Directories
¶
| Path | Synopsis |
|---|---|
|
cloud
|
|
|
aws
Package awsauth provides AWS cross-account role assumption for simrun.
|
Package awsauth provides AWS cross-account role assumption for simrun. |
|
azure
Package azureauth provides Azure Workload Identity Federation for simrun.
|
Package azureauth provides Azure Workload Identity Federation for simrun. |
|
gcp
Package gcpauth provides GCP Workload Identity Federation for simrun.
|
Package gcpauth provides GCP Workload Identity Federation for simrun. |
|
k8s
Package k8sconfig generates kubeconfig files for Kubernetes clusters using CSP CLI tools (aws, gcloud, az).
|
Package k8sconfig generates kubeconfig files for Kubernetes clusters using CSP CLI tools (aws, gcloud, az). |
|
Package collectors gathers related logs from a SIEM after a simulation runs.
|
Package collectors gathers related logs from a SIEM after a simulation runs. |
|
Package config holds simrun's configuration types: env-only Bootstrap, DB-backed AppConfig, and the in-memory pack shapes used by the parser and runner.
|
Package config holds simrun's configuration types: env-only Bootstrap, DB-backed AppConfig, and the in-memory pack shapes used by the parser and runner. |
|
connectors
|
|
|
elastic
Package elastic is a minimal client for the Elastic Security detection-engine API, used to validate Elastic connectors.
|
Package elastic is a minimal client for the Elastic Security detection-engine API, used to validate Elastic connectors. |
|
Package credentials resolves per-connector credentials into the environment- variable maps consumed by detonators and CLI tools.
|
Package credentials resolves per-connector credentials into the environment- variable maps consumed by detonators and CLI tools. |
|
Package crypto provides AES-256-GCM encryption for secret values stored in the database.
|
Package crypto provides AES-256-GCM encryption for secret values stored in the database. |
|
Package db is the PostgreSQL persistence layer (pgx), running embedded migrations on startup.
|
Package db is the PostgreSQL persistence layer (pgx), running embedded migrations on startup. |
|
Package detonators executes attack simulations, via simulation packs or the AWS CLI.
|
Package detonators executes attack simulations, via simulation packs or the AWS CLI. |
|
Package envutil provides helpers for threaded environment variable management.
|
Package envutil provides helpers for threaded environment variable management. |
|
Package injectors writes log documents directly into a SIEM, bypassing detonation.
|
Package injectors writes log documents directly into a SIEM, bypassing detonation. |
|
Package matchers verifies that the security alerts expected by a scenario were generated after a simulation.
|
Package matchers verifies that the security alerts expected by a scenario were generated after a simulation. |
|
datadog
Package datadog matches expected Datadog security signals.
|
Package datadog matches expected Datadog security signals. |
|
elastic
Package elastic matches expected Elastic Security detection alerts.
|
Package elastic matches expected Elastic Security detection alerts. |
|
packs
|
|
|
executor
Package executor handles pack protocol communication using PackRunners.
|
Package executor handles pack protocol communication using PackRunners. |
|
locks
Package locks provides a process-global keyed mutex used to serialize mutating filesystem operations on a single pack's cache directory.
|
Package locks provides a process-global keyed mutex used to serialize mutating filesystem operations on a single pack's cache directory. |
|
resolver
Package resolver provides pack binary resolution and caching.
|
Package resolver provides pack binary resolution and caching. |
|
runner
Package runner builds and runs pack binaries (local, uploaded, or remote) behind a common interface.
|
Package runner builds and runs pack binaries (local, uploaded, or remote) behind a common interface. |
|
terraform
Package terraform provides programmatic Terraform execution using terraform-exec.
|
Package terraform provides programmatic Terraform execution using terraform-exec. |
|
Package parser turns YAML scenario files into Scenario objects.
|
Package parser turns YAML scenario files into Scenario objects. |
|
Package results defines the shared run and scenario result types and a parallel scenario executor.
|
Package results defines the shared run and scenario result types and a parallel scenario executor. |
|
Package runner is the scenario execution engine: it detonates or injects, polls for the expected alerts, and optionally collects related logs.
|
Package runner is the scenario execution engine: it detonates or injects, polls for the expected alerts, and optionally collects related logs. |
|
testutil
|
|
|
fakes
Package fakes provides in-memory implementations of every db.*Store interface.
|
Package fakes provides in-memory implementations of every db.*Store interface. |
|
testserver
Package testserver provides a one-line setup for HTTP-handler tests.
|
Package testserver provides a one-line setup for HTTP-handler tests. |
|
Package version holds build version information for simrun.
|
Package version holds build version information for simrun. |
|
Package web implements the REST API, WebSocket hub, and embedded-frontend HTTP server.
|
Package web implements the REST API, WebSocket hub, and embedded-frontend HTTP server. |
|
auth
Package auth provides Google OAuth login and session-cookie middleware for the web API.
|
Package auth provides Google OAuth login and session-cookie middleware for the web API. |
Click to show internal directories.
Click to hide internal directories.