Is this useful for defensive blue teams?

Absolutely. Blue teams can use this skill to research known threats and document expected detection opportunities to improve their security posture.

How does this skill help with red teaming?

It provides structured access to threat actor data and TTPs, allowing teams to plan simulations based on documented real-world adversary behaviors.

Does it require access to external threat data?

Yes, it is designed to work in conjunction with the mallory-api skill to fetch actor profiles and attack patterns from the Mallory platform.

What is the primary output of this skill?

The skill helps generate detailed emulation plans, including attack chains, mapped techniques, and specific test scenarios for security validation.

Can I use this for MITRE ATT&CK mapping?

Yes, a core function of the skill is aligning specific threat behaviors and techniques directly to the MITRE ATT&CK matrix for standardized analysis.

Adversary Emulation Planning

Name: Adversary Emulation Planning
Author: malloryai

bymalloryai

0•

安全与测试

Researches and simulates threat actor TTPs by mapping complex attack behaviors to the MITRE ATT&CK framework for advanced security testing.

The Adversary Emulation Planning skill empowers security professionals to design high-fidelity threat simulations by streamlining the research and documentation of Tactics, Techniques, and Procedures (TTPs). By integrating with the Mallory platform, it provides programmatic access to detailed threat actor profiles and attack patterns, allowing teams to align specific behaviors with the MITRE ATT&CK matrix. Whether you are planning a red team exercise, conducting a purple team workshop, or developing detection rules, this skill automates the identification of industry-relevant threats and the creation of actionable execution scenarios.

主要功能

010 GitHub stars

02Automated mapping of behaviors to the MITRE ATT&CK framework

03Direct integration with Mallory API for real-time threat data

04Detection strategy development based on known actor techniques

05Detailed attack chain documentation for security exercises

06Comprehensive threat actor TTP research and profiling

使用场景

01Conducting purple team exercises to validate organizational detection coverage

02Researching and documenting specific threat actors targeting your industry

03Designing realistic red team or adversary simulation scenarios

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add malloryai/marketplace adversary-emulation-planning

For use in Claude.ai and ChatGPT

Download Skill