Question 1

How to set up AutoTTP with Empire for automation?

Accepted Answer

Run Empire with a RESTful API listener using the adapted threading approach from the README's gist, then use the provided Python classes in an IDE like VS Code to script procedures with autocomplete support.

Question 2

Can AutoTTP work with Metasploit or Cobalt Strike?

Accepted Answer

Yes, AutoTTP is designed to support frameworks with APIs, such as Metasploit's RPC or Cobalt Strike. However, implementation may require custom adaptation, and support is more mature for Empire based on the README examples.

Question 3

AutoTTP vs custom scripts for security testing: which is better?

Accepted Answer

AutoTTP offers structured abstraction, IDE integration, and reusable modules, making it superior for maintaining complex, repeatable procedures. Custom scripts are more flexible for ad-hoc tasks but lack built-in organization and debugging features.

Question 4

How to debug procedures in AutoTTP?

Accepted Answer

AutoTTP enables step-through debugging and variable inspection in IDEs like VS Code. You can set breakpoints, watch variables during execution, and even modify scripts on the fly, as highlighted in the README's debugging support.

Question 5

Is AutoTTP suitable for CI/CD pipelines in DevOps?

Accepted Answer

Yes, its headless API automation allows integration into CI/CD pipelines for automated security regression tests. However, setup requires expertise in both security tools and automation, and tool dependencies must be managed carefully.

Question 6

What tools are supported by AutoTTP?

Accepted Answer

AutoTTP primarily supports Empire via REST APIs, with design intent for Metasploit and Cobalt Strike. The framework is extensible to any tool with an API, but ready-to-use modules are focused on Empire as per the README.

AutoTTP

What is AutoTTP?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions