Halberd: Multi-Cloud Security Testing Tool 🛡️ Halberd is a powerful, multi-cloud security testing tool. Born out of the need for a unified, easy-to-use tool, Halberd enables you to proactively assess your cloud defenses by executing a comprehensive array of attack techniques across Entra ID, M365, Azure, and AWS. With its intuitive web interface, you can simulate real-world attacks, generate valuable telemetry, and validate your security controls with ease & speed. What's the big deal? 🤔 Halberd lets you: Execute attack techniques faster than you can say "cloud misconfiguration" Generate telemetry that'll make your SOC team beam with joy Validate your defenses across Entra ID, M365, Azure, and AWS Do it all through a slick web interface that won't make your eyes bleed Features that make Halberd awesome! 😮 🎭 Realistic attack simulations across multiple cloud platforms 🧠 Smart recon dashboards for gathering intel like a pro 🎬 Attack playbooks to channel your inner hacker 📊 Insightful reports to impress your boss (or your cat) 🖥️ CLI access for when you're feeling extra geeky Getting Started: 0 to Testing in 5 Minutes ⏱️ Clone that repo: git clone https://github.com/vectra-ai-research/Halberd.git Set up your playground: cd Halberd python3 -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate pip install -r requirements.txt Install Azure CLI: Windows: Official Microsoft guide Linux: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash macOS: brew update && brew install azure-cli Launch Halberd: python3 Halberd.py Point your browser to http://127.0.0.1:8050/ and start testing Using Halberd: Choose Your Own Adventure 🗺️ Attack: Pick your poison – surface, tactic, technique – and start your testing! Access: Manage your tokens and sessions like a digital locksmith. Recon: Gather intel with visual dashboards. Try the "Entity Map" for a nice visualization! Automator: Chain attacks together like a mastermind. Trace: Review your handiwork and generate reports. Checkout usage for more information on testing with Halberd. Pro tip: Start with "Initial Access" under each attack surface. You can't hack what you can't reach! Want to Join the Party? 🎉 Got ideas? Found a bug? Want to add that one cool feature? We're all ears! Check out our contribution guidelines and let's make Halberd even more awesome together. Who's Behind This Madness? 🕵️♂️ Halberd is the brainchild of Arpan Sarkar, a cloud security enthusiast with a penchant for making life harder for attackers (and easier for defenders). Standing on the Shoulders of Giants 🏔️ We didn't reinvent the wheel – we just made it roll smoother. Check out our inspirations and show some love to the amazing security tools that paved the way. Now go forth and hack responsibly! 🚀