一键在 Manus 中运行任何 Skill

emulation-overview

星标4,445

分支878

更新时间2026年6月8日 07:58

Adversary-emulation playbook catalog — per-actor kill chains that turn an APT/eCrime threat profile into Decepticon CONOPS phases + OPPLAN objectives. Routing skill: pick the actor, seed plan/threat-profile.json, then map each kill-chain phase to the operational skill the executing agent runs. Triggers on: 'emulate', 'adversary emulation', 'APT playbook', 'threat actor playbook', 'emulation plan', 'attack flow'.

安装

用 Codex 或 Claude 帮你安装复制这段 Prompt，粘贴到 Codex、Claude 或其他助手里，让它检查 Skill 页面并帮你完成安装。

在 Manus 中运行

来源

PurpleAILAB

PurpleAILAB/Decepticon

打开 GitHub 仓库查看创作者相关仓库

下载

在 Manus 中运行

Adversary Emulation Playbook Catalog

This is a planning routing skill for Soundwave. Each leaf playbook below converts a named threat actor into a concrete, RoE-bounded kill chain: a ThreatProfile seed, an ordered CONOPS kill_chain, and a phase→technique→skill map that the orchestrator turns into OPPLAN objectives.

These playbooks reference operational skills (/skills/standard/ad/..., /skills/standard/cloud/..., etc.) that the EXECUTING agents load — not Soundwave. Soundwave is a planning agent; its load_skill allowlist is /skills/standard/soundwave/. The skill paths in each playbook tell the orchestrator which agent + skill each objective maps to. Soundwave only reads them to author plan/threat-profile.json and the conops.json kill chain.

Playbooks

Actor	Playbook	Tier	Profile	Skills it exercises
APT29 (Cozy Bear / Midnight Blizzard)	`emulation/apt29/SKILL.md`	tier-3	Cloud-identity espionage, OAuth abuse, supply chain	recon, cloud, web (oauth/saml), post-exploit
Sandworm (APT44 / Seashell Blizzard)	`emulation/sandworm/SKILL.md`	tier-3	ICS/OT disruption, destructive ops, LOTL	recon, exploit/cve, ics-ot, post-exploit
Scattered Spider (UNC3944 / Octo Tempest)	`emulation/scattered-spider/SKILL.md`	tier-2	Help-desk social engineering → cloud/SaaS → ransomware	phish, cloud, ad, post-exploit
Volt Typhoon (Vanguard Panda)	`emulation/volt-typhoon/SKILL.md`	tier-3	Edge-device access, LOTL, long-dwell pre-positioning	recon, exploit/cve, ad, post-exploit
Lazarus (Hidden Cobra)	`emulation/lazarus/SKILL.md`	tier-3	Financial/crypto/DeFi theft, supply-chain, social	osint, phish, contracts, web, post-exploit
FIN7 (Carbon Spider / Sangria Tempest)	`emulation/fin7/SKILL.md`	tier-2	Spearphishing → big-game-hunting ransomware	phish, ad, post-exploit, exploit
LockBit / RaaS affiliate	`emulation/lockbit/SKILL.md`	tier-2	Generic ransomware affiliate kill chain	recon, exploit/cve, ad, post-exploit

For the one-card quick reference (attribution, targets, full TTP table) on any actor, see ../references/apt-groups.md. For tier archetypes when no named actor fits, see ../references/adversary-archetypes.md.

How to use a playbook (Soundwave Phase 2)

Pick the actor from the operator's intake answer (or from the industry → actor map in ../references/apt-groups.md). One dominant actor per engagement.
Load the leaf: load_skill("/skills/standard/soundwave/threat-profile/emulation/<actor>/SKILL.md").
Copy the ThreatProfile seed into plan/threat-profile.json, then prune any key_ttps / initial_access techniques the RoE forbids (Step 3 of the threat-profile skill). A pruned technique whose whole phase is now empty drops that kill-chain row.
Lift the kill chain into conops.json → kill_chain (one KillChainPhase per surviving phase), and embed the one-entry threat_actors summary.
Carry the safety gates from the playbook's RoE / safety gates section into abort.json (destructive / ICS / identity-takeover actors need at least one EMERGENCY trigger) and the deconfliction identifiers into deconfliction.json.
Hand off. The orchestrator's OPPLAN-builder reads threat-profile.json + conops.json and emits add_objective calls; each objective's executing agent loads the skill named in that kill-chain row.

Playbook anatomy (every leaf has these)

ThreatProfile seed — a valid decepticon.core.schemas.ThreatProfile JSON (drop your engagement_name).
Kill-chain emulation table — # | phase | MITRE | emulated action | executing agent → skill.
CONOPS kill_chain — the phase order to copy into conops.json.
OPSEC & signature fidelity — what to mirror so the emulation reads like the actor.
RoE / safety gates — actor-specific authorizations and abort triggers.
Deconfliction — identifiers so blue team can separate the exercise from a real intrusion.
Fidelity notes (deviations) — where the emulation intentionally diverges (e.g. canary data instead of real destruction) and why.

Discipline

Emulate behavior, not malware. Decepticon reproduces an actor's TTPs and sequencing with its own tooling (Sliver, NetExec, certipy, etc.) — it does not run the actor's real implants. Fidelity comes from technique order + OPSEC posture, not from sample reuse.
RoE wins every tie. If the actor's signature move (spearphishing, deauth, ICS write, encryption-for-impact) isn't authorized, drop it — never "emulate harder" past scope.
One actor per profile. Multi-actor scenarios pick the dominant emulation target; note the secondary in recent_cti_delta.

同仓库更多 Skills

同仓库

decepticon

PurpleAILAB/Decepticon

Drive Decepticon — an autonomous multi-agent red-team framework — over MCP to run authorized penetration tests and bug-bounty engagements end to end, then watch and steer them live from chat. Launch an engagement against a target, poll its transcript to narrate progress, send messages to refocus it, and pull findings as SARIF. Use when the user asks to run a pentest/red-team engagement, hunt a bug bounty, do recon, exploit/scan a host, web app, API, network, cloud, Active Directory, mobile app, or smart contract WITH Decepticon — or to check/resume a running engagement or report what Decepticon found. Triggers: run a decepticon engagement, pentest this with decepticon, bug bounty, recon this target, red team this, scan this host, resume the engagement, what did decepticon find, decepticon status. Do NOT use for ad-hoc local tool runs (running nmap/sqlmap/ffuf directly) when no Decepticon server is involved — this drives the Decepticon orchestrator, not raw tools.

2026-06-164.4k

iot-security

PurpleAILAB/Decepticon

IoT device security reconnaissance — firmware extraction, embedded analysis, protocol identification, default credential checking, vulnerability scanning, device fingerprinting.

2026-06-154.4k

mobile-security

PurpleAILAB/Decepticon

Mobile application security reconnaissance — APK/IPA analysis, permission enumeration, certificate validation, hardcoded secret detection, insecure storage identification, network security analysis.

2026-06-154.4k

wireless-security

PurpleAILAB/Decepticon

Wireless network security reconnaissance — WiFi analysis, Bluetooth assessment, RFID/NFC evaluation, signal capture, protocol analysis, encryption testing, rogue device detection.

2026-06-154.4k

finding-protocol

PurpleAILAB/Decepticon

Operational-tier finding template — minimal fields for sub-agent decision support. Heavyweight deliverable promotion lives in skills/decepticon/final-report.

2026-06-124.4k

engagement-lifecycle

PurpleAILAB/Decepticon

Red team engagement lifecycle management — initiation, phase transitions, go/no-go gates, deconfliction, emergency procedures, completion.

2026-06-124.4k

name	emulation-overview
description	Adversary-emulation playbook catalog — per-actor kill chains that turn an APT/eCrime threat profile into Decepticon CONOPS phases + OPPLAN objectives. Routing skill: pick the actor, seed plan/threat-profile.json, then map each kill-chain phase to the operational skill the executing agent runs. Triggers on: 'emulate', 'adversary emulation', 'APT playbook', 'threat actor playbook', 'emulation plan', 'attack flow'.
allowed-tools	Read Write Edit
metadata	{"subdomain":"planning","when_to_use":"emulate, adversary emulation, APT playbook, threat actor playbook, emulation plan, attack flow, kill chain for actor, which TTPs, how would APT29/Sandworm/Lazarus/Scattered Spider attack","tags":"adversary-emulation, apt, ecrime, mitre-attack, kill-chain, planning","upstream_ref":"Soundwave adversary-emulation playbook catalog — per-actor kill chains for CONOPS / OPPLAN generation"}

Adversary Emulation Playbook Catalog

These playbooks reference operational skills (/skills/standard/ad/..., /skills/standard/cloud/..., etc.) that the EXECUTING agents load — not Soundwave. Soundwave is a planning agent; its load_skill allowlist is /skills/standard/soundwave/. The skill paths in each playbook tell the orchestrator which agent + skill each objective maps to. Soundwave only reads them to author plan/threat-profile.json and the conops.json kill chain.

Playbooks

Actor	Playbook	Tier	Profile	Skills it exercises
APT29 (Cozy Bear / Midnight Blizzard)	`emulation/apt29/SKILL.md`	tier-3	Cloud-identity espionage, OAuth abuse, supply chain	recon, cloud, web (oauth/saml), post-exploit
Sandworm (APT44 / Seashell Blizzard)	`emulation/sandworm/SKILL.md`	tier-3	ICS/OT disruption, destructive ops, LOTL	recon, exploit/cve, ics-ot, post-exploit
Scattered Spider (UNC3944 / Octo Tempest)	`emulation/scattered-spider/SKILL.md`	tier-2	Help-desk social engineering → cloud/SaaS → ransomware	phish, cloud, ad, post-exploit
Volt Typhoon (Vanguard Panda)	`emulation/volt-typhoon/SKILL.md`	tier-3	Edge-device access, LOTL, long-dwell pre-positioning	recon, exploit/cve, ad, post-exploit
Lazarus (Hidden Cobra)	`emulation/lazarus/SKILL.md`	tier-3	Financial/crypto/DeFi theft, supply-chain, social	osint, phish, contracts, web, post-exploit
FIN7 (Carbon Spider / Sangria Tempest)	`emulation/fin7/SKILL.md`	tier-2	Spearphishing → big-game-hunting ransomware	phish, ad, post-exploit, exploit
LockBit / RaaS affiliate	`emulation/lockbit/SKILL.md`	tier-2	Generic ransomware affiliate kill chain	recon, exploit/cve, ad, post-exploit

How to use a playbook (Soundwave Phase 2)

Pick the actor from the operator's intake answer (or from the industry → actor map in ../references/apt-groups.md). One dominant actor per engagement.
Load the leaf: load_skill("/skills/standard/soundwave/threat-profile/emulation/<actor>/SKILL.md").
Copy the ThreatProfile seed into plan/threat-profile.json, then prune any key_ttps / initial_access techniques the RoE forbids (Step 3 of the threat-profile skill). A pruned technique whose whole phase is now empty drops that kill-chain row.
Lift the kill chain into conops.json → kill_chain (one KillChainPhase per surviving phase), and embed the one-entry threat_actors summary.
Carry the safety gates from the playbook's RoE / safety gates section into abort.json (destructive / ICS / identity-takeover actors need at least one EMERGENCY trigger) and the deconfliction identifiers into deconfliction.json.
Hand off. The orchestrator's OPPLAN-builder reads threat-profile.json + conops.json and emits add_objective calls; each objective's executing agent loads the skill named in that kill-chain row.

Playbook anatomy (every leaf has these)

ThreatProfile seed — a valid decepticon.core.schemas.ThreatProfile JSON (drop your engagement_name).
Kill-chain emulation table — # | phase | MITRE | emulated action | executing agent → skill.
CONOPS kill_chain — the phase order to copy into conops.json.
OPSEC & signature fidelity — what to mirror so the emulation reads like the actor.
RoE / safety gates — actor-specific authorizations and abort triggers.
Deconfliction — identifiers so blue team can separate the exercise from a real intrusion.
Fidelity notes (deviations) — where the emulation intentionally diverges (e.g. canary data instead of real destruction) and why.

Discipline

Emulate behavior, not malware. Decepticon reproduces an actor's TTPs and sequencing with its own tooling (Sliver, NetExec, certipy, etc.) — it does not run the actor's real implants. Fidelity comes from technique order + OPSEC posture, not from sample reuse.
RoE wins every tie. If the actor's signature move (spearphishing, deauth, ICS write, encryption-for-impact) isn't authorized, drop it — never "emulate harder" past scope.
One actor per profile. Multi-actor scenarios pick the dominant emulation target; note the secondary in recent_cti_delta.