Apparatus icon
Apparatus
Cybersecurity Simulation Lab
ATLAS CREW SECURITY · SIMULATION INFRASTRUCTURE

The lab beneath the lab.

Apparatus is the simulation infrastructure that makes Atlas Crew Security's testing realistic. 11 protocol servers, AI red team autopilot, chaos engineering, deception infrastructure, and supply-chain attack simulation — used by Synapse for traffic generation, by Chimera for protocol fuzzing, by Crucible for adversary scenarios, and by Bridge for fault injection across the integrated stack. All four flagship products lean on it.

58+ Features
11 Protocol Servers
3 Interfaces
AGPL License
View on GitHub Documentation Atlas Crew Security
THE LAB

A controlled environment for the messy parts of security.

Real attack surfaces are noisy. Real defenders need to see noisy traffic, malformed protocol behavior, and unexpected failure modes — not lab-clean toy requests. Apparatus generates the noise on demand: 11 protocol servers running simultaneously with full request reflection, AI-powered honeypots, fault injection, and red team automation. Pair it with the rest of the platform and the trio sees the kind of traffic it would face in production.

Apparatus dashboard — 11 protocol servers running with real-time observability
— Apparatus dashboard: protocol servers, observability, and live traffic
Apparatus AI red team autopilot — autonomous attack agent
— AI red team autopilot
Apparatus scenario library — chaos, deception, and attack patterns
— Scenario library
CAPABILITIES

Built for realistic adversarial conditions.

Protocols Multi-Protocol Simulation

HTTP/1.1, HTTP/2, gRPC, WebSocket, Redis, SMTP, MQTT, ICAP, Syslog, TCP/UDP — all running simultaneously with full request reflection. Test how your defender handles non-HTTP attack surfaces, not just web traffic.

AI Red Team Autopilot

Autonomous AI agent that explores targets, selects attack tools, and reports findings. Session-based with configurable iteration limits. Useful for unattended overnight runs against new build artifacts.

Chaos Fault Injection

CPU and memory chaos, network partition simulation, latency injection, packet loss, supply-chain attack patterns, container escape testing. Shake the system and see what falls out.

Deception AI-Powered Honeypots

Honeypots with fake consoles and shell terminals that produce believable, AI-generated responses. Tarpits that waste attacker time. Useful for measuring whether your defender's response to suspected attackers slows them down or just blocks them.

CLI

Drive the lab from the terminal.

Apparatus has three interfaces: a React dashboard with real-time SSE, an 18-widget terminal UI, and a CLI with 12 command categories. The CLI is the path of least resistance for CI integration, scripted overnight runs, and reproducible scenarios.

apparatus — autopilot session
$ apparatus protocols up --all ↳ http/1.1, http/2, grpc, ws, redis, smtp, mqtt, icap ... 11 ready $ apparatus autopilot start --target http://chimera:8080 --max-iter 20 ● Session aps_0012 started — AI agent exploring target → probing /api/v1/healthcare ......... IDOR detected on patient records → escalating: JWT none-algorithm bypass on /auth/token → deception engine active — 3 honeypot interactions logged ✓ Session complete — 7 findings (3 critical) — aps_0012.json $ apparatus chaos network --partition --duration 30s ↳ partitioning synapsechimera for 30s ... ✓ Partition restored — observed 47 dropped requests upstream $ _

Apparatus is the substrate all four products lean on.

Unlike the flagship trio, Apparatus doesn't have a single role in the closed loop. It's used by Synapse for high-volume traffic generation against rule sets, by Chimera for protocol fuzzing across vertical APIs, by Crucible for realistic adversary scenarios, and by Bridge for fault injection across the integrated stack. Standalone for general security research; integrated for the platform.

See the platform