Realm

Realm is an Adversary Emulation Framework with a focus on scalability, reliability, and automation. It is highly performant and is designed for engagements of any size (up to many thousands of beacons). Get started in minutes.

https://github.com/spellshift/realm/assets/16250309/7b5834d9-a864-490a-96e5-8d83b276af11

Feature Highlights

• Eldritch, a Pythonic DSL for Offensive Security: Ditch clunky scripting and embrace Eldritch, Realm's Pythonic Domain Specific Language (DSL) based on Google Starlark. Write clear, concise, reuseable code that reflects your strategic thinking and streamlines offensive operations. Eldritch is natively compiled to Rust, providing a performant abstraction for low-level system interactions.

• Effortless Multi-Host Management: Juggling tasks across numerous machines during complex engagements? Realm simplifies the process, enabling you to control agents on multiple hosts simultaneously.

• Native GCP Integration: Leverage the power and scalability of Google Cloud directly within your red team engagements. Realm seamlessly integrates with GCP services, boosting your attack capabilities without reinventing the wheel.

• Stateless Server Architecture: While Realm officially supports GCP, you may deploy it's stateless docker container to any environment that best fits your needs.

• Focus on Reliability: Realm always prioritizes quality over quantity, enabling operators to focus on the engagement instead of spending hours troubleshooting bugs. Extensive testing and rigorous code review ensure unwavering reliability, while an intuitive design and clear documentation keep the learning curve minimal. After reaching a stable 1.0.0 release, Realm will follow Semantic Versioning, ensuring the stability of older deployments.

Quick Start

To deploy a production ready instance see the setup guide.

# Clone Realm
git clone https://github.com/spellshift/realm.git && cd realm

# Start Tavern (Server)
go run ./tavern

# In a new terminal,
# Start Imix (Agent)
cd realm/implants/imix && cargo run

Project Components

Agent (imix)

• Written in Rust with support for MacOS, Linux, and Windows.
• Supports long running tasks by reading output from tasks in real time.
• Interval callback times.
• Simple file based configuration.
• Embedded files.
• Built-in interpreter.

Server (tavern)

• Web interface.
• Group actions.
• graphql backend for easy API access.
• OAuth login support.
• Cloud native deployment with pre-made terraform for production deployments.

Built-in interpreter (eldritch)

• Reflective DLL Loader.
• Port scanning.
• Remote execution over SSH.
• And much much more: https://docs.realm.pub/user-guide/eldritch

Want to contribute?

Check out our developer docs!

Contact Support

Need a hand? We're here to help! If you're facing an issue with Realm, we're happy to assist! To ensure we can provide the best support, please create an issue on our Github.

Bug Support

When opening your issue, please include:

• A clear and concise description of the problem you're encountering.
• Any relevant error messages or logs.
• Steps to reproduce the issue (if possible).
• Impacted Realm version and operating system.

The more information you provide, the faster we can investigate and help you resolve the issue.

Feature Requests & Feedback

Realm lives and breathes through its users. Your insights and experiences are crucial in guiding its development and ensuring it continues to empower your mission. Please don't hesitate to reach out!

Remember:

• Be respectful and constructive in your feedback (code of conduct).
• Search for existing discussions or feature requests before creating new ones.
• The more details you provide, the better we can understand your needs and respond effectively.
• Together, we can shape Realm into an incredible framework. Thank you for being part of the adventure!

Feature Requests

Do you have an idea for a feature that would supercharge your workflow? We're all ears! Open an issue on GitHub and share your detailed proposal. Be sure to explain the problem you're facing, the solution you envision, and how it would benefit other users. The more information you provide, the better we can understand your needs and assess the feasibility of implementing your suggestion.

Provide Feedback

Love something about Realm? Feel something could be improved? Let us know! Your feedback, good or bad, helps us make Realm better for everyone. Open an issue on GitHub outlining your thoughts, whether it's a praiseworthy feature, a usability concern, or a suggestion for improvement. Every bit of your feedback helps us refine Realm and make it an even more valuable tool in your red teaming toolbox.