Generated docs from job=generate-docs branch=master [ci skip]
This commit is contained in:
Atomic Red Team doc generator
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@@ -1304,6 +1304,7 @@ discovery,T1018,Remote System Discovery,16,Enumerate Active Directory Computers
|
||||
discovery,T1018,Remote System Discovery,17,Enumerate Active Directory Computers with ADSISearcher,64ede6ac-b57a-41c2-a7d1-32c6cd35397d,powershell
|
||||
discovery,T1018,Remote System Discovery,18,Get-DomainController with PowerView,b9d2e8ca-5520-4737-8076-4f08913da2c4,powershell
|
||||
discovery,T1018,Remote System Discovery,19,Get-wmiobject to Enumerate Domain Controllers,e3cf5123-f6c9-4375-bdf2-1bb3ba43a1ad,powershell
|
||||
discovery,T1018,Remote System Discovery,20,Remote System Discovery - net group Domain Controller,5843529a-5056-4bc1-9c13-a311e2af4ca0,command_prompt
|
||||
discovery,T1046,Network Service Scanning,1,Port Scan,68e907da-2539-48f6-9fc9-257a78c05540,bash
|
||||
discovery,T1046,Network Service Scanning,2,Port Scan Nmap,515942b0-a09f-4163-a7bb-22fefb6f185f,sh
|
||||
discovery,T1046,Network Service Scanning,3,Port Scan NMap for Windows,d696a3cb-d7a8-4976-8eb5-5af4abf2e3df,powershell
|
||||
|
||||
|
@@ -938,6 +938,7 @@ discovery,T1018,Remote System Discovery,16,Enumerate Active Directory Computers
|
||||
discovery,T1018,Remote System Discovery,17,Enumerate Active Directory Computers with ADSISearcher,64ede6ac-b57a-41c2-a7d1-32c6cd35397d,powershell
|
||||
discovery,T1018,Remote System Discovery,18,Get-DomainController with PowerView,b9d2e8ca-5520-4737-8076-4f08913da2c4,powershell
|
||||
discovery,T1018,Remote System Discovery,19,Get-wmiobject to Enumerate Domain Controllers,e3cf5123-f6c9-4375-bdf2-1bb3ba43a1ad,powershell
|
||||
discovery,T1018,Remote System Discovery,20,Remote System Discovery - net group Domain Controller,5843529a-5056-4bc1-9c13-a311e2af4ca0,command_prompt
|
||||
discovery,T1046,Network Service Scanning,3,Port Scan NMap for Windows,d696a3cb-d7a8-4976-8eb5-5af4abf2e3df,powershell
|
||||
discovery,T1046,Network Service Scanning,4,Port Scan using python,6ca45b04-9f15-4424-b9d3-84a217285a5c,powershell
|
||||
discovery,T1046,Network Service Scanning,5,WinPwn - spoolvulnscan,54574908-f1de-4356-9021-8053dd57439a,powershell
|
||||
|
||||
|
@@ -2058,6 +2058,7 @@
|
||||
- Atomic Test #17: Enumerate Active Directory Computers with ADSISearcher [windows]
|
||||
- Atomic Test #18: Get-DomainController with PowerView [windows]
|
||||
- Atomic Test #19: Get-wmiobject to Enumerate Domain Controllers [windows]
|
||||
- Atomic Test #20: Remote System Discovery - net group Domain Controller [windows]
|
||||
- [T1046 Network Service Scanning](../../T1046/T1046.md)
|
||||
- Atomic Test #1: Port Scan [linux, macos]
|
||||
- Atomic Test #2: Port Scan Nmap [linux, macos]
|
||||
|
||||
@@ -1503,6 +1503,7 @@
|
||||
- Atomic Test #17: Enumerate Active Directory Computers with ADSISearcher [windows]
|
||||
- Atomic Test #18: Get-DomainController with PowerView [windows]
|
||||
- Atomic Test #19: Get-wmiobject to Enumerate Domain Controllers [windows]
|
||||
- Atomic Test #20: Remote System Discovery - net group Domain Controller [windows]
|
||||
- [T1046 Network Service Scanning](../../T1046/T1046.md)
|
||||
- Atomic Test #3: Port Scan NMap for Windows [windows]
|
||||
- Atomic Test #4: Port Scan using python [windows]
|
||||
|
||||
@@ -89030,6 +89030,18 @@ discovery:
|
||||
command: 'get-wmiobject -class ds_computer -namespace root\directory\ldap
|
||||
|
||||
'
|
||||
- name: Remote System Discovery - net group Domain Controller
|
||||
auto_generated_guid: 5843529a-5056-4bc1-9c13-a311e2af4ca0
|
||||
description: |
|
||||
Identify remote systems with net.exe querying the Active Directory Domain Controller.
|
||||
Upon successful execution, cmd.exe will execute cmd.exe against Active Directory to list the "Domain Controller" in the domain. Output will be via stdout.
|
||||
supported_platforms:
|
||||
- windows
|
||||
executor:
|
||||
command: 'net group /domain "Domain controllers"
|
||||
|
||||
'
|
||||
name: command_prompt
|
||||
T1046:
|
||||
technique:
|
||||
x_mitre_platforms:
|
||||
|
||||
@@ -47,6 +47,8 @@ Adversaries may also target discovery of network infrastructure as well as lever
|
||||
|
||||
- [Atomic Test #19 - Get-wmiobject to Enumerate Domain Controllers](#atomic-test-19---get-wmiobject-to-enumerate-domain-controllers)
|
||||
|
||||
- [Atomic Test #20 - Remote System Discovery - net group Domain Controller](#atomic-test-20---remote-system-discovery---net-group-domain-controller)
|
||||
|
||||
|
||||
<br/>
|
||||
|
||||
@@ -771,4 +773,33 @@ get-wmiobject -class ds_computer -namespace root\directory\ldap
|
||||
|
||||
|
||||
|
||||
<br/>
|
||||
<br/>
|
||||
|
||||
## Atomic Test #20 - Remote System Discovery - net group Domain Controller
|
||||
Identify remote systems with net.exe querying the Active Directory Domain Controller.
|
||||
Upon successful execution, cmd.exe will execute cmd.exe against Active Directory to list the "Domain Controller" in the domain. Output will be via stdout.
|
||||
|
||||
**Supported Platforms:** Windows
|
||||
|
||||
|
||||
**auto_generated_guid:** 5843529a-5056-4bc1-9c13-a311e2af4ca0
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Attack Commands: Run with `command_prompt`!
|
||||
|
||||
|
||||
```cmd
|
||||
net group /domain "Domain controllers"
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<br/>
|
||||
|
||||
Reference in New Issue
Block a user