Malicious traffic in the form of self-propagating worms and denial of service attacks is a constant threat to the normal operation of Internet systems. This highlights the need for comprehensive vulnerability assessment in network system development and tools to support such tests. This paper describes MACE, a unique environment for recreating a wide range of malicious packet traffic in laboratory testbeds. The first contribution of our work is the definition of a model for attack traffic generation. This model enables the flexible composition of malicious traffic such that both known attacks (such as the Welchia worm) and new attack variants can be realized. Our second contribution is the design and implementation of an extensible toolkit for attack traffic specification and generation. To demonstrate the capability of this toolkit, we provide an analysis of stress tests conducted on a popular firewall and two popular network intrusion detection systems. The tests show the variability in responses of these systems illustrating where and how they are vulnerable to malicious traffic.