security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cleaner title (#1260)

Browse Source 
* cleaner title

* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-13

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
This commit is contained in:
Carrie Roberts
2020-10-24 08:17:34 -06:00
committed by GitHub
parent 8c75682918
commit 49285769f7
7 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/Indexes/Indexes-CSV/index.csv
+1 -1
View File
@@ -619,7 +619,7 @@ lateral-movement,T1550.002,Pass the Hash,1,Mimikatz Pass the Hash,ec23cef9-27d9-
lateral-movement,T1550.002,Pass the Hash,2,crackmapexec Pass the Hash,eb05b028-16c8-4ad8-adea-6f5b219da9a9,command_prompt
lateral-movement,T1550.003,Pass the Ticket,1,Mimikatz Kerberos Ticket Attack,dbf38128-7ba7-4776-bedf-cc2eed432098,command_prompt
lateral-movement,T1563.002,RDP Hijacking,1,RDP hijacking,a37ac520-b911-458e-8aed-c5f1576d9f46,command_prompt
lateral-movement,T1021.001,Remote Desktop Protocol,1,RDPto-DomainController,355d4632-8cb9-449d-91ce-b566d0253d3e,powershell
lateral-movement,T1021.001,Remote Desktop Protocol,1,RDP to DomainController,355d4632-8cb9-449d-91ce-b566d0253d3e,powershell
lateral-movement,T1021.001,Remote Desktop Protocol,2,RDP to Server,7382a43e-f19c-46be-8f09-5c63af7d3e2b,powershell
lateral-movement,T1021.002,SMB/Windows Admin Shares,1,Map admin share,3386975b-367a-4fbb-9d77-4dcf3639ffd3,command_prompt
lateral-movement,T1021.002,SMB/Windows Admin Shares,2,Map Admin Share PowerShell,514e9cd7-9207-4882-98b1-c8f791bae3c5,powershell
1 Tactic Technique # Technique Name Test # Test Name Test GUID Executor Name
619 lateral-movement T1550.002 Pass the Hash 2 crackmapexec Pass the Hash eb05b028-16c8-4ad8-adea-6f5b219da9a9 command_prompt
620 lateral-movement T1550.003 Pass the Ticket 1 Mimikatz Kerberos Ticket Attack dbf38128-7ba7-4776-bedf-cc2eed432098 command_prompt
621 lateral-movement T1563.002 RDP Hijacking 1 RDP hijacking a37ac520-b911-458e-8aed-c5f1576d9f46 command_prompt
622 lateral-movement T1021.001 Remote Desktop Protocol 1 RDPto-DomainController RDP to DomainController 355d4632-8cb9-449d-91ce-b566d0253d3e powershell
623 lateral-movement T1021.001 Remote Desktop Protocol 2 RDP to Server 7382a43e-f19c-46be-8f09-5c63af7d3e2b powershell
624 lateral-movement T1021.002 SMB/Windows Admin Shares 1 Map admin share 3386975b-367a-4fbb-9d77-4dcf3639ffd3 command_prompt
625 lateral-movement T1021.002 SMB/Windows Admin Shares 2 Map Admin Share PowerShell 514e9cd7-9207-4882-98b1-c8f791bae3c5 powershell
atomics/Indexes/Indexes-CSV/windows-index.csv
+1 -1
View File
@@ -478,7 +478,7 @@ lateral-movement,T1550.002,Pass the Hash,1,Mimikatz Pass the Hash,ec23cef9-27d9-
lateral-movement,T1550.002,Pass the Hash,2,crackmapexec Pass the Hash,eb05b028-16c8-4ad8-adea-6f5b219da9a9,command_prompt
lateral-movement,T1550.003,Pass the Ticket,1,Mimikatz Kerberos Ticket Attack,dbf38128-7ba7-4776-bedf-cc2eed432098,command_prompt
lateral-movement,T1563.002,RDP Hijacking,1,RDP hijacking,a37ac520-b911-458e-8aed-c5f1576d9f46,command_prompt
lateral-movement,T1021.001,Remote Desktop Protocol,1,RDPto-DomainController,355d4632-8cb9-449d-91ce-b566d0253d3e,powershell
lateral-movement,T1021.001,Remote Desktop Protocol,1,RDP to DomainController,355d4632-8cb9-449d-91ce-b566d0253d3e,powershell
lateral-movement,T1021.001,Remote Desktop Protocol,2,RDP to Server,7382a43e-f19c-46be-8f09-5c63af7d3e2b,powershell
lateral-movement,T1021.002,SMB/Windows Admin Shares,1,Map admin share,3386975b-367a-4fbb-9d77-4dcf3639ffd3,command_prompt
lateral-movement,T1021.002,SMB/Windows Admin Shares,2,Map Admin Share PowerShell,514e9cd7-9207-4882-98b1-c8f791bae3c5,powershell
1 Tactic Technique # Technique Name Test # Test Name Test GUID Executor Name
478 lateral-movement T1550.002 Pass the Hash 2 crackmapexec Pass the Hash eb05b028-16c8-4ad8-adea-6f5b219da9a9 command_prompt
479 lateral-movement T1550.003 Pass the Ticket 1 Mimikatz Kerberos Ticket Attack dbf38128-7ba7-4776-bedf-cc2eed432098 command_prompt
480 lateral-movement T1563.002 RDP Hijacking 1 RDP hijacking a37ac520-b911-458e-8aed-c5f1576d9f46 command_prompt
481 lateral-movement T1021.001 Remote Desktop Protocol 1 RDPto-DomainController RDP to DomainController 355d4632-8cb9-449d-91ce-b566d0253d3e powershell
482 lateral-movement T1021.001 Remote Desktop Protocol 2 RDP to Server 7382a43e-f19c-46be-8f09-5c63af7d3e2b powershell
483 lateral-movement T1021.002 SMB/Windows Admin Shares 1 Map admin share 3386975b-367a-4fbb-9d77-4dcf3639ffd3 command_prompt
484 lateral-movement T1021.002 SMB/Windows Admin Shares 2 Map Admin Share PowerShell 514e9cd7-9207-4882-98b1-c8f791bae3c5 powershell
atomics/Indexes/Indexes-Markdown/index.md
+1 -1
View File
@@ -1105,7 +1105,7 @@
- [T1563.002 RDP Hijacking](../../T1563.002/T1563.002.md)
- Atomic Test #1: RDP hijacking [windows]
- [T1021.001 Remote Desktop Protocol](../../T1021.001/T1021.001.md)
- Atomic Test #1: RDPto-DomainController [windows]
- Atomic Test #1: RDP to DomainController [windows]
- Atomic Test #2: RDP to Server [windows]
- T1563 Remote Service Session Hijacking [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
- T1021 Remote Services [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
atomics/Indexes/Indexes-Markdown/windows-index.md
+1 -1
View File
@@ -958,7 +958,7 @@
- [T1563.002 RDP Hijacking](../../T1563.002/T1563.002.md)
- Atomic Test #1: RDP hijacking [windows]
- [T1021.001 Remote Desktop Protocol](../../T1021.001/T1021.001.md)
- Atomic Test #1: RDPto-DomainController [windows]
- Atomic Test #1: RDP to DomainController [windows]
- Atomic Test #2: RDP to Server [windows]
- T1563 Remote Service Session Hijacking [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
- T1021 Remote Services [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
atomics/Indexes/index.yaml
+1 -1
View File
@@ -45758,7 +45758,7 @@ lateral-movement:
- Windows
identifier: T1021.001
atomic_tests:
- name: RDPto-DomainController
- name: RDP to DomainController
auto_generated_guid: 355d4632-8cb9-449d-91ce-b566d0253d3e
description: 'Attempt an RDP session via Remote Desktop Application to a DomainController.
atomics/T1021.001/T1021.001.md
+2 -2
View File
@@ -8,14 +8,14 @@ Adversaries may connect to a remote system over RDP/RDS to expand access if the
## Atomic Tests
- [Atomic Test #1 - RDPto-DomainController](#atomic-test-1---rdpto-domaincontroller)
- [Atomic Test #1 - RDP to DomainController](#atomic-test-1---rdp-to-domaincontroller)
- [Atomic Test #2 - RDP to Server](#atomic-test-2---rdp-to-server)
<br/>
## Atomic Test #1 - RDPto-DomainController
## Atomic Test #1 - RDP to DomainController
Attempt an RDP session via Remote Desktop Application to a DomainController.
**Supported Platforms:** Windows
atomics/T1021.001/T1021.001.yaml
+1 -1
View File
@@ -1,7 +1,7 @@
attack_technique: T1021.001
display_name: 'Remote Services: Remote Desktop Protocol'
atomic_tests:
- name: RDPto-DomainController
- name: RDP to DomainController
auto_generated_guid: 355d4632-8cb9-449d-91ce-b566d0253d3e
description: |
Attempt an RDP session via Remote Desktop Application to a DomainController.