Tool for Creating Randomized IR Scenarios

Does anyone know if there is a tool similar to [SecGen](https://github.com/cliffe/SecGen/) for Blue Team ops?

Specifically I'm imagining a tool that can provision a small virtualized environment with exploitable services running. Then an automated adversary attacks the environment using known TTPs. The attacker might disrupt services, exfiltrate data, add methods of persistence, etc.

The Blue Team operator would then be tasked with responding to the "incident" by retracing the steps of the automated adversary and documenting/reversing their actions. At the …

actions adversary attacks automated blue blue team cybersecurity data disrupt end environment etc exercise exfiltrate data incident persistence reversing services team tool ttps