From 65510577caa3139f401bbfd2b145b33a4bf892a6 Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team doc generator <email>
Date: Fri, 14 May 2021 11:34:42 +0000
Subject: [PATCH] Generate docs from job=generate_and_commit_guids_and_docs
 branch=master [skip ci]

---
 atomics/Indexes/Indexes-CSV/index.csv         |  3 +-
 atomics/Indexes/Indexes-CSV/linux-index.csv   |  1 +
 atomics/Indexes/Indexes-CSV/macos-index.csv   |  1 +
 atomics/Indexes/Indexes-CSV/windows-index.csv |  2 +-
 atomics/Indexes/Indexes-Markdown/index.md     |  3 +-
 .../Indexes/Indexes-Markdown/linux-index.md   |  1 +
 .../Indexes/Indexes-Markdown/macos-index.md   |  1 +
 .../Indexes/Indexes-Markdown/windows-index.md |  2 +-
 atomics/Indexes/index.yaml                    | 16 +++++++++-
 atomics/T1082/T1082.md                        | 30 +++++++++++++++++--
 10 files changed, 53 insertions(+), 7 deletions(-)

diff --git a/atomics/Indexes/Indexes-CSV/index.csv b/atomics/Indexes/Indexes-CSV/index.csv
index 4b489ac3..8a3b34df 100644
--- a/atomics/Indexes/Indexes-CSV/index.csv
+++ b/atomics/Indexes/Indexes-CSV/index.csv
@@ -693,7 +693,8 @@ discovery,T1082,System Information Discovery,6,Hostname Discovery (Windows),85cf
 discovery,T1082,System Information Discovery,7,Hostname Discovery,486e88ea-4f56-470f-9b57-3f4d73f39133,bash
 discovery,T1082,System Information Discovery,8,Windows MachineGUID Discovery,224b4daf-db44-404e-b6b2-f4d1f0126ef8,command_prompt
 discovery,T1082,System Information Discovery,9,Griffon Recon,69bd4abe-8759-49a6-8d21-0f15822d6370,powershell
-discovery,T1082,System Information Discovery,10,Environment variables discovery,f400d1c0-1804-4ff8-b069-ef5ddd2adbf3,command_prompt
+discovery,T1082,System Information Discovery,10,Environment variables discovery on windows,f400d1c0-1804-4ff8-b069-ef5ddd2adbf3,command_prompt
+discovery,T1082,System Information Discovery,11,Environment variables discovery on macos and linux,fcbdd43f-f4ad-42d5-98f3-0218097e2720,sh
 discovery,T1016,System Network Configuration Discovery,1,System Network Configuration Discovery on Windows,970ab6a1-0157-4f3f-9a73-ec4166754b23,command_prompt
 discovery,T1016,System Network Configuration Discovery,2,List Windows Firewall Rules,038263cb-00f4-4b0a-98ae-0696c67e1752,command_prompt
 discovery,T1016,System Network Configuration Discovery,3,System Network Configuration Discovery,c141bbdb-7fca-4254-9fd6-f47e79447e17,sh
diff --git a/atomics/Indexes/Indexes-CSV/linux-index.csv b/atomics/Indexes/Indexes-CSV/linux-index.csv
index 3702bd27..0f865aa6 100644
--- a/atomics/Indexes/Indexes-CSV/linux-index.csv
+++ b/atomics/Indexes/Indexes-CSV/linux-index.csv
@@ -151,6 +151,7 @@ discovery,T1082,System Information Discovery,3,List OS Information,cccb070c-df86
 discovery,T1082,System Information Discovery,4,Linux VM Check via Hardware,31dad7ad-2286-4c02-ae92-274418c85fec,bash
 discovery,T1082,System Information Discovery,5,Linux VM Check via Kernel Modules,8057d484-0fae-49a4-8302-4812c4f1e64e,bash
 discovery,T1082,System Information Discovery,7,Hostname Discovery,486e88ea-4f56-470f-9b57-3f4d73f39133,bash
+discovery,T1082,System Information Discovery,11,Environment variables discovery on macos and linux,fcbdd43f-f4ad-42d5-98f3-0218097e2720,sh
 discovery,T1016,System Network Configuration Discovery,3,System Network Configuration Discovery,c141bbdb-7fca-4254-9fd6-f47e79447e17,sh
 discovery,T1049,System Network Connections Discovery,3,System Network Connections Discovery Linux & MacOS,9ae28d3f-190f-4fa0-b023-c7bd3e0eabf2,sh
 discovery,T1033,System Owner/User Discovery,2,System Owner/User Discovery,2a9b677d-a230-44f4-ad86-782df1ef108c,sh
diff --git a/atomics/Indexes/Indexes-CSV/macos-index.csv b/atomics/Indexes/Indexes-CSV/macos-index.csv
index 56fc7583..2d4561e6 100644
--- a/atomics/Indexes/Indexes-CSV/macos-index.csv
+++ b/atomics/Indexes/Indexes-CSV/macos-index.csv
@@ -138,6 +138,7 @@ discovery,T1497.001,System Checks,3,Detect Virtualization Environment (MacOS),a9
 discovery,T1082,System Information Discovery,2,System Information Discovery,edff98ec-0f73-4f63-9890-6b117092aff6,sh
 discovery,T1082,System Information Discovery,3,List OS Information,cccb070c-df86-4216-a5bc-9fb60c74e27c,sh
 discovery,T1082,System Information Discovery,7,Hostname Discovery,486e88ea-4f56-470f-9b57-3f4d73f39133,bash
+discovery,T1082,System Information Discovery,11,Environment variables discovery on macos and linux,fcbdd43f-f4ad-42d5-98f3-0218097e2720,sh
 discovery,T1016,System Network Configuration Discovery,3,System Network Configuration Discovery,c141bbdb-7fca-4254-9fd6-f47e79447e17,sh
 discovery,T1016,System Network Configuration Discovery,8,List macOS Firewall Rules,ff1d8c25-2aa4-4f18-a425-fede4a41ee88,bash
 discovery,T1049,System Network Connections Discovery,3,System Network Connections Discovery Linux & MacOS,9ae28d3f-190f-4fa0-b023-c7bd3e0eabf2,sh
diff --git a/atomics/Indexes/Indexes-CSV/windows-index.csv b/atomics/Indexes/Indexes-CSV/windows-index.csv
index 75dc9ae3..2a0d36ac 100644
--- a/atomics/Indexes/Indexes-CSV/windows-index.csv
+++ b/atomics/Indexes/Indexes-CSV/windows-index.csv
@@ -486,7 +486,7 @@ discovery,T1082,System Information Discovery,1,System Information Discovery,6670
 discovery,T1082,System Information Discovery,6,Hostname Discovery (Windows),85cfbf23-4a1e-4342-8792-007e004b975f,command_prompt
 discovery,T1082,System Information Discovery,8,Windows MachineGUID Discovery,224b4daf-db44-404e-b6b2-f4d1f0126ef8,command_prompt
 discovery,T1082,System Information Discovery,9,Griffon Recon,69bd4abe-8759-49a6-8d21-0f15822d6370,powershell
-discovery,T1082,System Information Discovery,10,Environment variables discovery,f400d1c0-1804-4ff8-b069-ef5ddd2adbf3,command_prompt
+discovery,T1082,System Information Discovery,10,Environment variables discovery on windows,f400d1c0-1804-4ff8-b069-ef5ddd2adbf3,command_prompt
 discovery,T1016,System Network Configuration Discovery,1,System Network Configuration Discovery on Windows,970ab6a1-0157-4f3f-9a73-ec4166754b23,command_prompt
 discovery,T1016,System Network Configuration Discovery,2,List Windows Firewall Rules,038263cb-00f4-4b0a-98ae-0696c67e1752,command_prompt
 discovery,T1016,System Network Configuration Discovery,4,System Network Configuration Discovery (TrickBot Style),dafaf052-5508-402d-bf77-51e0700c02e2,command_prompt
diff --git a/atomics/Indexes/Indexes-Markdown/index.md b/atomics/Indexes/Indexes-Markdown/index.md
index 0b3084fa..d9a87458 100644
--- a/atomics/Indexes/Indexes-Markdown/index.md
+++ b/atomics/Indexes/Indexes-Markdown/index.md
@@ -1186,7 +1186,8 @@
   - Atomic Test #7: Hostname Discovery [linux, macos]
   - Atomic Test #8: Windows MachineGUID Discovery [windows]
   - Atomic Test #9: Griffon Recon [windows]
-  - Atomic Test #10: Environment variables discovery [windows]
+  - Atomic Test #10: Environment variables discovery on windows [windows]
+  - Atomic Test #11: Environment variables discovery on macos and linux [macos, linux]
 - [T1016 System Network Configuration Discovery](../../T1016/T1016.md)
   - Atomic Test #1: System Network Configuration Discovery on Windows [windows]
   - Atomic Test #2: List Windows Firewall Rules [windows]
diff --git a/atomics/Indexes/Indexes-Markdown/linux-index.md b/atomics/Indexes/Indexes-Markdown/linux-index.md
index a81cbb20..4df39794 100644
--- a/atomics/Indexes/Indexes-Markdown/linux-index.md
+++ b/atomics/Indexes/Indexes-Markdown/linux-index.md
@@ -432,6 +432,7 @@
   - Atomic Test #4: Linux VM Check via Hardware [linux]
   - Atomic Test #5: Linux VM Check via Kernel Modules [linux]
   - Atomic Test #7: Hostname Discovery [linux, macos]
+  - Atomic Test #11: Environment variables discovery on macos and linux [macos, linux]
 - [T1016 System Network Configuration Discovery](../../T1016/T1016.md)
   - Atomic Test #3: System Network Configuration Discovery [macos, linux]
 - [T1049 System Network Connections Discovery](../../T1049/T1049.md)
diff --git a/atomics/Indexes/Indexes-Markdown/macos-index.md b/atomics/Indexes/Indexes-Markdown/macos-index.md
index 7c66290d..35ba3e08 100644
--- a/atomics/Indexes/Indexes-Markdown/macos-index.md
+++ b/atomics/Indexes/Indexes-Markdown/macos-index.md
@@ -375,6 +375,7 @@
   - Atomic Test #2: System Information Discovery [macos]
   - Atomic Test #3: List OS Information [linux, macos]
   - Atomic Test #7: Hostname Discovery [linux, macos]
+  - Atomic Test #11: Environment variables discovery on macos and linux [macos, linux]
 - [T1016 System Network Configuration Discovery](../../T1016/T1016.md)
   - Atomic Test #3: System Network Configuration Discovery [macos, linux]
   - Atomic Test #8: List macOS Firewall Rules [macos]
diff --git a/atomics/Indexes/Indexes-Markdown/windows-index.md b/atomics/Indexes/Indexes-Markdown/windows-index.md
index 8bb0286f..d2bd5efb 100644
--- a/atomics/Indexes/Indexes-Markdown/windows-index.md
+++ b/atomics/Indexes/Indexes-Markdown/windows-index.md
@@ -870,7 +870,7 @@
   - Atomic Test #6: Hostname Discovery (Windows) [windows]
   - Atomic Test #8: Windows MachineGUID Discovery [windows]
   - Atomic Test #9: Griffon Recon [windows]
-  - Atomic Test #10: Environment variables discovery [windows]
+  - Atomic Test #10: Environment variables discovery on windows [windows]
 - [T1016 System Network Configuration Discovery](../../T1016/T1016.md)
   - Atomic Test #1: System Network Configuration Discovery on Windows [windows]
   - Atomic Test #2: List Windows Firewall Rules [windows]
diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index 235beae6..71ce48ba 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -49069,7 +49069,7 @@ discovery:
         command: 'cscript #{vbscript}'
         name: powershell
         elevation_required: false
-    - name: Environment variables discovery
+    - name: Environment variables discovery on windows
       auto_generated_guid: f400d1c0-1804-4ff8-b069-ef5ddd2adbf3
       description: 'Identify all environment variables. Upon execution, environments
         variables and your path info will be displayed.
@@ -49082,6 +49082,20 @@ discovery:
 
 '
         name: command_prompt
+    - name: Environment variables discovery on macos and linux
+      auto_generated_guid: fcbdd43f-f4ad-42d5-98f3-0218097e2720
+      description: 'Identify all environment variables. Upon execution, environments
+        variables and your path info will be displayed.
+
+'
+      supported_platforms:
+      - macos
+      - linux
+      executor:
+        command: 'env
+
+'
+        name: sh
   T1016:
     technique:
       id: attack-pattern--707399d6-ab3e-4963-9315-d9d3818cd6a0
diff --git a/atomics/T1082/T1082.md b/atomics/T1082/T1082.md
index 69044078..9a0e9550 100644
--- a/atomics/T1082/T1082.md
+++ b/atomics/T1082/T1082.md
@@ -26,7 +26,9 @@ Infrastructure as a Service (IaaS) cloud providers such as AWS, GCP, and Azure a
 
 - [Atomic Test #9 - Griffon Recon](#atomic-test-9---griffon-recon)
 
-- [Atomic Test #10 - Environment variables discovery](#atomic-test-10---environment-variables-discovery)
+- [Atomic Test #10 - Environment variables discovery on windows](#atomic-test-10---environment-variables-discovery-on-windows)
+
+- [Atomic Test #11 - Environment variables discovery on macos and linux](#atomic-test-11---environment-variables-discovery-on-macos-and-linux)
 
 
 <br/>
@@ -282,7 +284,7 @@ cscript #{vbscript}
 <br/>
 <br/>
 
-## Atomic Test #10 - Environment variables discovery
+## Atomic Test #10 - Environment variables discovery on windows
 Identify all environment variables. Upon execution, environments variables and your path info will be displayed.
 
 **Supported Platforms:** Windows
@@ -303,4 +305,28 @@ set
 
 
 
+<br/>
+<br/>
+
+## Atomic Test #11 - Environment variables discovery on macos and linux
+Identify all environment variables. Upon execution, environments variables and your path info will be displayed.
+
+**Supported Platforms:** macOS, Linux
+
+
+
+
+
+#### Attack Commands: Run with `sh`! 
+
+
+```sh
+env
+```
+
+
+
+
+
+
 <br/>