The SCYTHE team is excited to announce that our latest release gives you the power of Atomic Red Team with all the automation and ease of use of ...
SCYTHE
1 min. read
06 May 2019
The SCYTHE team is excited to announce that our latest release gives you the power of Atomic Red Team with all the automation and ease of use of the SCYTHE platform. Plus, you can now create and share your own SCYTHE threats allowing the ecosystem of adversary simulation to expand via the community!
What’s new in version 2.4?
Signature avoidance: imphash, program database, and timestamp randomization
Import and export User-defined threats
Improved support for multiple clients on the same device simultaneously
Integration of Red Canary’s Atomic Red Team Exercises for automation
Updated MITRE ATT&CK Summary
Signature Avoidance
The “synthetic malware” binaries SCYTHE creates now have even more defense evasion. With the option to set or randomize your Program database (PDB) paths and timestamps you control the artifacts for your Blue Team to find (or not). Additionally, our team has added in an amazing technique for randomizing Import Hashes. (Stay tuned for more on how this was done!)
Threat Import and Export
We’ve made it even easier for SCYTHE users to create, share, and import threats from the community, as well as create threats using automation! Whether building your own internal threat library or looking to add to the public threat ecosystem your Threat Catalog can be expanded quickly and easily.
More ATT&CK™ More Quickly
Thanks to the amazing work being done by Red Canary and all the people who contribute to the Atomic Red Team project, SCYTHE now gives you access to over one-third of the MITRE ATT&CK Matrix in a few clicks. We’ve added the entire Atomic Red Team framework to SCYTHE’s Automation framework so adding techniques is trivial with no custom scripting required! We’ve also completely overhauled our MITRE ATT&CK Report for even easier feedback on which techniques were executed in a campaign.
Now is the Time to Test Drive SCYTHE!
Whether you are trying to validate your defenses, test a new endpoint protection product, or streamline your Red Team’s workflow now is the perfect time to give SCYTHE a try! Request a free trial today!