security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]

Browse Source
This commit is contained in:
CircleCI Atomic Red Team doc generator
2021-04-07 03:39:44 +00:00
parent cd3087fa78
commit 5148bb998c
3 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/Indexes/Indexes-CSV/index.csv
+3 -3
View File
@@ -83,7 +83,7 @@ privilege-escalation,T1548.003,Sudo and Sudo Caching,1,Sudo usage,150c3a08-ee6e-
privilege-escalation,T1548.003,Sudo and Sudo Caching,2,Unlimited sudo cache timeout,a7b17659-dd5e-46f7-b7d1-e6792c91d0bc,sh
privilege-escalation,T1548.003,Sudo and Sudo Caching,3,Disable tty_tickets for sudo caching,91a60b03-fb75-4d24-a42e-2eb8956e8de1,sh
privilege-escalation,T1543.002,Systemd Service,1,Create Systemd Service,d9e4f24f-aa67-4c6e-bcbf-85622b697a7c,bash
privilege-escalation,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,42d33451-0a3c-4292-b753-9dbdcd67a0d3,bash
privilege-escalation,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,f4983098-bb13-44fb-9b2c-46149961807b,bash
privilege-escalation,T1134.001,Token Impersonation/Theft,1,Named pipe client impersonation,90db9e27-8e7c-4c04-b602-a45927884966,powershell
privilege-escalation,T1134.001,Token Impersonation/Theft,2,`SeDebugPrivilege` token duplication,34f0a430-9d04-4d98-bcb5-1989f14719f0,powershell
privilege-escalation,T1546.005,Trap,1,Trap,a74b2e07-5952-4c03-8b56-56274b076b61,sh
@@ -176,7 +176,7 @@ persistence,T1547.009,Shortcut Modification,1,Shortcut Modification,ce4fc678-364
persistence,T1547.009,Shortcut Modification,2,Create shortcut to cmd in startup folders,cfdc954d-4bb0-4027-875b-a1893ce406f2,powershell
persistence,T1037.005,Startup Items,1,Add file to Local Library StartupItems,134627c3-75db-410e-bff8-7a920075f198,sh
persistence,T1543.002,Systemd Service,1,Create Systemd Service,d9e4f24f-aa67-4c6e-bcbf-85622b697a7c,bash
persistence,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,42d33451-0a3c-4292-b753-9dbdcd67a0d3,bash
persistence,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,f4983098-bb13-44fb-9b2c-46149961807b,bash
persistence,T1505.002,Transport Agent,1,Install MS Exchange Transport Agent Persistence,43e92449-ff60-46e9-83a3-1a38089df94d,powershell
persistence,T1546.005,Trap,1,Trap,a74b2e07-5952-4c03-8b56-56274b076b61,sh
persistence,T1505.003,Web Shell,1,Web Shell Written to Disk,0a2ce662-1efa-496f-a472-2fe7b080db16,command_prompt
@@ -736,7 +736,7 @@ execution,T1053.005,Scheduled Task,4,Powershell Cmdlet Scheduled Task,af9fd58f-c
execution,T1053.005,Scheduled Task,5,Task Scheduler via VBA,ecd3fa21-7792-41a2-8726-2c5c673414d3,powershell
execution,T1569.002,Service Execution,1,Execute a Command as a Service,2382dee2-a75f-49aa-9378-f52df6ed3fb1,command_prompt
execution,T1569.002,Service Execution,2,Use PsExec to execute a command on a remote host,873106b7-cfed-454b-8680-fa9f6400431c,command_prompt
execution,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,42d33451-0a3c-4292-b753-9dbdcd67a0d3,bash
execution,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,f4983098-bb13-44fb-9b2c-46149961807b,bash
execution,T1059.004,Unix Shell,1,Create and Execute Bash Shell Script,7e7ac3ed-f795-4fa5-b711-09d6fbe9b873,sh
execution,T1059.004,Unix Shell,2,Command-Line Interface,d0c88567-803d-4dca-99b4-7ce65e7b257c,sh
execution,T1059.005,Visual Basic,1,Visual Basic script execution to gather local computer information,1620de42-160a-4fe5-bbaf-d3fef0181ce9,powershell
1 Tactic Technique # Technique Name Test # Test Name Test GUID Executor Name
83 privilege-escalation T1548.003 Sudo and Sudo Caching 2 Unlimited sudo cache timeout a7b17659-dd5e-46f7-b7d1-e6792c91d0bc sh
84 privilege-escalation T1548.003 Sudo and Sudo Caching 3 Disable tty_tickets for sudo caching 91a60b03-fb75-4d24-a42e-2eb8956e8de1 sh
85 privilege-escalation T1543.002 Systemd Service 1 Create Systemd Service d9e4f24f-aa67-4c6e-bcbf-85622b697a7c bash
86 privilege-escalation T1053.006 Systemd Timers 1 Create Systemd Service and Timer 42d33451-0a3c-4292-b753-9dbdcd67a0d3 f4983098-bb13-44fb-9b2c-46149961807b bash
87 privilege-escalation T1134.001 Token Impersonation/Theft 1 Named pipe client impersonation 90db9e27-8e7c-4c04-b602-a45927884966 powershell
88 privilege-escalation T1134.001 Token Impersonation/Theft 2 `SeDebugPrivilege` token duplication 34f0a430-9d04-4d98-bcb5-1989f14719f0 powershell
89 privilege-escalation T1546.005 Trap 1 Trap a74b2e07-5952-4c03-8b56-56274b076b61 sh
176 persistence T1547.009 Shortcut Modification 2 Create shortcut to cmd in startup folders cfdc954d-4bb0-4027-875b-a1893ce406f2 powershell
177 persistence T1037.005 Startup Items 1 Add file to Local Library StartupItems 134627c3-75db-410e-bff8-7a920075f198 sh
178 persistence T1543.002 Systemd Service 1 Create Systemd Service d9e4f24f-aa67-4c6e-bcbf-85622b697a7c bash
179 persistence T1053.006 Systemd Timers 1 Create Systemd Service and Timer 42d33451-0a3c-4292-b753-9dbdcd67a0d3 f4983098-bb13-44fb-9b2c-46149961807b bash
180 persistence T1505.002 Transport Agent 1 Install MS Exchange Transport Agent Persistence 43e92449-ff60-46e9-83a3-1a38089df94d powershell
181 persistence T1546.005 Trap 1 Trap a74b2e07-5952-4c03-8b56-56274b076b61 sh
182 persistence T1505.003 Web Shell 1 Web Shell Written to Disk 0a2ce662-1efa-496f-a472-2fe7b080db16 command_prompt
736 execution T1053.005 Scheduled Task 5 Task Scheduler via VBA ecd3fa21-7792-41a2-8726-2c5c673414d3 powershell
737 execution T1569.002 Service Execution 1 Execute a Command as a Service 2382dee2-a75f-49aa-9378-f52df6ed3fb1 command_prompt
738 execution T1569.002 Service Execution 2 Use PsExec to execute a command on a remote host 873106b7-cfed-454b-8680-fa9f6400431c command_prompt
739 execution T1053.006 Systemd Timers 1 Create Systemd Service and Timer 42d33451-0a3c-4292-b753-9dbdcd67a0d3 f4983098-bb13-44fb-9b2c-46149961807b bash
740 execution T1059.004 Unix Shell 1 Create and Execute Bash Shell Script 7e7ac3ed-f795-4fa5-b711-09d6fbe9b873 sh
741 execution T1059.004 Unix Shell 2 Command-Line Interface d0c88567-803d-4dca-99b4-7ce65e7b257c sh
742 execution T1059.005 Visual Basic 1 Visual Basic script execution to gather local computer information 1620de42-160a-4fe5-bbaf-d3fef0181ce9 powershell
atomics/Indexes/Indexes-CSV/linux-index.csv
+3 -3
View File
@@ -15,7 +15,7 @@ privilege-escalation,T1548.003,Sudo and Sudo Caching,1,Sudo usage,150c3a08-ee6e-
privilege-escalation,T1548.003,Sudo and Sudo Caching,2,Unlimited sudo cache timeout,a7b17659-dd5e-46f7-b7d1-e6792c91d0bc,sh
privilege-escalation,T1548.003,Sudo and Sudo Caching,3,Disable tty_tickets for sudo caching,91a60b03-fb75-4d24-a42e-2eb8956e8de1,sh
privilege-escalation,T1543.002,Systemd Service,1,Create Systemd Service,d9e4f24f-aa67-4c6e-bcbf-85622b697a7c,bash
privilege-escalation,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,42d33451-0a3c-4292-b753-9dbdcd67a0d3,bash
privilege-escalation,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,f4983098-bb13-44fb-9b2c-46149961807b,bash
privilege-escalation,T1546.005,Trap,1,Trap,a74b2e07-5952-4c03-8b56-56274b076b61,sh
persistence,T1546.004,.bash_profile and .bashrc,1,Add command to .bash_profile,94500ae1-7e31-47e3-886b-c328da46872f,sh
persistence,T1546.004,.bash_profile and .bashrc,2,Add command to .bashrc,0a898315-4cfa-4007-bafe-33a4646d115f,sh
@@ -33,7 +33,7 @@ persistence,T1136.001,Local Account,1,Create a user account on a Linux system,40
persistence,T1136.001,Local Account,5,Create a new user in Linux with `root` UID and GID.,a1040a30-d28b-4eda-bd99-bb2861a4616c,bash
persistence,T1098.004,SSH Authorized Keys,1,Modify SSH Authorized Keys,342cc723-127c-4d3a-8292-9c0c6b4ecadc,bash
persistence,T1543.002,Systemd Service,1,Create Systemd Service,d9e4f24f-aa67-4c6e-bcbf-85622b697a7c,bash
persistence,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,42d33451-0a3c-4292-b753-9dbdcd67a0d3,bash
persistence,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,f4983098-bb13-44fb-9b2c-46149961807b,bash
persistence,T1546.005,Trap,1,Trap,a74b2e07-5952-4c03-8b56-56274b076b61,sh
credential-access,T1003.008,/etc/passwd and /etc/shadow,1,Access /etc/shadow (Local),3723ab77-c546-403c-8fb4-bb577033b235,bash
credential-access,T1003.008,/etc/passwd and /etc/shadow,2,Access /etc/passwd (Local),60e860b6-8ae6-49db-ad07-5e73edd88f5d,sh
@@ -160,7 +160,7 @@ execution,T1053.001,At (Linux),1,At - Schedule a job,7266d898-ac82-4ec0-97c7-436
execution,T1053.003,Cron,1,Cron - Replace crontab with referenced file,435057fb-74b1-410e-9403-d81baf194f75,bash
execution,T1053.003,Cron,2,Cron - Add script to all cron subfolders,b7d42afa-9086-4c8a-b7b0-8ea3faa6ebb0,bash
execution,T1053.003,Cron,3,Cron - Add script to /var/spool/cron/crontabs/ folder,2d943c18-e74a-44bf-936f-25ade6cccab4,bash
execution,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,42d33451-0a3c-4292-b753-9dbdcd67a0d3,bash
execution,T1053.006,Systemd Timers,1,Create Systemd Service and Timer,f4983098-bb13-44fb-9b2c-46149961807b,bash
execution,T1059.004,Unix Shell,1,Create and Execute Bash Shell Script,7e7ac3ed-f795-4fa5-b711-09d6fbe9b873,sh
execution,T1059.004,Unix Shell,2,Command-Line Interface,d0c88567-803d-4dca-99b4-7ce65e7b257c,sh
exfiltration,T1030,Data Transfer Size Limits,1,Data Transfer Size Limits,ab936c51-10f4-46ce-9144-e02137b2016a,sh
1 Tactic Technique # Technique Name Test # Test Name Test GUID Executor Name
15 privilege-escalation T1548.003 Sudo and Sudo Caching 2 Unlimited sudo cache timeout a7b17659-dd5e-46f7-b7d1-e6792c91d0bc sh
16 privilege-escalation T1548.003 Sudo and Sudo Caching 3 Disable tty_tickets for sudo caching 91a60b03-fb75-4d24-a42e-2eb8956e8de1 sh
17 privilege-escalation T1543.002 Systemd Service 1 Create Systemd Service d9e4f24f-aa67-4c6e-bcbf-85622b697a7c bash
18 privilege-escalation T1053.006 Systemd Timers 1 Create Systemd Service and Timer 42d33451-0a3c-4292-b753-9dbdcd67a0d3 f4983098-bb13-44fb-9b2c-46149961807b bash
19 privilege-escalation T1546.005 Trap 1 Trap a74b2e07-5952-4c03-8b56-56274b076b61 sh
20 persistence T1546.004 .bash_profile and .bashrc 1 Add command to .bash_profile 94500ae1-7e31-47e3-886b-c328da46872f sh
21 persistence T1546.004 .bash_profile and .bashrc 2 Add command to .bashrc 0a898315-4cfa-4007-bafe-33a4646d115f sh
33 persistence T1136.001 Local Account 5 Create a new user in Linux with `root` UID and GID. a1040a30-d28b-4eda-bd99-bb2861a4616c bash
34 persistence T1098.004 SSH Authorized Keys 1 Modify SSH Authorized Keys 342cc723-127c-4d3a-8292-9c0c6b4ecadc bash
35 persistence T1543.002 Systemd Service 1 Create Systemd Service d9e4f24f-aa67-4c6e-bcbf-85622b697a7c bash
36 persistence T1053.006 Systemd Timers 1 Create Systemd Service and Timer 42d33451-0a3c-4292-b753-9dbdcd67a0d3 f4983098-bb13-44fb-9b2c-46149961807b bash
37 persistence T1546.005 Trap 1 Trap a74b2e07-5952-4c03-8b56-56274b076b61 sh
38 credential-access T1003.008 /etc/passwd and /etc/shadow 1 Access /etc/shadow (Local) 3723ab77-c546-403c-8fb4-bb577033b235 bash
39 credential-access T1003.008 /etc/passwd and /etc/shadow 2 Access /etc/passwd (Local) 60e860b6-8ae6-49db-ad07-5e73edd88f5d sh
160 execution T1053.003 Cron 1 Cron - Replace crontab with referenced file 435057fb-74b1-410e-9403-d81baf194f75 bash
161 execution T1053.003 Cron 2 Cron - Add script to all cron subfolders b7d42afa-9086-4c8a-b7b0-8ea3faa6ebb0 bash
162 execution T1053.003 Cron 3 Cron - Add script to /var/spool/cron/crontabs/ folder 2d943c18-e74a-44bf-936f-25ade6cccab4 bash
163 execution T1053.006 Systemd Timers 1 Create Systemd Service and Timer 42d33451-0a3c-4292-b753-9dbdcd67a0d3 f4983098-bb13-44fb-9b2c-46149961807b bash
164 execution T1059.004 Unix Shell 1 Create and Execute Bash Shell Script 7e7ac3ed-f795-4fa5-b711-09d6fbe9b873 sh
165 execution T1059.004 Unix Shell 2 Command-Line Interface d0c88567-803d-4dca-99b4-7ce65e7b257c sh
166 exfiltration T1030 Data Transfer Size Limits 1 Data Transfer Size Limits ab936c51-10f4-46ce-9144-e02137b2016a sh
atomics/Indexes/index.yaml
+3 -3
View File
@@ -7828,7 +7828,7 @@ privilege-escalation:
identifier: T1053.006
atomic_tests:
- name: Create Systemd Service and Timer
auto_generated_guid: 42d33451-0a3c-4292-b753-9dbdcd67a0d3
auto_generated_guid: f4983098-bb13-44fb-9b2c-46149961807b
description: "This test creates Systemd service and timer then starts and enables
the Systemd timer \n"
supported_platforms:
@@ -16911,7 +16911,7 @@ persistence:
identifier: T1053.006
atomic_tests:
- name: Create Systemd Service and Timer
auto_generated_guid: 42d33451-0a3c-4292-b753-9dbdcd67a0d3
auto_generated_guid: f4983098-bb13-44fb-9b2c-46149961807b
description: "This test creates Systemd service and timer then starts and enables
the Systemd timer \n"
supported_platforms:
@@ -55292,7 +55292,7 @@ execution:
identifier: T1053.006
atomic_tests:
- name: Create Systemd Service and Timer
auto_generated_guid: 42d33451-0a3c-4292-b753-9dbdcd67a0d3
auto_generated_guid: f4983098-bb13-44fb-9b2c-46149961807b
description: "This test creates Systemd service and timer then starts and enables
the Systemd timer \n"
supported_platforms: