From securityonline.info
This is the repository containing Leonidas, a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques, and procedures (TTPs) and their associated detection properties. These definitions can then be compiled into:
- A web API exposing each test case as an individual endpoint
- Sigma rules (https://github.com/Neo23x0/sigma) for detection
- Documentation – see http://detectioninthe.cloud/ for an example