-
Notifications
You must be signed in to change notification settings - Fork 24
UI & Navigation
Halberd provides four main views for conducting security testing and analysis in cloud environments. Each view serves a distinct purpose in your security testing workflow:
The core testing interface where you execute individual attack techniques against cloud targets.
- Multi-Cloud Support: Dedicated tabs for Entra ID, M365, Azure, and AWS
- MITRE ATT&CK Integration: Techniques organized by MITRE tactics
- Dynamic Access Management: Real-time access status and credentials management
- Flexible Configuration: Customizable parameters for each technique
- Immediate Feedback: Structured output display with formatted results
- Playbook Integration: Add techniques directly to playbooks for automation
- Running individual attack techniques
- Testing specific security controls
- Exploratory security testing
- Validating security configurations
An intelligence gathering interface that provides rapid reconnaissance capabilities across cloud environments.
- Interactive Dashboards: Visual exploration of cloud resources and relationships
- Entity Mapping: Relationship mapping between cloud resources
- Role Analysis: Deep dive into roles, permissions and access patterns
- User Intelligence: Detailed user information and access analysis
- Mapping attack surface
- Understanding resource relationships
- Access pattern analysis
- Discovery of potential attack paths
The automation hub for creating and managing attack sequences through playbooks.
- Visual Playbook Builder: Graphical creation of attack sequences
- Scheduling: Automated execution of playbooks
- Import/Export: Share and reuse playbooks
- Execution Controls: Manage playbook runs and view results
- Step Configuration: Customize each step's parameters and timing
- Automating complex attack chains
- Red team engagement automation
- Regular security testing
- Incident simulation
A comprehensive dashboard for analyzing testing results and gaining insights.
- Attack Timeline: Chronological view of all executions
- Success Metrics: Analysis of technique success rates
- Coverage Analysis: Understanding of testing coverage
- MITRE Mapping: Alignment with MITRE tactics and techniques
- Export Capabilities: Generate detailed reports
- Reviewing testing coverage
- Identifying successful attack paths
- Generating reports
- Tracking testing progress
These views work together to provide a complete testing lifecycle:
- Use Recon to understand the target environment
- Execute individual techniques in Attack to validate findings
- Build automated sequences in Automator for repeated testing
- Review results and generate reports in Analyse
This integrated approach allows for both targeted testing of specific issues and comprehensive security assessments of cloud environments.
Remember: Always ensure you have proper authorization before conducting any security testing in cloud environments.