Generated docs from job=generate-docs branch=master [ci skip]

2023-06-14 00:21:58 +00:00
parent 855857d46b
commit 085b3ec2c9
12 changed files with 255 additions and 11 deletions
@@ -1581,7 +1581,9 @@ impact,T1486,Data Encrypted for Impact,2,Encrypt files using 7z (Linux),53e6735a
 impact,T1486,Data Encrypted for Impact,3,Encrypt files using ccrypt (Linux),08cbf59f-85da-4369-a5f4-049cffd7709f,bash
 impact,T1486,Data Encrypted for Impact,4,Encrypt files using openssl (Linux),142752dc-ca71-443b-9359-cf6f497315f1,bash
 impact,T1486,Data Encrypted for Impact,5,PureLocker Ransom Note,649349c7-9abf-493b-a7a2-b1aa4d141528,command_prompt
-impact,T1486,Data Encrypted for Impact,6,Data Encrypted with GPG4Win,4541e2c2-33c8-44b1-be79-9161440f1718,powershell
+impact,T1486,Data Encrypted for Impact,6,Encrypt files using 7z utility - macOS,645f0f5a-ef09-48d8-b9bc-f0e24c642d72,sh
+impact,T1486,Data Encrypted for Impact,7,Encrypt files using openssl utility - macOS,1a01f6b8-b1e8-418e-bbe3-78a6f822759e,sh
+impact,T1486,Data Encrypted for Impact,8,Data Encrypted with GPG4Win,4541e2c2-33c8-44b1-be79-9161440f1718,powershell
 impact,T1496,Resource Hijacking,1,macOS/Linux - Simulate CPU Load with Yes,904a5a0e-fb02-490d-9f8d-0e256eb37549,bash
 impact,T1485,Data Destruction,1,Windows - Overwrite file with Sysinternals SDelete,476419b5-aebf-4366-a131-ae3e8dae5fc2,powershell
 impact,T1485,Data Destruction,2,macOS/Linux - Overwrite file with DD,38deee99-fd65-4031-bec8-bfa4f9f26146,bash
@@ -224,6 +224,8 @@ discovery,T1518,Software Discovery,3,Find and Display Safari Browser Version,103
 impact,T1531,Account Access Removal,4,Change User Password via passwd,3c717bf3-2ecc-4d79-8ac8-0bfbf08fbce6,sh
 impact,T1531,Account Access Removal,5,Delete User via dscl utility,4d938c43-2fe8-4d70-a5b3-5bf239aa7846,sh
 impact,T1531,Account Access Removal,6,Delete User via sysadminctl utility,d3812c4e-30ee-466a-a0aa-07e355b561d6,sh
+impact,T1486,Data Encrypted for Impact,6,Encrypt files using 7z utility - macOS,645f0f5a-ef09-48d8-b9bc-f0e24c642d72,sh
+impact,T1486,Data Encrypted for Impact,7,Encrypt files using openssl utility - macOS,1a01f6b8-b1e8-418e-bbe3-78a6f822759e,sh
 impact,T1496,Resource Hijacking,1,macOS/Linux - Simulate CPU Load with Yes,904a5a0e-fb02-490d-9f8d-0e256eb37549,bash
 impact,T1485,Data Destruction,2,macOS/Linux - Overwrite file with DD,38deee99-fd65-4031-bec8-bfa4f9f26146,bash
 impact,T1529,System Shutdown/Reboot,3,Restart System via `shutdown` - macOS/Linux,6326dbc4-444b-4c04-88f4-27e94d0327cb,bash
@@ -1085,7 +1085,7 @@ impact,T1531,Account Access Removal,1,Change User Password - Windows,1b99ef28-f8
 impact,T1531,Account Access Removal,2,Delete User - Windows,f21a1d7d-a62f-442a-8c3a-2440d43b19e5,command_prompt
 impact,T1531,Account Access Removal,3,Remove Account From Domain Admin Group,43f71395-6c37-498e-ab17-897d814a0947,powershell
 impact,T1486,Data Encrypted for Impact,5,PureLocker Ransom Note,649349c7-9abf-493b-a7a2-b1aa4d141528,command_prompt
-impact,T1486,Data Encrypted for Impact,6,Data Encrypted with GPG4Win,4541e2c2-33c8-44b1-be79-9161440f1718,powershell
+impact,T1486,Data Encrypted for Impact,8,Data Encrypted with GPG4Win,4541e2c2-33c8-44b1-be79-9161440f1718,powershell
 impact,T1485,Data Destruction,1,Windows - Overwrite file with Sysinternals SDelete,476419b5-aebf-4366-a131-ae3e8dae5fc2,powershell
 impact,T1485,Data Destruction,3,Overwrite deleted data on C drive,321fd25e-0007-417f-adec-33232252be19,command_prompt
 impact,T1490,Inhibit System Recovery,1,Windows - Delete Volume Shadow Copies,43819286-91a9-4369-90ed-d31fb4da2c01,command_prompt
@@ -2534,7 +2534,9 @@
  - Atomic Test #3: Encrypt files using ccrypt (Linux) [linux]
  - Atomic Test #4: Encrypt files using openssl (Linux) [linux]
  - Atomic Test #5: PureLocker Ransom Note [windows]
-  - Atomic Test #6: Data Encrypted with GPG4Win [windows]
+  - Atomic Test #6: Encrypt files using 7z utility - macOS [macos]
+  - Atomic Test #7: Encrypt files using openssl utility - macOS [macos]
+  - Atomic Test #8: Data Encrypted with GPG4Win [windows]
 - T1488 Disk Content Wipe [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
 - T1499 Endpoint Denial of Service [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
 - T1494 Runtime Data Manipulation [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
@@ -635,7 +635,9 @@
  - Atomic Test #4: Change User Password via passwd [macos, linux]
  - Atomic Test #5: Delete User via dscl utility [macos]
  - Atomic Test #6: Delete User via sysadminctl utility [macos]
- T1486 Data Encrypted for Impact [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
+- [T1486 Data Encrypted for Impact](../../T1486/T1486.md)
+  - Atomic Test #6: Encrypt files using 7z utility - macOS [macos]
+  - Atomic Test #7: Encrypt files using openssl utility - macOS [macos]
 - T1488 Disk Content Wipe [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
 - T1499 Endpoint Denial of Service [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
 - T1494 Runtime Data Manipulation [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
@@ -1751,7 +1751,7 @@
  - Atomic Test #3: Remove Account From Domain Admin Group [windows]
 - [T1486 Data Encrypted for Impact](../../T1486/T1486.md)
  - Atomic Test #5: PureLocker Ransom Note [windows]
-  - Atomic Test #6: Data Encrypted with GPG4Win [windows]
+  - Atomic Test #8: Data Encrypted with GPG4Win [windows]
 - T1488 Disk Content Wipe [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
 - T1499 Endpoint Denial of Service [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
 - T1494 Runtime Data Manipulation [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
@@ -19,7 +19,7 @@
 | Spearphishing via Service [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Software Deployment Tools [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Login Item [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Valid Accounts: Default Accounts](../../T1078.001/T1078.001.md) | Hide Artifacts [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Bash History [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Time Based Evasion [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |  | DHCP Spoofing [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Data Encrypted [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Mail Protocols [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Defacement: Internal Defacement [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |
 | Hardware Additions [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Graphical User Interface [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Browser Extensions](../../T1176/T1176.md) | [Event Triggered Execution: Trap](../../T1546.005/T1546.005.md) | [Virtualization/Sandbox Evasion: System Checks](../../T1497.001/T1497.001.md) | Credentials from Web Browsers [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Browser Bookmark Discovery](../../T1217/T1217.md) |  | Web Portal Capture [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Exfiltration Over Physical Medium [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Communication Through Removable Media [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Data Manipulation [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |
 | Drive-by Compromise [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Command and Scripting Interpreter: Bash](../../T1059.004/T1059.004.md) | [Boot or Logon Initialization Scripts: Logon Script (Mac)](../../T1037.002/T1037.002.md) | [Hijack Execution Flow: LD_PRELOAD](../../T1574.006/T1574.006.md) | [Indicator Removal on Host: Clear Linux or Mac System Logs](../../T1070.002/T1070.002.md) | Private Keys [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [System Network Configuration Discovery](../../T1016/T1016.md) |  | Video Capture [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol](../../T1048.003/T1048.003.md) | External Proxy [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Account Access Removal](../../T1531/T1531.md) |
-| Spearphishing via Service [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Inter-Process Communication [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Traffic Signaling [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Plist Modification [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Disabling Security Tools [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Credentials from Password Stores: Credentials from Web Browsers](../../T1555.003/T1555.003.md) | Account Discovery [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |  | Email Collection: Email Forwarding Rule [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |  | Proxy [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Data Encrypted for Impact [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |
+| Spearphishing via Service [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Inter-Process Communication [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Traffic Signaling [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Plist Modification [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Disabling Security Tools [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Credentials from Password Stores: Credentials from Web Browsers](../../T1555.003/T1555.003.md) | Account Discovery [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |  | Email Collection: Email Forwarding Rule [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |  | Proxy [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Data Encrypted for Impact](../../T1486/T1486.md) |
 | [Valid Accounts: Local Accounts](../../T1078.003/T1078.003.md) | Trap [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Launchctl [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Abuse Elevation Control Mechanism [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Stripped Payloads [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | DHCP Spoofing [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [File and Directory Discovery](../../T1083/T1083.md) |  | Data Staged [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |  | Dynamic Resolution [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Disk Content Wipe [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |
 |  | Exploitation for Client Execution [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Create or Modify System Process: Launch Daemon](../../T1543.004/T1543.004.md) | [Abuse Elevation Control Mechanism: Setuid and Setgid](../../T1548.001/T1548.001.md) | [Subvert Trust Controls: Gatekeeper Bypass](../../T1553.001/T1553.001.md) | [Unsecured Credentials: Private Keys](../../T1552.004/T1552.004.md) | [System Network Connections Discovery](../../T1049/T1049.md) |  | [Input Capture: GUI Input Capture](../../T1056.002/T1056.002.md) |  | Multi-hop Proxy [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Endpoint Denial of Service [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |
 |  | Local Job Scheduling [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Server Software Component: Web Shell [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | [Boot or Logon Autostart Execution: Login Items](../../T1547.015/T1547.015.md) | Code Signing [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Brute Force: Password Spraying [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Virtualization/Sandbox Evasion [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |  | Data from Network Shared Drive [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |  | Web Service [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) | Runtime Data Manipulation [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing) |
@@ -108971,6 +108971,76 @@ impact:
        cleanup_command: 'del %USERPROFILE%\Desktop\YOUR_FILES.txt >nul 2>&1

          '
+    - name: Encrypt files using 7z utility - macOS
+      auto_generated_guid: 645f0f5a-ef09-48d8-b9bc-f0e24c642d72
+      description: 'This test encrypts the file(s) using the 7z utility
+
+        '
+      supported_platforms:
+      - macos
+      dependency_executor_name: sh
+      dependencies:
+      - description: 'Check if 7z command exists on the machine
+
+          '
+        prereq_command: 'which 7z
+
+          '
+        get_prereq_command: |
+          echo Installing 7z, using brew
+          /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+          brew install p7zip
+      input_arguments:
+        file_password:
+          description: Password to be provided for archiving the file
+          type: string
+          default: ARTPass
+        encrypted_file_name:
+          description: Name of the archive to be created
+          type: string
+          default: ARTArchive.7z
+        input_file_path:
+          description: Path to the file that you want to encrypt
+          type: path
+          default: "~/test.txt"
+      executor:
+        command: '7z a -p #{file_password} -mhe=on #{encrypted_file_name} #{input_file_path}
+
+          '
+        cleanup_command: 'rm #{encrypted_file_name}
+
+          '
+        name: sh
+        elevation_required: false
+    - name: Encrypt files using openssl utility - macOS
+      auto_generated_guid: 1a01f6b8-b1e8-418e-bbe3-78a6f822759e
+      description: 'This test encrypts the file(s) using the openssl utility
+
+        '
+      supported_platforms:
+      - macos
+      input_arguments:
+        encryption_option:
+          description: Specifiy the required encryption option
+          type: string
+          default: "-pbkdf2"
+        input_file_path:
+          description: Path to the file that you want to encrypt
+          type: path
+          default: "~/test.txt"
+        output_file_name:
+          description: Path to the file that you want to encrypt
+          type: string
+          default: ARTFile
+      executor:
+        command: 'openssl enc #{encryption_option} -in #{input_file_path} -out #{output_file_name}
+
+          '
+        cleanup_command: 'rm #{output_file_name}
+
+          '
+        name: sh
+        elevation_required: false
    - name: Data Encrypted with GPG4Win
      auto_generated_guid: 4541e2c2-33c8-44b1-be79-9161440f1718
      description: Gpg4win is a Windows tool (also called Kleopatra which is the preferred
@@ -70476,7 +70476,77 @@ impact:
      x_mitre_attack_spec_version: 2.1.0
      x_mitre_modified_by_ref: identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5
      identifier: T1486
-    atomic_tests: []
+    atomic_tests:
+    - name: Encrypt files using 7z utility - macOS
+      auto_generated_guid: 645f0f5a-ef09-48d8-b9bc-f0e24c642d72
+      description: 'This test encrypts the file(s) using the 7z utility
+
+        '
+      supported_platforms:
+      - macos
+      dependency_executor_name: sh
+      dependencies:
+      - description: 'Check if 7z command exists on the machine
+
+          '
+        prereq_command: 'which 7z
+
+          '
+        get_prereq_command: |
+          echo Installing 7z, using brew
+          /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+          brew install p7zip
+      input_arguments:
+        file_password:
+          description: Password to be provided for archiving the file
+          type: string
+          default: ARTPass
+        encrypted_file_name:
+          description: Name of the archive to be created
+          type: string
+          default: ARTArchive.7z
+        input_file_path:
+          description: Path to the file that you want to encrypt
+          type: path
+          default: "~/test.txt"
+      executor:
+        command: '7z a -p #{file_password} -mhe=on #{encrypted_file_name} #{input_file_path}
+
+          '
+        cleanup_command: 'rm #{encrypted_file_name}
+
+          '
+        name: sh
+        elevation_required: false
+    - name: Encrypt files using openssl utility - macOS
+      auto_generated_guid: 1a01f6b8-b1e8-418e-bbe3-78a6f822759e
+      description: 'This test encrypts the file(s) using the openssl utility
+
+        '
+      supported_platforms:
+      - macos
+      input_arguments:
+        encryption_option:
+          description: Specifiy the required encryption option
+          type: string
+          default: "-pbkdf2"
+        input_file_path:
+          description: Path to the file that you want to encrypt
+          type: path
+          default: "~/test.txt"
+        output_file_name:
+          description: Path to the file that you want to encrypt
+          type: string
+          default: ARTFile
+      executor:
+        command: 'openssl enc #{encryption_option} -in #{input_file_path} -out #{output_file_name}
+
+          '
+        cleanup_command: 'rm #{output_file_name}
+
+          '
+        name: sh
+        elevation_required: false
  T1488:
    technique:
      x_mitre_platforms:
@@ -20,7 +20,11 @@ In cloud environments, storage objects within compromised accounts may also be e

 - [Atomic Test #5 - PureLocker Ransom Note](#atomic-test-5---purelocker-ransom-note)

- [Atomic Test #6 - Data Encrypted with GPG4Win](#atomic-test-6---data-encrypted-with-gpg4win)
+- [Atomic Test #6 - Encrypt files using 7z utility - macOS](#atomic-test-6---encrypt-files-using-7z-utility---macos)
+
+- [Atomic Test #7 - Encrypt files using openssl utility - macOS](#atomic-test-7---encrypt-files-using-openssl-utility---macos)
+
+- [Atomic Test #8 - Data Encrypted with GPG4Win](#atomic-test-8---data-encrypted-with-gpg4win)


 <br/>
@@ -272,7 +276,99 @@ del %USERPROFILE%\Desktop\YOUR_FILES.txt >nul 2>&1
 <br/>
 <br/>

-## Atomic Test #6 - Data Encrypted with GPG4Win
+## Atomic Test #6 - Encrypt files using 7z utility - macOS
+This test encrypts the file(s) using the 7z utility
+
+**Supported Platforms:** macOS
+
+
+**auto_generated_guid:** 645f0f5a-ef09-48d8-b9bc-f0e24c642d72
+
+
+
+
+
+#### Inputs:
+| Name | Description | Type | Default Value |
+|------|-------------|------|---------------|
+| file_password | Password to be provided for archiving the file | string | ARTPass|
+| encrypted_file_name | Name of the archive to be created | string | ARTArchive.7z|
+| input_file_path | Path to the file that you want to encrypt | path | ~/test.txt|
+
+
+#### Attack Commands: Run with `sh`! 
+
+
+```sh
+7z a -p #{file_password} -mhe=on #{encrypted_file_name} #{input_file_path}
+```
+
+#### Cleanup Commands:
+```sh
+rm #{encrypted_file_name}
+```
+
+
+
+#### Dependencies:  Run with `sh`!
+##### Description: Check if 7z command exists on the machine
+##### Check Prereq Commands:
+```sh
+which 7z
+```
+##### Get Prereq Commands:
+```sh
+echo Installing 7z, using brew
+/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+brew install p7zip
+```
+
+
+
+
+<br/>
+<br/>
+
+## Atomic Test #7 - Encrypt files using openssl utility - macOS
+This test encrypts the file(s) using the openssl utility
+
+**Supported Platforms:** macOS
+
+
+**auto_generated_guid:** 1a01f6b8-b1e8-418e-bbe3-78a6f822759e
+
+
+
+
+
+#### Inputs:
+| Name | Description | Type | Default Value |
+|------|-------------|------|---------------|
+| encryption_option | Specifiy the required encryption option | string | -pbkdf2|
+| input_file_path | Path to the file that you want to encrypt | path | ~/test.txt|
+| output_file_name | Path to the file that you want to encrypt | string | ARTFile|
+
+
+#### Attack Commands: Run with `sh`! 
+
+
+```sh
+openssl enc #{encryption_option} -in #{input_file_path} -out #{output_file_name}
+```
+
+#### Cleanup Commands:
+```sh
+rm #{output_file_name}
+```
+
+
+
+
+
+<br/>
+<br/>
+
+## Atomic Test #8 - Data Encrypted with GPG4Win
 Gpg4win is a Windows tool (also called Kleopatra which is the preferred certificate manager) that uses email and file encryption packages for symmetric encryption. It is used by attackers to encrypt disks. User will need to add pass phrase to encrypt file as automation is not allowed under newer versions.

 **Supported Platforms:** Windows