · 7 steps · 4-8 hours

Community Reviews

No reviews yet. Be the first to review Stratus Red Team.

More in Cloud Recon

ScoutSuite

Python

Multi-cloud security auditing tool for AWS, Azure, GCP, Alibaba Cloud, and Oracle Cloud.

awsazuregcp

CloudMapper

Python

Analyze AWS environments to create network diagrams and identify security risks.

awsnetwork-diagramvisualization

S3Scanner

Go

Scan for misconfigured S3 buckets across AWS regions and dump accessible contents.

s3awsbucket

CloudBrute

Go

Cloud infrastructure enumerator to find company assets across multiple cloud providers.

cloudenumerationassets

MicroBurst

PowerShell

PowerShell toolkit for attacking Azure services including storage, key vaults, and automation.

azurepowershellstorage

ROADtools

Python

Framework for Azure AD enumeration and exploitation via the internal ROADrecon and ROADlib modules.

azure-adenumerationactive-directory