Auria Theresa Jijo

TESTERPy2 is an open-source security testing platform designed to evaluate EDR/AV detection capabilities against Python-based offensive techniques. The platform focuses exclusively on MITRE ATT&CK T1059.006 (Command and Scripting Interpreter: Python), testing whether security solutions can detect malicious activities executed through Python.

The tool operates through a centralized web-based dashboard (built using Flask) that coordinates multiple distributed agents across Windows, Linux, and macOS environments. These agents execute controlled test scenarios that simulate real-world attack behaviors, including shellcode injection, credential access, defense evasion, browser data extraction, and system reconnaissance.

TESTERPy2 provides a structured and repeatable approach to assessing how well security controls detect Python-based threats, which are increasingly leveraged by advanced threat actors due to Python’s cross-platform nature, rich libraries, and ability to blend into legitimate environments.