From 7fc8d4760082ee22c49c29b15e8cf0a523c42194 Mon Sep 17 00:00:00 2001
From: Hare Sudhan <code@0x6c.dev>
Date: Thu, 11 Aug 2022 00:40:18 -0500
Subject: [PATCH] T1619 added

---
 atomics/T1619/T1619.yaml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 atomics/T1619/T1619.yaml

diff --git a/atomics/T1619/T1619.yaml b/atomics/T1619/T1619.yaml
new file mode 100644
index 00000000..7451b4f7
--- /dev/null
+++ b/atomics/T1619/T1619.yaml
@@ -0,0 +1,21 @@
+---
+attack_technique: T1619
+display_name: Cloud Storage Object Discovery
+atomic_tests:
+- name: AWS S3 Enumeration
+  description: |
+    This test will enumerate all the S3 buckets in the user account and lists all the files in each bucket. 
+  supported_platforms:
+  - iaas:azure
+  dependencies:
+    - description: |
+        Check if ~/.aws/credentials file has a default stanza is configured
+      prereq_command: |
+        cat ~/.aws/credentials | grep "default"
+      get_prereq_command: |
+        echo Please install the aws-cli and configure your AWS default profile using: aws configure
+  executor:
+    command: |
+      for bucket in "$(aws s3 ls | cut -d " " -f3)"; do aws s3api list-objects-v2 --bucket $bucket --output text; done
+    name: sh
+    elevation_required: false