A comprehensive local cloud attack simulator for red-team training and blue-team education. RedColors simulates realistic cloud attack chains with Metasploit-style CLI output, MITRE ATT&CK mappings, and comprehensive reporting.
RedColors is designed to help security professionals understand cloud attack techniques through safe, local simulation. It provides:
- Red Team Tools: Attack simulation with realistic progression
- Blue Team Tools: Security analysis and reporting
- Educational Value: MITRE ATT&CK mappings and detailed explanations
- Safety First: All operations are local-only with fake credentials
| Module | Purpose | Type |
|---|---|---|
| IAM Parser | Parse and validate IAM configurations | Foundation |
| Vulnerable Lab | Simulate vulnerable cloud services | Red Team |
| IAM Analyzer | Analyze trust relationships and escalation paths | Blue Team |
| Attack Engine | Simulate attack chains with CLI output | Red Team |
| Report Generator | Create comprehensive security reports | Blue Team |
| CLI Interface | Orchestrate all modules | Interface |
- Python 3.8+
- pip
# Clone the repository git clone https://github.com/yourusername/RedColors.git cd RedColors # Install dependencies pip install -r requirements.txt# Run attack simulation with Metasploit-style CLI python examples/usage_attack_engine.py- Colored output with professional styling
- 1-second delays for dramatic effect
- MITRE ATT&CK mappings for each technique
- Real-time attack progression display
- Privilege Escalation via role assumption
- Data Exfiltration through S3 access
- Persistence via IAM role creation
- CloudTrail Events generation
- SIEM Alerts creation
- Trust Graph visualization
- Risk Assessment with scoring
- Compliance Status checking
- Recommendations generation
[*] alice attempting to assume role using sts:AssumeRole MITRE ATT&CK: T1078.004 [+] alice successfully assumed role [!] alice successfully created a Lambda function with Admin role [!] Alert: alice suspected as compromised user [!] Data exfiltration successful: 1024 bytes - Local-only operations - No external API calls
- Fake credentials - All tokens prefixed with "TEMP_"
- Simulation markers - Clear identification of test data
- Comprehensive validation - Safety checks at every step
RedColors/ βββ src/ # Core modules β βββ iam_parser.py # IAM data parsing β βββ vulnerable_lab.py # Vulnerable API simulation β βββ analyzer.py # IAM analysis (Blue Team) β βββ attack_engine.py # Attack simulation (Red Team) β βββ report_generator.py # Security reporting βββ examples/ # Usage examples βββ tests/ # Unit tests βββ specs/ # Specifications βββ templates/ # Report templates # Run all tests python -m pytest tests/ -v # Run specific module tests python -m pytest tests/test_attack_engine.py -v- Project Brief - Overall project goals
- Safety Policy - Security guidelines
- Generation Checklist - Development checklist
- Specifications - Detailed module specs
RedColors is perfect for:
- Red Team Training - Understanding attack techniques
- Blue Team Education - Learning defense strategies
- Security Awareness - Demonstrating cloud risks
- Threat Intelligence - MITRE ATT&CK technique mapping
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests for new functionality
- Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.
RedColors is designed for educational and training purposes only. Always ensure you have proper authorization before testing security measures. The authors are not responsible for any misuse of this tool.
- MITRE ATT&CK framework for technique classification
- AWS for cloud security concepts
- The security community for best practices
Made with β€οΈ for the security community