atomic_red_team/atomic_test_template.yaml

---
attack_technique: TODO
display_name: TODO

atomic_tests:
- name: TODO
  description: |
    TODO

  supported_platforms:
    - windows
    - macos
    - linux

  input_arguments:
    output_file:
      description: TODO
      type: TODO
      default: TODO

  dependency_executor_name: powershell # (optional) The executor for the prereq commands, defaults to the same executor used by the attack commands.
  dependencies: # (optional)
    - description: |
        TODO
      prereq_command: | # Commands to check if prerequisites for running this test are met. For the "command_prompt" executor, if any command returns a non-zero exit code, the prerequisites are not met. For the "powershell" executor, all commands are run as a script block and the script block must return 0 for success.
        TODO
      get_prereq_command: | # Commands to meet this prerequisite or a message describing how to meet this prerequisite.
        TODO

  executor:
    name: command_prompt
    elevation_required: true # Indicates whether command must be run with admin privileges. If the elevation_required attribute is not defined, the value is assumed to be false.
    command: | # These are the actaul attack commands, at least one command must be provided.
      TODO
    cleanup_command: | # You can remove the cleanup_command section if there are no cleanup commands.
      TODO
Add new_atomic.rb script that creates a new atomic tests file for a technique 2018-05-10 12:20:35 -06:00			`---`
			`attack_technique: TODO`
			`display_name: TODO`

			`atomic_tests:`
			`- name: TODO`
			`description: \|`
			`TODO`

			`supported_platforms:`
			`- windows`
			`- macos`
			`- linux`

			`input_arguments:`
			`output_file:`
			`description: TODO`
Update atomic_test_template.yaml (#1463 ) 2021-05-13 13:38:26 -07:00			`type: TODO`
Add new_atomic.rb script that creates a new atomic tests file for a technique 2018-05-10 12:20:35 -06:00			`default: TODO`

Update atomic_test_template.yaml (#1463 ) 2021-05-13 13:38:26 -07:00			`dependency_executor_name: powershell # (optional) The executor for the prereq commands, defaults to the same executor used by the attack commands.`
Replay the Dependencies Merge (#786 ) 2020-01-21 12:11:45 -06:00			`dependencies: # (optional)`
			`- description: \|`
			`TODO`
Update atomic_test_template.yaml (#1463 ) 2021-05-13 13:38:26 -07:00			`prereq_command: \| # Commands to check if prerequisites for running this test are met. For the "command_prompt" executor, if any command returns a non-zero exit code, the prerequisites are not met. For the "powershell" executor, all commands are run as a script block and the script block must return 0 for success.`
Replay the Dependencies Merge (#786 ) 2020-01-21 12:11:45 -06:00			`TODO`
Update atomic_test_template.yaml (#1463 ) 2021-05-13 13:38:26 -07:00			`get_prereq_command: \| # Commands to meet this prerequisite or a message describing how to meet this prerequisite.`
Replay the Dependencies Merge (#786 ) 2020-01-21 12:11:45 -06:00			`TODO`

move bin scripts into bin, apis into atomic-red-team 2018-05-11 06:49:20 +02:00			`executor:`
			`name: command_prompt`
Update atomic_test_template.yaml (#1463 ) 2021-05-13 13:38:26 -07:00			`elevation_required: true # Indicates whether command must be run with admin privileges. If the elevation_required attribute is not defined, the value is assumed to be false.`
			`command: \| # These are the actaul attack commands, at least one command must be provided.`
			`TODO`
			`cleanup_command: \| # You can remove the cleanup_command section if there are no cleanup commands.`
Support for CheckPrereqs and Cleanup Commands (#531 ) 2019-08-30 09:42:44 -06:00			`TODO`