Splunk Attack Range

Forensics & Incident Response

A tool that builds instrumented cloud labs, simulates attacks, and streams telemetry into Splunk for detection testing.

Track releases GitHub

Python Latest v5.0.0 · 3mo ago Security brief →

Features

Builds production‑like cloud environments (AWS, Azure, GCP) via Terraform and Ansible
Runs attack simulations (e.g., Atomic Red Team) to generate real telemetry
Forwards all generated data into Splunk for detection development

Recent releases

View all 4 releases →

v4.0.2 Bugfix 6mo

Changes: - improved splunk inputs - minor bug fixes

View release on GitHub

v4.0.0 Breaking risk 11mo

Breaking changes

Local deployment via VirtualBox/Vagrant discontinued; use Ludus as alternative

Notable features

SnapAttack CapAttack PowerShell capture agent integration
Google Cloud Platform support alongside AWS and Azure
Version-tagged Docker containers for reproducible testing

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Releases

View all →

Releases per month

Cadence 0.0 / wk

Last release 114d

Tracked 4

Security

Full profile →

Security score 4.7/10

OpenSSF 3.5/10

Open CVEs 0

SBOM Active maintainer

Community

GitHub stars 2,503

Forks 410

Open issues 25

Open PRs 20

Stars/wk velocity 0.0

About

Stars

2,503

Forks

410

Languages

Python PowerShell Astro

View on GitHub Documentation

Install & Platforms

Install via

docker

Community & Support

Slack

Similar tools

beelzebub

VAST

Splunk Security Content

Bearer

open-dronelog