diff --git a/atomics/atomic_doc_template.md.erb b/atomics/atomic_doc_template.md.erb index 1ecc4084..25114214 100644 --- a/atomics/atomic_doc_template.md.erb +++ b/atomics/atomic_doc_template.md.erb @@ -5,7 +5,7 @@ MITRE ATT&CK Technique: [<%= technique['identifier'] %>](https://attack.mitre.or <% atomic_yaml['atomic_tests'].each_with_index do |test, test_number| -%> <% title = "Atomic Test ##{test_number+1} - #{test['name']}" %> -- (<%= title %>)[<%= title.downcase.gsub(/\W/, '-') %>] +- (<%= title %>)[#<%= title.downcase.gsub(/\W/, '-') %>] <% end -%> <% atomic_yaml['atomic_tests'].each_with_index do |test, test_number| -%> diff --git a/atomics/t1046/t1046.md b/atomics/t1046/t1046.md index be92f2b3..cb6e01a9 100644 --- a/atomics/t1046/t1046.md +++ b/atomics/t1046/t1046.md @@ -2,7 +2,7 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - Scan a bunch of ports to see if they are open)[atomic-test--1---scan-a-bunch-of-ports-to-see-if-they-are-open] +- (Atomic Test #1 - Scan a bunch of ports to see if they are open)[#atomic-test--1---scan-a-bunch-of-ports-to-see-if-they-are-open] ## Atomic Test #1 - Scan a bunch of ports to see if they are open xxx diff --git a/atomics/t1087/t1087.md b/atomics/t1087/t1087.md index 4391f40a..59309c3b 100644 --- a/atomics/t1087/t1087.md +++ b/atomics/t1087/t1087.md @@ -2,15 +2,15 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - List all accounts)[atomic-test--1---list-all-accounts] +- (Atomic Test #1 - List all accounts)[#atomic-test--1---list-all-accounts] -- (Atomic Test #2 - View sudoers access)[atomic-test--2---view-sudoers-access] +- (Atomic Test #2 - View sudoers access)[#atomic-test--2---view-sudoers-access] -- (Atomic Test #3 - View accounts with UID 0)[atomic-test--3---view-accounts-with-uid-0] +- (Atomic Test #3 - View accounts with UID 0)[#atomic-test--3---view-accounts-with-uid-0] -- (Atomic Test #4 - List opened files by user)[atomic-test--4---list-opened-files-by-user] +- (Atomic Test #4 - List opened files by user)[#atomic-test--4---list-opened-files-by-user] -- (Atomic Test #5 - Show if a user account has ever logger in remotely)[atomic-test--5---show-if-a-user-account-has-ever-logger-in-remotely] +- (Atomic Test #5 - Show if a user account has ever logger in remotely)[#atomic-test--5---show-if-a-user-account-has-ever-logger-in-remotely] ## Atomic Test #1 - List all accounts xxx diff --git a/atomics/t1089/t1089.md b/atomics/t1089/t1089.md index 8907bc01..b74cee70 100644 --- a/atomics/t1089/t1089.md +++ b/atomics/t1089/t1089.md @@ -2,13 +2,13 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - Disable iptables firewall)[atomic-test--1---disable-iptables-firewall] +- (Atomic Test #1 - Disable iptables firewall)[#atomic-test--1---disable-iptables-firewall] -- (Atomic Test #2 - Disable syslog)[atomic-test--2---disable-syslog] +- (Atomic Test #2 - Disable syslog)[#atomic-test--2---disable-syslog] -- (Atomic Test #3 - Disable Cb Response)[atomic-test--3---disable-cb-response] +- (Atomic Test #3 - Disable Cb Response)[#atomic-test--3---disable-cb-response] -- (Atomic Test #4 - Disable SELinux)[atomic-test--4---disable-selinux] +- (Atomic Test #4 - Disable SELinux)[#atomic-test--4---disable-selinux] ## Atomic Test #1 - Disable iptables firewall Disables the iptables firewall diff --git a/atomics/t1099/t1099.md b/atomics/t1099/t1099.md index 6bac05ed..4d6e24c5 100644 --- a/atomics/t1099/t1099.md +++ b/atomics/t1099/t1099.md @@ -2,11 +2,11 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - Set a file's access timestamp)[atomic-test--1---set-a-file-s-access-timestamp] +- (Atomic Test #1 - Set a file's access timestamp)[#atomic-test--1---set-a-file-s-access-timestamp] -- (Atomic Test #2 - Set a file's modification timestamp)[atomic-test--2---set-a-file-s-modification-timestamp] +- (Atomic Test #2 - Set a file's modification timestamp)[#atomic-test--2---set-a-file-s-modification-timestamp] -- (Atomic Test #3 - Set a file's creation timestamp)[atomic-test--3---set-a-file-s-creation-timestamp] +- (Atomic Test #3 - Set a file's creation timestamp)[#atomic-test--3---set-a-file-s-creation-timestamp] ## Atomic Test #1 - Set a file's access timestamp Stomps on the access timestamp of a file diff --git a/atomics/t1105/t1105.md b/atomics/t1105/t1105.md index 0df4898f..56c38798 100644 --- a/atomics/t1105/t1105.md +++ b/atomics/t1105/t1105.md @@ -2,7 +2,7 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - xxxx)[atomic-test--1---xxxx] +- (Atomic Test #1 - xxxx)[#atomic-test--1---xxxx] ## Atomic Test #1 - xxxx xxxx diff --git a/atomics/t1123/t1123.md b/atomics/t1123/t1123.md index bc594244..9e57fc03 100644 --- a/atomics/t1123/t1123.md +++ b/atomics/t1123/t1123.md @@ -2,9 +2,9 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - SourceRecorder via Windows command prompt)[atomic-test--1---sourcerecorder-via-windows-command-prompt] +- (Atomic Test #1 - SourceRecorder via Windows command prompt)[#atomic-test--1---sourcerecorder-via-windows-command-prompt] -- (Atomic Test #2 - PowerShell Cmdlet via Windows command prompt)[atomic-test--2---powershell-cmdlet-via-windows-command-prompt] +- (Atomic Test #2 - PowerShell Cmdlet via Windows command prompt)[#atomic-test--2---powershell-cmdlet-via-windows-command-prompt] ## Atomic Test #1 - SourceRecorder via Windows command prompt Create a file called test.wma, with the duration of 30 seconds diff --git a/atomics/t1130/t1130.md b/atomics/t1130/t1130.md index 8d494328..ecd3e4c2 100644 --- a/atomics/t1130/t1130.md +++ b/atomics/t1130/t1130.md @@ -2,7 +2,7 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - Install root CA on CentOS/RHEL)[atomic-test--1---install-root-ca-on-centos-rhel] +- (Atomic Test #1 - Install root CA on CentOS/RHEL)[#atomic-test--1---install-root-ca-on-centos-rhel] ## Atomic Test #1 - Install root CA on CentOS/RHEL Creates a root CA with openssl diff --git a/atomics/t1136/t1136.md b/atomics/t1136/t1136.md index a6627de2..2eb9d198 100644 --- a/atomics/t1136/t1136.md +++ b/atomics/t1136/t1136.md @@ -2,9 +2,9 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - Create a user account on a Linux system)[atomic-test--1---create-a-user-account-on-a-linux-system] +- (Atomic Test #1 - Create a user account on a Linux system)[#atomic-test--1---create-a-user-account-on-a-linux-system] -- (Atomic Test #2 - Create a user account on a MacOS system)[atomic-test--2---create-a-user-account-on-a-macos-system] +- (Atomic Test #2 - Create a user account on a MacOS system)[#atomic-test--2---create-a-user-account-on-a-macos-system] ## Atomic Test #1 - Create a user account on a Linux system Create a user via useradd diff --git a/atomics/t1139/t1139.md b/atomics/t1139/t1139.md index ede8d363..879b91ea 100644 --- a/atomics/t1139/t1139.md +++ b/atomics/t1139/t1139.md @@ -2,7 +2,7 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - xxxx)[atomic-test--1---xxxx] +- (Atomic Test #1 - xxxx)[#atomic-test--1---xxxx] ## Atomic Test #1 - xxxx xxxx diff --git a/atomics/t1146/t1146.md b/atomics/t1146/t1146.md index 4f470292..4f37a6e6 100644 --- a/atomics/t1146/t1146.md +++ b/atomics/t1146/t1146.md @@ -2,17 +2,17 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - Clear Bash history (rm))[atomic-test--1---clear-bash-history--rm-] +- (Atomic Test #1 - Clear Bash history (rm))[#atomic-test--1---clear-bash-history--rm-] -- (Atomic Test #2 - Clear Bash history (echo))[atomic-test--2---clear-bash-history--echo-] +- (Atomic Test #2 - Clear Bash history (echo))[#atomic-test--2---clear-bash-history--echo-] -- (Atomic Test #3 - Clear Bash history (cat dev/null))[atomic-test--3---clear-bash-history--cat-dev-null-] +- (Atomic Test #3 - Clear Bash history (cat dev/null))[#atomic-test--3---clear-bash-history--cat-dev-null-] -- (Atomic Test #4 - Clear Bash history (ln dev/null))[atomic-test--4---clear-bash-history--ln-dev-null-] +- (Atomic Test #4 - Clear Bash history (ln dev/null))[#atomic-test--4---clear-bash-history--ln-dev-null-] -- (Atomic Test #5 - Clear Bash history (truncate))[atomic-test--5---clear-bash-history--truncate-] +- (Atomic Test #5 - Clear Bash history (truncate))[#atomic-test--5---clear-bash-history--truncate-] -- (Atomic Test #6 - Clear history of a bunch of shells)[atomic-test--6---clear-history-of-a-bunch-of-shells] +- (Atomic Test #6 - Clear history of a bunch of shells)[#atomic-test--6---clear-history-of-a-bunch-of-shells] ## Atomic Test #1 - Clear Bash history (rm) Clears bash history via rm diff --git a/atomics/t1148/t1148.md b/atomics/t1148/t1148.md index 70e11c59..c701ca31 100644 --- a/atomics/t1148/t1148.md +++ b/atomics/t1148/t1148.md @@ -2,7 +2,7 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - Disable history collection)[atomic-test--1---disable-history-collection] +- (Atomic Test #1 - Disable history collection)[#atomic-test--1---disable-history-collection] ## Atomic Test #1 - Disable history collection Disables history collection in shells diff --git a/atomics/t1158/t1158.md b/atomics/t1158/t1158.md index b492135d..c7f58881 100644 --- a/atomics/t1158/t1158.md +++ b/atomics/t1158/t1158.md @@ -2,7 +2,7 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - Create a hidden file in a hidden directory)[atomic-test--1---create-a-hidden-file-in-a-hidden-directory] +- (Atomic Test #1 - Create a hidden file in a hidden directory)[#atomic-test--1---create-a-hidden-file-in-a-hidden-directory] ## Atomic Test #1 - Create a hidden file in a hidden directory Creates a hidden file inside a hidden directory diff --git a/atomics/t1176/t1176.md b/atomics/t1176/t1176.md index 993e032d..f70e2a79 100644 --- a/atomics/t1176/t1176.md +++ b/atomics/t1176/t1176.md @@ -2,11 +2,11 @@ MITRE ATT&CK Technique: [T1234](https://attack.mitre.org/wiki/Technique/T1234) -- (Atomic Test #1 - Chrome (Developer Mode))[atomic-test--1---chrome--developer-mode-] +- (Atomic Test #1 - Chrome (Developer Mode))[#atomic-test--1---chrome--developer-mode-] -- (Atomic Test #2 - Chrome (Chrome Web Store))[atomic-test--2---chrome--chrome-web-store-] +- (Atomic Test #2 - Chrome (Chrome Web Store))[#atomic-test--2---chrome--chrome-web-store-] -- (Atomic Test #3 - Firefox)[atomic-test--3---firefox] +- (Atomic Test #3 - Firefox)[#atomic-test--3---firefox] ## Atomic Test #1 - Chrome (Developer Mode) xxx