RedPill is a simulation written in c# that computes the probability of a threat actor breaching an organization. The actions of the threat actors match the distribution of known bad actor and/or malicious software actions as put forward by the Mitre ATT&CK Framework and Mitre Cyber Threat Intelligence. The simulated organization can block or detect the actors by employing mitigations or monitoring data sources as laid out by the same framework.
To set mitigations or monitored data sources for the various environment types modify the appropriate csv: e.g. mitigations in the DMZ would be set in Data\mitigations_DMZ.
Set overall simulation details in Config\SimConfig_Default.
To Start simulation run the following in the top level directory:
dotnet run -File SimConfig_Default.txt
Please message if interested in contributing.