From dd87338bc01e78a08135af5c95757b5e10973e56 Mon Sep 17 00:00:00 2001 From: Atomic Red Team GUID generator Date: Wed, 6 Mar 2024 19:35:14 +0000 Subject: [PATCH] Generate GUIDs from job=generate-docs branch=master [skip ci] --- atomics/T1562.003/T1562.003.yaml | 2 ++ atomics/used_guids.txt | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/atomics/T1562.003/T1562.003.yaml b/atomics/T1562.003/T1562.003.yaml index c126c63d..3526c46a 100644 --- a/atomics/T1562.003/T1562.003.yaml +++ b/atomics/T1562.003/T1562.003.yaml @@ -206,6 +206,7 @@ atomic_tests: unset HISTIGNORE - name: Disable Windows Command Line Auditing using reg.exe + auto_generated_guid: 1329d5ab-e10e-4e5e-93d1-4d907eb656e5 description: | In Windows operating systems, command line auditing is controlled through the following registry value: @@ -235,6 +236,7 @@ atomic_tests: echo Commencing Cleanup - Restoring Registry Value reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Audit /v ProcessCreationIncludeCmdLine_Enabled /t REG_DWORD /d 1 /f - name: Disable Windows Command Line Auditing using Powershell Cmdlet + auto_generated_guid: 95f5c72f-6dfe-45f3-a8c1-d8faa07176fa description: | In Windows operating systems, command line auditing is controlled through the following registry value: diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt index 379d7507..456cece3 100644 --- a/atomics/used_guids.txt +++ b/atomics/used_guids.txt @@ -1577,3 +1577,7 @@ a9b93f17-31cb-435d-a462-5e838a2a6026 424e18fd-48b8-4201-8d3a-bf591523a686 f095e373-b936-4eb4-8d22-f47ccbfbe64a b8a49f03-e3c4-40f2-b7bb-9e8f8fdddbf1 +c7921449-8b62-4c4d-8a83-d9281ac0190b +04bb8e3d-1670-46ab-a3f1-5cee64da29b6 +1329d5ab-e10e-4e5e-93d1-4d907eb656e5 +95f5c72f-6dfe-45f3-a8c1-d8faa07176fa