Decepticon vs Stratus Red Team
GitHub Stats
About Decepticon
Decepticon is an AI-powered autonomous red team framework that executes complete attack chains from initial reconnaissance through command and control establishment. It uses a Neo4j knowledge graph to track discovered assets, vulnerabilities, and successful exploitation paths. Every action maps to MITRE ATT&CK technique IDs, making it useful for both offensive testing and detection engineering. Includes configurable rules of engagement to prevent out-of-scope actions, automated reporting, and integration with common C2 frameworks.
About Stratus Red Team
Stratus Red Team is Datadog's open-source adversary emulation tool specifically designed for cloud environments. While tools like CALDERA focus on endpoint and network attacks, Stratus Red Team provides granular, atomic attack techniques for AWS, Azure, GCP, and Kubernetes โ mapped directly to the MITRE ATT&CK Cloud Matrix. Each technique is self-contained: Stratus handles all prerequisite infrastructure setup (creating test IAM roles, S3 buckets, EC2 instances), executes the attack technique, and then cleans up. This makes it ideal for purple team exercises where you need to validate that your cloud detection rules actually fire when specific attack patterns occur. Techniques cover initial access (stolen credentials, malicious Lambda layers), persistence (backdoor IAM users, modified trust policies), privilege escalation (IAM policy manipulation), and impact (S3 ransomware simulation). The CLI-based interface supports warm-up, detonate, and revert phases for repeatable testing.
Platform Support
Tags
Decepticon only
Stratus Red Team only