Adversary Simulators High-Fidelity Intelligence and Reporting Toolkit. This repo contains only the server side and frontend code for ASHIRT. You can find the ASHIRT client here and aterm here.
Documenting and reporting is a key part of our jobs and generally the part we all look forward to the least. Compared to the rest of the work we do it's not the most fun and by the time we get around to it, it's not always clear exactly what happened or we don't have the evidence to prove it. Teams generally solve this with ad hoc solutions for note taking, recording and sharing screenshots, and collecting other evidence but these solutions rarely scale, are not always easily shared, and typically require manual steps to manage. Having to dig through a pile of evidence after an operation to find the one screenshot you need, if you even have it, can be cumbersome especially as evidence starts to span multiple operators and computers. ASHIRT attempts to solve this by serving as a non-intrusive, automatic when possible, way to capture, index, and provide search over a centralized synchronization point of high fidelity data from all your evidence sources during an operation. You can learn more in our 2020 presentation linked below.
If you just want to try ashirt out locally, check out the quickstart docs. If you're looking for a production-ready deployment reference, check out ashirt-deployments.
Detailed instructions for building and installation are available for the frontend and backend.
All configuration options for the backend are described here. These cover the various components and configuration options necessary for deployment and outlines how the components interact.
Please refer to the contributing.md file for information about how to get involved. We welcome issues, questions, and pull requests.
- John Kennedy: [email protected]
- Joe Rozner: [email protected]
This project is licensed under the terms of the MIT open source license. Please refer to LICENSE for the full terms.