security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

uuid

Browse Source
This commit is contained in:
patel-bhavin
2022-07-28 17:22:54 -07:00
parent 0e99122ced
commit 11ebaedddf
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/T1562.008/T1562.008.yaml
+2 -2
View File
@@ -184,7 +184,7 @@ atomic_tests:
elevation_required: false
- name: AWS - CloudTrail Logs Impairment Through S3 Lifecycle Rule using Stratus
auto_generated_guid: a27428de-bdce-4ebd-b655-38f11122bf0c
auto_generated_guid: a27428de-bdce-411d-b655-38f11122bf0c
description: |
This atomic test will use the stratus red team will first setup a cloudtrail logging into an S3 bucket and will then make an API call to update the lifecycle rule on that S3 bucket with an expiration date of 1 day. This will essentially delete all the logs after one day. Adversaries often do this actiivity to evade detection. Stratus Red Team is a self-contained binary. You can use it to easily detonate offensive attack techniques against a live cloud environment. ref: https://stratus-red-team.cloud/attack-techniques/AWS/aws.defense-evasion.cloudtrail-lifecycle-rule/
supported_platforms:
@@ -239,7 +239,7 @@ atomic_tests:
elevation_required: false
- name: AWS - Remove VPC Flow Logs using Stratus
auto_generated_guid: a27428qw-bdce-4ebd-b655-38f11122bf0c
auto_generated_guid: a11428qw-bdce-432d-b655-38f11122bf0c
description: |
This atomic will attempt to remove VPC Flow Logs configuration. Stratus Red Team is a self-contained binary. You can use it to easily detonate offensive attack techniques against a live cloud environment. Ref: https://stratus-red-team.cloud/attack-techniques/AWS/aws.defense-evasion.vpc-remove-flow-logs/
supported_platforms: