Skip to content
John Kennedy edited this page Mar 16, 2021 · 15 revisions

ASHIRT

Adversary Simulators High-Fidelity Intelligence and Reporting Toolkit. This repo contains only the server side and frontend code for ashirt. You can find the ashirt client here and aterm here. If you are completely new to ashirt, or just want to try it out, please take a look at our quickstart.

Background

Documenting and reporting is a key part of our jobs and generally the part we all look forward to the least. Compared to the rest of the work we do it's not the most fun and by the time we get around to it, it's not always clear exactly what happened or we don't have the evidence to prove it. Teams generally solve this with ad hoc solutions for note taking, recording and sharing screenshots, and collecting other evidence but these solutions rarely scale, are not always easily shared, and typically require manual steps to manage. Having to dig through a pile of evidence after an operation to find the one screenshot you need, if you even have it, can be cumbersome especially as evidence starts to span multiple operators and computers. ASHIRT attempts to solve this by serving as a non-intrusive, automatic when possible, way to capture, index, and provide search over a centralized synchronization point of high fidelity data from all your evidence sources during an operation.

Wiki Table of Contents

Clone this wiki locally