From a68b2cfabef469f53194d99ba6c5ff506558efd6 Mon Sep 17 00:00:00 2001 From: Atomic Red Team GUID generator Date: Tue, 12 Sep 2023 02:52:08 +0000 Subject: [PATCH] Generate GUIDs from job=generate-docs branch=master [skip ci] --- atomics/T1021.005/T1021.005.yaml | 1 + atomics/T1055/T1055.yaml | 1 + atomics/used_guids.txt | 3 +++ 3 files changed, 5 insertions(+) diff --git a/atomics/T1021.005/T1021.005.yaml b/atomics/T1021.005/T1021.005.yaml index af1789dc..429016a8 100644 --- a/atomics/T1021.005/T1021.005.yaml +++ b/atomics/T1021.005/T1021.005.yaml @@ -2,6 +2,7 @@ attack_technique: T1021.005 display_name: 'Remote Services:VNC' atomic_tests: - name: Enable Apple Remote Desktop Agent + auto_generated_guid: 8a930abe-841c-4d4f-a877-72e9fe90b9ea description: | ARD leverages a blend of protocols, including VNC to send the screen and control buffers and SSH for secure file transfer. Adversaries can abuse ARD to gain remote code execution and perform lateral movement. diff --git a/atomics/T1055/T1055.yaml b/atomics/T1055/T1055.yaml index 8969399e..1b6a783a 100644 --- a/atomics/T1055/T1055.yaml +++ b/atomics/T1055/T1055.yaml @@ -111,6 +111,7 @@ atomic_tests: cleanup_command: Stop-Process $notepad.pid name: powershell - name: Dirty Vanity process Injection + auto_generated_guid: 49543237-25db-497b-90df-d0a0a6e8fe2c description: | This test used the Windows undocumented remote-fork API RtlCreateProcessReflection to create a cloned process of the parent process with shellcode written in its memory. The shellcode is executed after being forked to the child process. The technique was first presented at diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt index 9fa038b1..518fb9f8 100644 --- a/atomics/used_guids.txt +++ b/atomics/used_guids.txt @@ -1383,3 +1383,6 @@ b1eeb683-90bb-4365-bbc2-2689015782fe 01d1c6c0-faf0-408e-b368-752a02285cb2 4060ee98-01ae-4c8e-8aad-af8300519cc7 3e6791e7-232c-481c-a680-a52f86b83fdf +8a930abe-841c-4d4f-a877-72e9fe90b9ea +49543237-25db-497b-90df-d0a0a6e8fe2c +14f3af20-61f1-45b8-ad31-4637815f3f44