Scythe Platform

Features Multiple commands and control channels Adversaries leverage multiple communication channels to communicate with compromised systems in your environment. SCYTHE allows you to test detective and preventive controls for these various channels: HTTP, HTTPS, DNS, SMB, Google Sheets, Twitter, and Steganography or easily integrate your own. Mapped to MITER ATT&CK SCYTHE emulates behaviors that can be mapped directly to MITRE ATT&CK. Each action performed can be tagged for better reporting. Full integration with Atomic Red Team so operators just click on which test case to perform in the given campaign. Leverage cyber threat intelligence Creating campaigns from Cyber Threat Intelligence could not be easier for analysts or operators. You can export and share your custom threats in the SCYTHE Community Threats Github or import threats with two clicks. Automate adversary behaviors and TTPS Leverage SCYTHE’s threat automation language to automate adversary behaviors and TTPs for reliable and consistent execution every time. SCYTHE can make decisions based on previously executed modules and leverage the results for the next instruction. Customize with Python modules The SCYTHE Software Development Kit gives developers a seamless module creation and validation experience to create custom Modules in Python or native code. This enables the revolutionary ecosystem of the SCYTHE marketplace where users can create, share, and/or sell third party modules in a safe, vetted environment. Virtual file system A central location for operators to upload and deploy files to endpoints within the SCYTHE user interface.