purple-teaming
CommunityValidate detections with offensive/defensive exercises.
Software Engineering#threat detection#mitre att&ck#detection engineering#adversary emulation#purple teaming#cyber range
Authordmaynor
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps security teams proactively test and improve their detection capabilities against real-world adversary techniques, ensuring their defenses are effective.
Core Features & Use Cases
- Plan and Execute Exercises: Design and run purple team exercises using atomic or scenario-based methodologies.
- Detection Validation: Test if security tools and processes correctly identify and alert on specific adversary actions.
- Coverage Analysis: Map existing detections against the MITRE ATT&CK framework and identify gaps.
- Use Case: A security team wants to ensure their SIEM can detect attempts to dump LSASS memory. They use this Skill to run an atomic test for T1003.001, observe the telemetry, and verify if their detection rule fires.
Quick Start
Use the purple-teaming skill to plan an exercise to test T1087.002 and T1003.001.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: purple-teaming Download link: https://github.com/dmaynor/dmaynor-skills-marketplace/archive/main.zip#purple-teaming Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.