security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Generate GUIDs from job=generate-docs branch=master [skip ci]

Browse Source
This commit is contained in:
Atomic Red Team GUID generator
2023-04-13 14:38:20 +00:00
parent e61fd1fae6
commit 5596c1ea8e
2 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/T1562.003/T1562.003.yaml
+5
View File
@@ -36,6 +36,7 @@ atomic_tests:
4. whoami > recon.txt
name: manual
- name: Clear bash history
auto_generated_guid: 878794f7-c511-4199-a950-8c28b3ed8e5b
description: |
An attacker may clear the bash history cache and the history file as their last act before logging off to remove the record of their command line activities.
@@ -57,6 +58,7 @@ atomic_tests:
cleanup_command: |
mv -f $HISTFILE.OLD $HISTFILE
- name: Setting the HISTCONTROL environment variable
auto_generated_guid: 10ab786a-028e-4465-96f6-9e83ca6c5f24
description: |
An attacker may exploit the space before a command (e.g. " ls") or the duplicate command suppression feature in Bash history to prevent their commands from being recorded in the history file or to obscure the order of commands used.
@@ -82,6 +84,7 @@ atomic_tests:
cleanup_command: |
export HISTCONTROL=$(echo $TEST)
- name: Setting the HISTFILESIZE environment variable
auto_generated_guid: 5cafd6c1-2f43-46eb-ac47-a5301ba0a618
description: |
An Adversary may set the bash history files size environment variable (HISTFILESIZE) to zero to prevent the logging of commands to the history file after they log out of the system.
@@ -100,6 +103,7 @@ atomic_tests:
cleanup_command: |
export HISTCONTROL=$(echo $TEST)
- name: Setting the HISTFILE environment variable
auto_generated_guid: b3dacb6c-a9e3-44ec-bf87-38db60c5cad1
description: |
An Adversary may clear, unset or redirect the history environment variable HISTFILE to prevent logging of commands to the history file after they log out of the system.
@@ -118,6 +122,7 @@ atomic_tests:
cleanup_command: |
export HISTFILE=$(echo $TEST)
- name: Setting the HISTIGNORE environment variable
auto_generated_guid: f12acddb-7502-4ce6-a146-5b62c59592f1
description: |
An Adversary may take advantage of the HISTIGNORE environment variable either to ignore particular commands or all commands.
atomics/used_guids.txt
+5
View File
@@ -1292,3 +1292,8 @@ fb4151a2-db33-4f8c-b7f8-78ea8790f961
adae83d3-0df6-45e7-b2c3-575f91584577
e3ad8e83-3089-49ff-817f-e52f8c948090
2db30061-589d-409b-b125-7b473944f9b3
878794f7-c511-4199-a950-8c28b3ed8e5b
10ab786a-028e-4465-96f6-9e83ca6c5f24
5cafd6c1-2f43-46eb-ac47-a5301ba0a618
b3dacb6c-a9e3-44ec-bf87-38db60c5cad1
f12acddb-7502-4ce6-a146-5b62c59592f1