Generated docs from job=generate-docs branch=master [ci skip]

atomics/Indexes/Indexes-CSV/index.csv

@@ -822,6 +822,7 @@ execution,T1059.004,Command and Scripting Interpreter: Bash,9,Obfuscated command
 execution,T1059.004,Command and Scripting Interpreter: Bash,10,Change login shell,c7ac59cb-13cc-4622-81dc-6d2fee9bfac7,bash
 execution,T1059.004,Command and Scripting Interpreter: Bash,11,Environment variable scripts,bdaebd56-368b-4970-a523-f905ff4a8a51,bash
 execution,T1059.004,Command and Scripting Interpreter: Bash,12,Detecting pipe-to-shell,fca246a8-a585-4f28-a2df-6495973976a1,bash
+execution,T1059.004,Command and Scripting Interpreter: Bash,13,Current kernel information enumeration,3a53734a-9e26-4f4b-ad15-059e767f5f14,sh
 execution,T1559,Inter-Process Communication,1,Cobalt Strike Artifact Kit pipe,bd13b9fc-b758-496a-b81a-397462f82c72,command_prompt
 execution,T1559,Inter-Process Communication,2,Cobalt Strike Lateral Movement (psexec_psh) pipe,830c8b6c-7a70-4f40-b975-8bbe74558acd,command_prompt
 execution,T1559,Inter-Process Communication,3,Cobalt Strike SSH (postex_ssh) pipe,d1f72fa0-5bc2-4b4b-bd1e-43b6e8cfb2e6,command_prompt

atomics/Indexes/Indexes-CSV/linux-index.csv

@@ -318,6 +318,7 @@ execution,T1059.004,Command and Scripting Interpreter: Bash,9,Obfuscated command
 execution,T1059.004,Command and Scripting Interpreter: Bash,10,Change login shell,c7ac59cb-13cc-4622-81dc-6d2fee9bfac7,bash
 execution,T1059.004,Command and Scripting Interpreter: Bash,11,Environment variable scripts,bdaebd56-368b-4970-a523-f905ff4a8a51,bash
 execution,T1059.004,Command and Scripting Interpreter: Bash,12,Detecting pipe-to-shell,fca246a8-a585-4f28-a2df-6495973976a1,bash
+execution,T1059.004,Command and Scripting Interpreter: Bash,13,Current kernel information enumeration,3a53734a-9e26-4f4b-ad15-059e767f5f14,sh
 execution,T1059.006,Command and Scripting Interpreter: Python,1,Execute shell script via python's command mode arguement,3a95cdb2-c6ea-4761-b24e-02b71889b8bb,sh
 execution,T1059.006,Command and Scripting Interpreter: Python,2,Execute Python via scripts (Linux),6c4d1dcb-33c7-4c36-a8df-c6cfd0408be8,sh
 execution,T1059.006,Command and Scripting Interpreter: Python,3,Execute Python via Python executables (Linux),0b44d79b-570a-4b27-a31f-3bf2156e5eaa,sh

atomics/Indexes/Indexes-Markdown/index.md

@@ -1222,6 +1222,7 @@
   - Atomic Test #10: Change login shell [linux]
   - Atomic Test #11: Environment variable scripts [linux]
   - Atomic Test #12: Detecting pipe-to-shell [linux]
+  - Atomic Test #13: Current kernel information enumeration [linux]
 - [T1559 Inter-Process Communication](../../T1559/T1559.md)
   - Atomic Test #1: Cobalt Strike Artifact Kit pipe [windows]
   - Atomic Test #2: Cobalt Strike Lateral Movement (psexec_psh) pipe [windows]

atomics/Indexes/Indexes-Markdown/linux-index.md

@@ -720,6 +720,7 @@
   - Atomic Test #10: Change login shell [linux]
   - Atomic Test #11: Environment variable scripts [linux]
   - Atomic Test #12: Detecting pipe-to-shell [linux]
+  - Atomic Test #13: Current kernel information enumeration [linux]
 - T1559 Inter-Process Communication [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
 - T1154 Trap [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)
 - T1203 Exploitation for Client Execution [CONTRIBUTE A TEST](https://github.com/redcanaryco/atomic-red-team/wiki/Contributing)

atomics/Indexes/index.yaml

@@ -51960,6 +51960,21 @@ execution:
           |bash\nls -la /tmp/art.txt      \n"
         cleanup_command: 'rm /tmp/art.txt
 
+          '
+    - name: Current kernel information enumeration
+      auto_generated_guid: 3a53734a-9e26-4f4b-ad15-059e767f5f14
+      description: 'An adversary may want to enumerate the kernel information to tailor
+        their attacks for that particular kernel. The following command will enumerate
+        the kernel information.
+
+        '
+      supported_platforms:
+      - linux
+      executor:
+        name: sh
+        elevation_required: false
+        command: 'uname -srm
+
           '
   T1559:
     technique:

atomics/Indexes/linux-index.yaml

@@ -33324,6 +33324,21 @@ execution:
           |bash\nls -la /tmp/art.txt      \n"
         cleanup_command: 'rm /tmp/art.txt
 
+          '
+    - name: Current kernel information enumeration
+      auto_generated_guid: 3a53734a-9e26-4f4b-ad15-059e767f5f14
+      description: 'An adversary may want to enumerate the kernel information to tailor
+        their attacks for that particular kernel. The following command will enumerate
+        the kernel information.
+
+        '
+      supported_platforms:
+      - linux
+      executor:
+        name: sh
+        elevation_required: false
+        command: 'uname -srm
+
           '
   T1559:
     technique:

atomics/T1059.004/T1059.004.md

@@ -32,6 +32,8 @@ Adversaries may abuse Unix shells to execute various commands or payloads. Inter
 
 - [Atomic Test #12 - Detecting pipe-to-shell](#atomic-test-12---detecting-pipe-to-shell)
 
+- [Atomic Test #13 - Current kernel information enumeration](#atomic-test-13---current-kernel-information-enumeration)
+
 
 <br/>
 
@@ -495,4 +497,32 @@ apt update && apt install -y curl
 
 
 
+<br/>
+<br/>
+
+## Atomic Test #13 - Current kernel information enumeration
+An adversary may want to enumerate the kernel information to tailor their attacks for that particular kernel. The following command will enumerate the kernel information.
+
+**Supported Platforms:** Linux
+
+
+**auto_generated_guid:** 3a53734a-9e26-4f4b-ad15-059e767f5f14
+
+
+
+
+
+
+#### Attack Commands: Run with `sh`! 
+
+
+```sh
+uname -srm
+```
+
+
+
+
+
+
 <br/>