Stats
Actions
Tags
From cybersecurity-skills
Executes Atomic Red Team tests for MITRE ATT&CK technique validation using the atomic-operator Python framework. Use when testing SIEM detection rules, validating EDR coverage, or conducting purple team exercises.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills:performing-threat-emulation-with-atomic-red-teamThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- When conducting security assessments that involve performing threat emulation with atomic red team
Use atomic-operator to execute Atomic Red Team tests and validate detection coverage against MITRE ATT&CK techniques.
from atomic_operator import AtomicOperator
operator = AtomicOperator()
# Run a specific technique test
operator.run(
technique="T1059.001", # PowerShell execution
atomics_path="./atomic-red-team/atomics",
)
Key workflow:
# Parse atomic test YAML definitions
import yaml
with open("atomics/T1059.001/T1059.001.yaml") as f:
tests = yaml.safe_load(f)
for test in tests.get("atomic_tests", []):
print(f"Test: {test['name']}")
print(f" Platforms: {test.get('supported_platforms', [])}")
npx claudepluginhub costrict-plugins-repo/mukul975-anthropic-cybersecurity-skills-cybersecurity-skillsExecutes Atomic Red Team tests for MITRE ATT&CK technique validation using the atomic-operator Python framework. Use when testing SIEM detection rules, validating EDR coverage, or conducting purple team exercises.
Executes Atomic Red Team tests for MITRE ATT&CK technique validation using the atomic-operator Python framework. Use when testing SIEM detection rules, validating EDR coverage, or conducting purple team exercises.
Executes Atomic Red Team tests for MITRE ATT&CK validation using atomic-operator Python framework. Runs attack simulations from YAML atomics to test SIEM/EDR detection in purple team exercises.