diff --git a/README.md b/README.md
index 7eb4d01..c9836b5 100644
--- a/README.md
+++ b/README.md
@@ -4,6 +4,7 @@
 - [Contribute](#contribute)
 - [Defensive](#defensive-hardening-security-assessment-and-inventory)
 - [Offensive](#offensive)
+- [Purple Teaming & Adversary Emulation](#purple-teaming--adversary-emulation)
 - [Continuous Security Auditing](#continuous-security-auditing)
 - [Digital Forensics and Incident Response](#digital-forensics-and-incident-response)
 - [Development Security](#development-security)
@@ -97,6 +98,14 @@ Do you want to contribute to this list? Feel free to send a PR and make sure you
 | **Redboto** | [https://github.com/elitest/Redboto](https://github.com/elitest/Redboto) | Red Team AWS Scripts | [![stars](https://badgen.net/github/stars/elitest/Redboto)](https://badgen.net/github/stars/elitest/Redboto) | [![contributors](https://badgen.net/github/contributors/elitest/Redboto)](https://badgen.net/github/contributors/elitest/Redboto) [![watchers](https://badgen.net/github/watchers/elitest/Redboto)](https://badgen.net/github/watchers/elitest/Redboto) [![last-commit](https://badgen.net/github/last-commit/elitest/Redboto)](https://badgen.net/github/last-commit/elitest/Redboto) [![open-issues](https://badgen.net/github/open-issues/elitest/Redboto)](https://badgen.net/github/open-issues/elitest/Redboto) [![closed-issues](https://badgen.net/github/closed-issues/elitest/Redboto)](https://badgen.net/github/closed-issues/elitest/Redboto) |
 | **CloudBrute** | [https://github.com/0xsha/cloudbrute](https://github.com/0xsha/cloudbrute) | A tool to find a company (target) infrastructure, files, and apps on the top cloud providers | [![stars](https://badgen.net/github/stars/0xsha/cloudbrute)](https://badgen.net/github/stars/0xsha/cloudbrute) | [![contributors](https://badgen.net/github/contributors/0xsha/cloudbrute)](https://badgen.net/github/contributors/0xsha/cloudbrute) [![watchers](https://badgen.net/github/watchers/0xsha/cloudbrute)](https://badgen.net/github/watchers/0xsha/cloudbrute) [![last-commit](https://badgen.net/github/last-commit/0xsha/cloudbrute)](https://badgen.net/github/last-commit/0xsha/cloudbrute) [![open-issues](https://badgen.net/github/open-issues/0xsha/cloudbrute)](https://badgen.net/github/open-issues/0xsha/cloudbrute) [![closed-issues](https://badgen.net/github/closed-issues/0xsha/cloudbrute)](https://badgen.net/github/closed-issues/0xsha/cloudbrute) |
 
+## Purple Teaming & Adversary Emulation
+
+| Name | URL | Description | Popularity | Metadata |
+| ---------- | :---------- | :---------- | :----------: | :----------: |
+| **Stratus Red Team** | [https://github.com/datadog/stratus-red-team](https://github.com/datadog/stratus-red-team) | Granular, Actionable Adversary Emulation for the Cloud  | [![stars](https://badgen.net/github/stars/datadog/stratus-red-team)](https://badgen.net/github/stars/datadog/stratus-red-team) | [![contributors](https://badgen.net/github/contributors/datadog/stratus-red-team)](https://badgen.net/github/contributors/datadog/stratus-red-team) [![watchers](https://badgen.net/github/watchers/datadog/stratus-red-team)](https://badgen.net/github/watchers/datadog/stratus-red-team) [![last-commit](https://badgen.net/github/last-commit/datadog/stratus-red-team)](https://badgen.net/github/last-commit/datadog/stratus-red-team) [![open-issues](https://badgen.net/github/open-issues/datadog/stratus-red-team)](https://badgen.net/github/open-issues/datadog/stratus-red-team) [![closed-issues](https://badgen.net/github/closed-issues/datadog/stratus-red-team)](https://badgen.net/github/closed-issues/datadog/stratus-red-team) |
+| **Leonidas** | [https://github.com/fsecurelabs/leonidas](https://github.com/fsecurelabs/leonidas) | Automated Attack Simulation in the Cloud complete with detection use cases.  | [![stars](https://badgen.net/github/stars/fsecurelabs/leonidas)](https://badgen.net/github/stars/fsecurelabs/leonidas) | [![contributors](https://badgen.net/github/contributors/fsecurelabs/leonidas)](https://badgen.net/github/contributors/fsecurelabs/leonidas) [![watchers](https://badgen.net/github/watchers/fsecurelabs/leonidas)](https://badgen.net/github/watchers/fsecurelabs/leonidas) [![last-commit](https://badgen.net/github/last-commit/fsecurelabs/leonidas)](https://badgen.net/github/last-commit/fsecurelabs/leonidas) [![open-issues](https://badgen.net/github/open-issues/fsecurelabs/leonidas)](https://badgen.net/github/open-issues/fsecurelabs/leonidas) [![closed-issues](https://badgen.net/github/closed-issues/fsecurelabs/leonidas)](https://badgen.net/github/closed-issues/fsecurelabs/leonidas) |
+| **Amazon Guardduty Tester** | [https://github.com/awslabs/amazon-guardduty-tester](https://github.com/awslabs/amazon-guardduty-tester) | This script is used to generate some basic detections of the GuardDuty service | [![stars](https://badgen.net/github/stars/awslabs/amazon-guardduty-tester)](https://badgen.net/github/stars/awslabs/amazon-guardduty-tester) | [![contributors](https://badgen.net/github/contributors/awslabs/amazon-guardduty-tester)](https://badgen.net/github/contributors/awslabs/amazon-guardduty-tester) [![watchers](https://badgen.net/github/watchers/awslabs/amazon-guardduty-tester)](https://badgen.net/github/watchers/awslabs/amazon-guardduty-tester) [![last-commit](https://badgen.net/github/last-commit/awslabs/amazon-guardduty-tester)](https://badgen.net/github/last-commit/awslabs/amazon-guardduty-tester) [![open-issues](https://badgen.net/github/open-issues/awslabs/amazon-guardduty-tester)](https://badgen.net/github/open-issues/awslabs/amazon-guardduty-tester) [![closed-issues](https://badgen.net/github/closed-issues/awslabs/amazon-guardduty-tester)](https://badgen.net/github/closed-issues/awslabs/amazon-guardduty-tester) |
+
 ## Continuous Security Auditing
 | Name | URL | Description | Popularity | Metadata |
 | ---------- | :---------- | :---------- | :----------: | :----------: |
@@ -217,7 +226,6 @@ Do you want to contribute to this list? Feel free to send a PR and make sure you
 | **Sadcloud** | [https://github.com/nccgroup/sadcloud](https://github.com/nccgroup/sadcloud) | A tool for spinning up insecure AWS infrastructure with Terraform. It supports approx. 84 misconfigurations across 22 AWS Services.|[![stars](https://badgen.net/github/stars/nccgroup/sadcloud)](https://badgen.net/github/stars/nccgroup/sadcloud)| [![contributors](https://badgen.net/github/contributors/nccgroup/sadcloud)](https://badgen.net/github/contributors/nccgroup/sadcloud)[![watchers](https://badgen.net/github/watchers/nccgroup/sadcloud)](https://badgen.net/github/watchers/nccgroup/sadcloud)[![last-commit](https://badgen.net/github/last-commit/nccgroup/sadcloud)](https://badgen.net/github/last-commit/nccgroup/sadcloud) [![open-issues](https://badgen.net/github/open-issues/nccgroup/sadcloud)](https://badgen.net/github/open-issues/nccgroup/sadcloud) [![closed-issues](https://badgen.net/github/closed-issues/nccgroup/sadcloud)](https://badgen.net/github/closed-issues/nccgroup/sadcloud) |
 | **BigOrange Actions** | [https://bigorange.cloud/actions/](https://bigorange.cloud/actions/) | Paste your IAM Policy and get a list of Actions it can effectively perform | | | | | |
 | **IncidentResponseGenerator** | [https://github.com/disruptops/IncidentResponseGenerator](https://github.com/disruptops/IncidentResponseGenerator) | Incident response generator for training classes  |[![stars](https://badgen.net/github/stars/disruptops/IncidentResponseGenerator)](https://badgen.net/github/stars/disruptops/IncidentResponseGenerator)| [![contributors](https://badgen.net/github/contributors/disruptops/IncidentResponseGenerator)](https://badgen.net/github/contributors/disruptops/IncidentResponseGenerator)[![watchers](https://badgen.net/github/watchers/disruptops/IncidentResponseGenerator)](https://badgen.net/github/watchers/disruptops/IncidentResponseGenerator)[![last-commit](https://badgen.net/github/last-commit/disruptops/IncidentResponseGenerator)](https://badgen.net/github/last-commit/disruptops/IncidentResponseGenerator) [![open-issues](https://badgen.net/github/open-issues/disruptops/IncidentResponseGenerator)](https://badgen.net/github/open-issues/disruptops/IncidentResponseGenerator) [![closed-issues](https://badgen.net/github/closed-issues/disruptops/IncidentResponseGenerator)](https://badgen.net/github/closed-issues/disruptops/IncidentResponseGenerator) |
-| **Leonidas** | [https://github.com/fsecurelabs/leonidas](https://github.com/fsecurelabs/leonidas) | Automated Attack Simulation in the Cloud complete with detection use cases.  | [![stars](https://badgen.net/github/stars/fsecurelabs/leonidas)](https://badgen.net/github/stars/fsecurelabs/leonidas) | [![contributors](https://badgen.net/github/contributors/fsecurelabs/leonidas)](https://badgen.net/github/contributors/fsecurelabs/leonidas) [![watchers](https://badgen.net/github/watchers/fsecurelabs/leonidas)](https://badgen.net/github/watchers/fsecurelabs/leonidas) [![last-commit](https://badgen.net/github/last-commit/fsecurelabs/leonidas)](https://badgen.net/github/last-commit/fsecurelabs/leonidas) [![open-issues](https://badgen.net/github/open-issues/fsecurelabs/leonidas)](https://badgen.net/github/open-issues/fsecurelabs/leonidas) [![closed-issues](https://badgen.net/github/closed-issues/fsecurelabs/leonidas)](https://badgen.net/github/closed-issues/fsecurelabs/leonidas) |
 | **Breaking and Pwning Apps and Servers on AWS and Azure** | [https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training](https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) | Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training! |[![stars](https://badgen.net/github/stars/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/stars/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)| [![contributors](https://badgen.net/github/contributors/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/contributors/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)[![watchers](https://badgen.net/github/watchers/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/watchers/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)[![last-commit](https://badgen.net/github/last-commit/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/last-commit/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) [![open-issues](https://badgen.net/github/open-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/open-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) [![closed-issues](https://badgen.net/github/closed-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/closed-issues/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) |
 | **terragoat** | [https://github.com/bridgecrewio/terragoat](https://github.com/bridgecrewio/terragoat) | "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | [![stars](https://badgen.net/github/stars/bridgecrewio/terragoat)](https://badgen.net/github/stars/bridgecrewio/terragoat) | [![contributors](https://badgen.net/github/contributors/bridgecrewio/terragoat)](https://badgen.net/github/contributors/bridgecrewio/terragoat) [![watchers](https://badgen.net/github/watchers/bridgecrewio/terragoat)](https://badgen.net/github/watchers/bridgecrewio/terragoat) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/terragoat)](https://badgen.net/github/last-commit/bridgecrewio/terragoat) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/terragoat)](https://badgen.net/github/open-issues/bridgecrewio/terragoat) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/terragoat)](https://badgen.net/github/closed-issues/bridgecrewio/terragoat) |
 | **cfngoat** | [https://github.com/bridgecrewio/cfngoat](https://github.com/bridgecrewio/cfngoat) | "Vulnerable by Design" cloudformation repository. CfnGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | [![stars](https://badgen.net/github/stars/bridgecrewio/cfngoat)](https://badgen.net/github/stars/bridgecrewio/cfngoat) | [![contributors](https://badgen.net/github/contributors/bridgecrewio/cfngoat)](https://badgen.net/github/contributors/bridgecrewio/cfngoat) [![watchers](https://badgen.net/github/watchers/bridgecrewio/cfngoat)](https://badgen.net/github/watchers/bridgecrewio/cfngoat) [![last-commit](https://badgen.net/github/last-commit/bridgecrewio/cfngoat)](https://badgen.net/github/last-commit/bridgecrewio/cfngoat) [![open-issues](https://badgen.net/github/open-issues/bridgecrewio/cfngoat)](https://badgen.net/github/open-issues/bridgecrewio/cfngoat) [![closed-issues](https://badgen.net/github/closed-issues/bridgecrewio/cfngoat)](https://badgen.net/github/closed-issues/bridgecrewio/cfngoat) |