Basic

Suggest Edits

Meet Prelude Operator

Operator is an application providing realistic infrastructure for continuously testing your security environment. Free & open source.

Everything you need to perform realistic offensive security assessments against your cyber defenses. Operator is free to use and has open-sourced the components you should expect out of a security tool: the attacks
you run (TTPs) and the things that run the attacks (agents). This is an actively supported project
with the technical team available on the Discord server.

Post-compromise

While it can be used to conduct initial access, Operator focuses mainly on post-compromise. In other words,
it assumes that a bad actor has found their way into your network (i.e., you deploy an agent on a chosen "compromised" computer) and it tests your defenses from that moment forward.

How do I use my Operator?

Start by reading the docs to get familiar with the tool and terminology. Then head to the Train section and
take the Introduction program which brings the documentation to life. The program walks you through all major components of the system and has you deploying agents, building chains and executing operations. Once complete, you should be ready to start running your own security assessments through Operator.

Community license

Each time Operator boots, it loads the resources from our Community repository. This repo contains all open-source TTPs, payloads, plugins and training modules. Please contribute, as anything here is picked up automatically for all Operator members! Community members gain access to more than 130 TTPs, free and open-source agents, training programs and a set of plugins which integrate with other technology and security tools. What's unique about Operator is that there's no "full" version of the platform: what you see is what you get. Read Enterprise License doc pages for details on upgrading.

Resources

  • Support repository to file issues or feature requests
  • YouTube video library containing tutorials and use-cases
  • Blog where we post on general security and specific Operator topics

Updated about 1 year ago