What runs. What you see.
The left is real boto3 - the same code MayaTrail packages, signs, and replays. The right is what lands in CloudTrail while it runs. Both are exported with every run.
01# T1548.005 · T1098 - abuse role policy attachment for priv-esc 02from mayatrail import Chain, step 03import boto3 04 05chain = Chain("attach_role_policy", mitre=["T1548.005", "T1098"]) 06 07@step("recon", mitre="T1087.004") 08def enumerate_roles(ctx): 09 iam = ctx.client("iam") 10 return iam.list_roles()["Roles"] 11 12@step("priv-esc", mitre="T1548.005") 13def attach_admin(ctx, target): 14 iam = ctx.client("iam") 15 iam.attach_role_policy( 16 RoleName=target["RoleName"], 17 PolicyArn="arn:aws:iam::aws:policy/AdministratorAccess", 18 ) 19 return ctx.assume(target["Arn"]) 20 21@step("exfil", mitre="T1567.002") 22def walk_buckets(elevated): 23 s3 = elevated.client("s3") 24 for b in s3.list_buckets()["Buckets"]: 25 elevated.exfil_objects(b["Name"]) 26 27chain.run(teardown=True, evidence="./run-2f4a/")
Real APTs. Each one runs as code.
Every chain in MayaTrail traces back to an observed cloud campaign. Reproducible to the second, mapped to MITRE ATT&CK, with the detection content that should (and didn't) catch it.
Calls the help-desk, resets MFA, attaches AdministratorAccess to an existing IAM role. Sub-60s priv-esc.
Imports external KMS key material, re-encrypts target buckets with the attacker key, drops the import. Recovery requires their key.
Compromised EKS pod token harvests AWS creds, enumerates S3, exfils objects to attacker-controlled bucket while CloudTrail data-events are off.
Compromised IdP, SAML token replay against AWS - racing the IAM eventual-consistency window so revoked creds still authenticate.
Spins miners across Amplify, Fargate, SageMaker - the under-monitored services GuardDuty doesn't watch. Maps the permission surface first.
Hits IMDSv1/2 endpoints for instance creds, then chains behind APIs that CloudTrail simply doesn't log. Silent persistence.
Watch AMBERSQUID run end‑to‑end.
13 kill-chain steps. 4 credential pivots. 11 Sigma rules armed. Watch the chain land in real time - every CloudTrail event, every detection trigger, the StopLogging moment. No AWS calls; pure playback from an approved emulation plan.
Our APT chains, your detection sources, multiple cells of truth.
Aggregated across 14 beta runs. Cell shows what the source produced for that scenario - fired, late (>30s), or missed. Numbers are median latency.
An instrument for cloud attack emulation, not a checklist.
Every IAM action, every STS handshake, every KMS call is mapped to a technique and a detection. The sphere is a live index of what we can run against your AWS today.
- 01Technique-level coverage - 32 MITRE techniques shipped, scored against real CloudTrail.
- 02Scriptable end-to-end - every chain has a Python SDK call and a one-line CLI.
- 03Bring your own infra - hosted, or self-hosted on the OSS core (Apache 2.0).
Detection rules. IR playbook. Signed evidence.
Every run ends with three artifacts your team uses on Monday - one for the detection repo, one for the runbook wiki, one for the audit folder. Hash-chained, portable, replayable.
# 1. Preparation - CloudTrail multi-region trail enabled - GuardDuty + S3 Protection # 2. Identification - P0 · cloudtrail:StopLogging - P0 · AttachRolePolicy + Admin - P1 · canary.tfstate accessed # 3. Containment aws cloudtrail start-logging \ --name $TRAIL_NAME # 4. Eradication ...
{ "runId": "run-2f4a", "trail": "cloudtrail.json", "map": "mitre-map.svg", "signature": "sha256:8ed1f4...", "chain": [ "step-01...", "step-02...", "... 11 more" ], "verified": true }
Four steps. No agents. No long-lived keys.
The whole platform sits behind an STS-only role you grant in your sandbox account. Every resource is tagged. Every action is in your CloudTrail.
STS role, no keys
Grant MayaTrail an assumable role in your sandbox account. Trust policy is two lines. No long-lived credentials ever leave AWS.
Pulumi sandbox
A tagged stack of intentionally-leaky resources spins up in ~60s. Mirrors a real account in shape, not in data.
Execute a chain
Pick a scenario. Watch the chain land in your CloudTrail. Read which detections fired, which didn't.
One command
The sandbox is destroyed; the evidence packet - CloudTrail, MITRE map, signed report - is yours to keep.
There are other tools. None of them are this.
MayaTrail isn't a vulnerable lab or a single-call test. It's an instrument: real cloud, full chain, mapped, signed, replayable. Here's how it compares.
The objections worth answering directly.
From beta interviews. If yours isn't here, ask: admin@mayatrail.tech.
Will this touch my production account?
aws:PrincipalAccount condition. Cross-account actions are statically blocked at the SDK layer and at the IAM boundary. Nothing executes against prod, ever.
What does a run cost in AWS spend?
How do I know teardown is real?
pulumi destroy with a post-condition: every resource the stack declared must return DescribeX → NotFound. If any survive, the run is flagged incomplete and the evidence packet refuses to sign. You get logs for both halves.
What if my detections aren't on this list?
Is this red-team or detection-eng oriented?
Self-host or SaaS?
See your AWS the way attackers see it.
Private beta. We onboard 4-6 detection teams per month. Apply with a few sentences about what you want to test.