How do I create a custom Fire module in DumpsterFire?

Write a Python script that inherits from the FireModule class, implement required methods like Configure() and Ignite(), and drop it into the FireModules directory. The README's 'Write Your Own Custom Fire Modules' section provides a template and steps, including using testFireModule.py for debugging.

Can DumpsterFire simulate real-time attacks for incident response training?

No, DumpsterFire is designed for time-delayed, scheduled events rather than real-time interactions. It's ideal for pre-planned drills or decoy operations where events are triggered over hours or days, not for dynamic, on-the-fly simulations.

DumpsterFire vs Atomic Red Team: which is better for Blue Team drills?

DumpsterFire excels at narrative-driven, customizable event chains with time delays for realism, while Atomic Red Team focuses on atomic, repeatable tests based on MITRE ATT&CK. Choose DumpsterFire for story-based simulations and Atomic Red Team for standardized, quick validation of defenses.

How to set up time delays between events in DumpsterFire?

When building a DumpsterFire via the menu, after selecting Fire modules, you're prompted to assign individual time delays to each Fire. You can specify minutes or hours to create realistic timelines, as described in the Overview section of the README.

Does DumpsterFire work on Windows operating systems?

Yes, DumpsterFire is cross-platform and works on Windows, Linux, and macOS. It includes specific Fire modules like os_win_cmd_command.py and os_win_powershell_script.py for executing Windows commands, as listed in the Customizing section.

Is DumpsterFire still actively maintained?

Based on the README's 2020 update about migrating to Python3, it may not be actively maintained. Check the GitHub repository for recent commits or community forks, as the tool could require updates for modern Python versions and security practices.

Open-Awesome

DumpsterFire

MITPythonv1.0.0

A modular, menu-driven tool for building time-delayed, distributed security event chains for Red, Blue, and Purple Team exercises.

GitHub

1.0k stars149 forks0 contributors

What is DumpsterFire?

DumpsterFire is a modular, menu-driven tool for building customized, time-delayed, distributed security events. It allows Red, Blue, and Purple Teams to create chains of simulated incidents (called 'DumpsterFires') for drills, sensor testing, decoy operations, and training exercises. The tool generates realistic network and filesystem artifacts to mimic actual attack narratives.

Target Audience

Security professionals including Red Teams (for creating distractions and lures), Blue Teams (for controlled SOC drills and sensor mapping), and Purple Teams (for repeatable event chains to validate defenses).

Value Proposition

It provides a scalable, automated way to run realistic security exercises without manual intervention, with extensible modules, time-delayed execution, and detailed logging for post-operation analysis.

Overview

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Use Cases

Best For

Running automated Red Team decoy incidents to distract SOC analysts during engagements
Conducting controlled Blue Team 'live fire' drills to test sensor and alert configurations
Creating repeatable Purple Team event chains for consistent security posture mapping
Simulating realistic attack narratives (e.g., insider threats, botnet activity) for training
Generating time-delayed security events across distributed systems or timezones
Adding customizable, playful 'Shenanigans' to cyber wargames or exercises

Not Ideal For

Organizations with strict Python 3-only environments or modern security toolchains
Teams needing real-time, interactive simulation dashboards or GUI-based management
Projects requiring out-of-the-box integration with commercial SIEMs or ticketing systems
Scenarios where extensive pre-built attack modules are needed without custom development

Pros & Cons

Pros

Easy Custom Module Creation

You can drop Python scripts into categorized directories under FireModules/, and DumpsterFire auto-detects them at startup, as highlighted in the README's section on extensibility.

Realistic Event Scheduling

Allows configurable time delays between Fire modules to mimic human attack timelines, with the menu guiding you to assign delays for more believable event chains.

User-Friendly Guided Workflow

The menu-driven dumpsterFireFactory.py script walks users through building, configuring, and igniting scenarios step-by-step, reducing command-line complexity.

Comprehensive UTC Logging

Generates auto-generated date-time stamped logs in UTC for global operations and post-engagement analysis, providing accountability and correlation, as described in the Accountability section.

Playful Shenanigans Options

Includes modules like Rickrolling and custom URL openings, adding humor or distractions for wargames, with examples shown in the Shenanigans section of the README.

Cons

Deprecated Python Dependency

Built for Python 2.7.x, which is outdated and may pose security risks or compatibility issues; the README's 2020 update mentions a planned migration to Python3 but lacks confirmation of completion.

Limited Pre-built Modules

The README notes only about 30 more Fire modules in development, so the base toolset might be sparse, requiring custom work for specific or advanced attack simulations.

No Advanced Interface

Relies on CLI and menu-driven interfaces without GUI, web dashboards, or APIs, making it less scalable for large teams or integration with modern security orchestration tools.

Frequently Asked Questions

Related Projects

Atomic Red Team

Small and highly portable detection tests based on MITRE's ATT&CK.

Stars11,872

Forks3,104

Last commit8 hours ago

Caldera

Automated Adversary Emulation Platform

Stars6,930

Forks1,322

Last commit20 hours ago

APTSimulator

A toolset to make a system look as if it was the victim of an APT attack

Stars2,735

Forks452

Last commit7 months ago

Network Flight Simulator (flightsim)

A utility to safely generate malicious network traffic patterns and evaluate controls.

Stars1,363

Forks145

Last commit2 years ago

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub