URSID documentation

URSID automates the specification, refinement, and deployment of attack scenarios in dedicated, reproducible environments.

URSID enables: - Reproducible vulnerability testing environments - CTF creation - Pentest training - Security tool evaluation.

Origin: URSID originates from research carried out by the PIRAT team.

See: Besson, P.-V.; Viet Triem Tong, V.; Guette, G.; Piolle, G.; Abgrall, E. (2023). URSID: Automatically Refining a Single Attack Scenario into Multiple Cyber Range Architectures. FPS 2023. — BibTeX ref

Usage: URSID has been used to create several pentest exercices, including CasinoLimit and PirHack played at BreizhCTF (2024 & 2025) and RESSI (2025).

Contents:

• Guides
  • How to create your own scenario?
  • Backends
  • Operating systems
  • User Account Management
  • Parallelism
  • Proxmox Documentation
• Examples
  • Playing your first scenario: Local Privilege Escalation
  • Multiple variants and instances: Discovery - Lateralisation - Local Privilege Escalation
  • How to add a new software in URSID ?
  • How to add a new technique and/or a new procedure in URSID ?
• Command line interface
  • ursid
  • ursid-factory
• API Documentation
  • backends package
  • init package
  • provision package
  • ui package
  • ursid package