Bounty Hunter: Autonomous, Comprehensive Emulation of Multi-Faceted Adversaries

TL;DR

The paper tackles the challenge of fully automated, realistic adversary emulation by introducing Bounty Hunter, a Caldera plugin that performs autonomous, reward-driven planning across pre-, initial, and post-compromise tactics. It links actions via pre- and post-conditions, supports action locking and reward-based adaptations to model different threat behaviors, and uses probabilistic selection to generate diverse attack paths. Through experiments on Kerberos Golden Ticket attacks, stealthy vs. detectable behaviors, and path variation, the work demonstrates autonomous goal pursuit, broad tactic coverage, adaptable adversarial attributes, and scenario reproducibility. The open-source release and demonstrated practicality position Bounty Hunter as a valuable tool for security assessments, defender training, and intrusion-detection research.

Abstract

Adversary emulation is an essential procedure for cybersecurity assessments such as evaluating an organization's security posture or facilitating structured training and research in dedicated environments. To allow for systematic and time-efficient assessments, several approaches from academia and industry have worked towards the automation of adversarial actions. However, they exhibit significant limitations regarding autonomy, tactics coverage, and real-world applicability. Consequently, adversary emulation remains a predominantly manual task requiring substantial human effort and security expertise - even amidst the rise of Large Language Models. In this paper, we present Bounty Hunter, an automated adversary emulation method, designed and implemented as an open-source plugin for the popular adversary emulation platform Caldera, that enables autonomous emulation of adversaries with multi-faceted behavior while providing a wide coverage of tactics. To this end, it realizes diverse adversarial behavior, such as different levels of detectability and varying attack paths across repeated emulations. By autonomously compromising a simulated enterprise network, Bounty Hunter showcases its ability to achieve given objectives without prior knowledge of its target, including pre-compromise, initial compromise, and post-compromise attack tactics. Overall, Bounty Hunter facilitates autonomous, comprehensive, and multi-faceted adversary emulation to help researchers and practitioners in performing realistic and time-efficient security assessments, training exercises, and intrusion detection research.

Figures (9)

• Figure 1: We designed Bounty Hunter as a plugin for Caldera to adopt its library of attack techniques as well as management capabilities of agents and their gathered information. Its planning engine links actions using their pre- and post-conditions to construct attack sequences to reach its given goal.
• Figure 2: Bounty Hunter uses pre- and post-conditions to link attack actions and recursively calculate their future reward values (a). Optionally, Bounty Hunter can (un)lock actions, e.g., to ensure a specific order of execution (b).
• Figure 3: Bounty Hunter utilizes host and port scanning techniques (e.g., using Nmap) as well as techniques for identifying and exploiting found vulnerabilities (e.g., using Metasploit) to initially compromise its target for its autonomous emulation of (pre-)compromise techniques.
• Figure 4: Bounty Hunter autonomously emulates coherent privilege escalation by executing privilege escalation techniques that start elevated agents on its target and executing actions in the new elevated context.
• Figure 5: Bounty Hunter autonomously emulates the compromise of an Active Directory domain using a Kerberos Golden Ticket attack without any prior knowledge of the target. The emulation includes the initial compromise of the target, coherent privilege escalation, and handling failing attack actions.