Atomic Red Team test builder · threatengine.sh

Home/Atomic Tests

Atomic Red Team

Test-plan builder

Find runnable Atomic Red Team test cases for what you want to validate

Pick a technique, platform, or executor - or search by name - and get the executable test cases. Copy a command, run it on the listed platform in a lab, and confirm your detections fire. Pairs with the Detection Blind Spots on each actor page: see a gap, grab the test that exercises it.

filter by technique id in the URL: /atomic?technique=T1059

▤

By platform

Pick a platform to see every atomic test that runs there.

windows 1,218 linux 397 macos 247 containers 19 office-365 7 azure-ad 18 iaas 45 google-workspace 1

▸

By executor

Or scope to a specific executor / shell.

powershell 699 command_prompt 557 sh 400 bash 126 manual 15

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin