diff --git a/atomics/T1016.001/T1016.001.yaml b/atomics/T1016.001/T1016.001.yaml index 4fd5dbf5..1bbd1885 100644 --- a/atomics/T1016.001/T1016.001.yaml +++ b/atomics/T1016.001/T1016.001.yaml @@ -34,3 +34,51 @@ atomic_tests: elevation_required: false command: | ping -n 4 #{ping_target} +- name: Check internet connection using Test-NetConnection in PowerShell (ICMP-Ping) + auto_generated_guid: + description: | + Check internet connection using PowerShell's Test-NetConnection cmdlet and the ICMP/Ping protocol. The default target is 8.8.8.8 (Google Public DNS). + supported_platforms: + - windows + input_arguments: + target: + description: target of the request + type: string + default: 8.8.8.8 + executor: + name: powershell + elevation_required: false + command: | + Test-NetConnection -ComputerName #{target} +- name: Check internet connection using Test-NetConnection in PowerShell (TCP-HTTP) + auto_generated_guid: + description: | + Check internet connection using PowerShell's Test-NetConnection cmdlet and the TCP protocol to check for outbound HTTP (Port 80) access. The default target is www.google.com. + supported_platforms: + - windows + input_arguments: + target: + description: target of the request + type: string + default: www.google.com + executor: + name: powershell + elevation_required: false + command: | + Test-NetConnection -CommonTCPPort HTTP -ComputerName #{target} +- name: Check internet connection using Test-NetConnection in PowerShell (TCP-SMB) + auto_generated_guid: + description: | + Check internet connection using PowerShell's Test-NetConnection cmdlet and the TCP protocol to check for outbound SMB (Port 445) access. The default target is 8.8.8.8. + supported_platforms: + - windows + input_arguments: + target: + description: target of the request + type: string + default: 8.8.8.8 + executor: + name: powershell + elevation_required: false + command: | + Test-NetConnection -CommonTCPPort SMB -ComputerName #{target}