From ef116ab4e0c6b26801e1d3d886ed16a78e2d40db Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team GUID generator <email>
Date: Sat, 8 May 2021 18:02:55 +0000
Subject: [PATCH] Generate GUIDs from job=generate_and_commit_guids_and_docs
 branch=master [skip ci]

---
 atomics/T1059.006/T1059.006.yaml |  3 +++
 atomics/T1486/T1486.yaml         |  4 ++++
 atomics/T1560.002/T1560.002.yaml |  4 ++++
 atomics/used_guids.txt           | 11 +++++++++++
 4 files changed, 22 insertions(+)

diff --git a/atomics/T1059.006/T1059.006.yaml b/atomics/T1059.006/T1059.006.yaml
index a4ac05e3..3c3714ec 100644
--- a/atomics/T1059.006/T1059.006.yaml
+++ b/atomics/T1059.006/T1059.006.yaml
@@ -2,6 +2,7 @@ attack_technique: T1059.006
 display_name: 'Command and Scripting Interpreter: Python'
 atomic_tests: 
   - name: Execute shell script via python's command mode arguement
+    auto_generated_guid: 3a95cdb2-c6ea-4761-b24e-02b71889b8bb
     description: Download and execute shell script and write to file then execute locally using Python -c (command mode)
     supported_platforms: 
       - linux
@@ -37,6 +38,7 @@ atomic_tests:
       cleanup_command: |
         rm #{payload_file_name}  
   - name: 'Execute Python via scripts (Linux)'
+    auto_generated_guid: 6c4d1dcb-33c7-4c36-a8df-c6cfd0408be8
     description: Create Python file (.py) that downloads and executes shell script via executor arguments
     supported_platforms: 
       - linux
@@ -87,6 +89,7 @@ atomic_tests:
       cleanup_command: |
         rm #{python_script_name} #{payload_file_name}  
   - name: 'Execute Python via Python executables (Linux)'
+    auto_generated_guid: 0b44d79b-570a-4b27-a31f-3bf2156e5eaa
     description: |
       Create Python file (.py) then compile to binary (.pyc) that downloads an external malicious script then executes locally using the supplied executor and arguments
     supported_platforms: 
diff --git a/atomics/T1486/T1486.yaml b/atomics/T1486/T1486.yaml
index 248168a8..44f8222c 100644
--- a/atomics/T1486/T1486.yaml
+++ b/atomics/T1486/T1486.yaml
@@ -3,6 +3,7 @@ display_name: Data Encrypted for Impact
 
 atomic_tests:
 - name: Encrypt files using gpg (Linux)
+  auto_generated_guid: 7b8ce084-3922-4618-8d22-95f996173765
   description: |
     Uses gpg to encrypt a file
   supported_platforms:
@@ -41,6 +42,7 @@ atomic_tests:
 
 
 - name: Encrypt files using 7z (Linux)
+  auto_generated_guid: 53e6735a-4727-44cc-b35b-237682a151ad
   description: |
     Uses 7z to encrypt a file
   supported_platforms:
@@ -76,6 +78,7 @@ atomic_tests:
 
 
 - name: Encrypt files using ccrypt (Linux)
+  auto_generated_guid: 08cbf59f-85da-4369-a5f4-049cffd7709f
   description: |
       Attempts to encrypt data on target systems as root to simulate an inturruption authentication to target system. If root permissions are not available then attempts to encrypt data within user's home directory.
   supported_platforms:
@@ -116,6 +119,7 @@ atomic_tests:
 
 
 - name: Encrypt files using openssl (Linux)
+  auto_generated_guid: 142752dc-ca71-443b-9359-cf6f497315f1
   description: |
     Uses openssl to encrypt a file
   supported_platforms:
diff --git a/atomics/T1560.002/T1560.002.yaml b/atomics/T1560.002/T1560.002.yaml
index 919f1fae..aa431d33 100644
--- a/atomics/T1560.002/T1560.002.yaml
+++ b/atomics/T1560.002/T1560.002.yaml
@@ -3,6 +3,7 @@ display_name: 'Archive Collected Data: Archive via Library'
 
 atomic_tests:
 - name: Compressing data using GZip in Python (Linux)
+  auto_generated_guid: 391f5298-b12d-4636-8482-35d9c17d53a8
   description: |
     Uses GZip from Python to compress files
   supported_platforms:
@@ -31,6 +32,7 @@ atomic_tests:
     cleanup_command: |
       rm #{path_to_output_file}
 - name: Compressing data using bz2 in Python (Linux)
+  auto_generated_guid: c75612b2-9de0-4d7c-879c-10d7b077072d
   description: |
     Uses bz2 from Python to compress files
   supported_platforms:
@@ -59,6 +61,7 @@ atomic_tests:
     cleanup_command: |
       rm #{path_to_output_file}
 - name: Compressing data using zipfile in Python (Linux)
+  auto_generated_guid: 001a042b-859f-44d9-bf81-fd1c4e2200b0
   description: |
     Uses zipfile from Python to compress files
   supported_platforms:
@@ -87,6 +90,7 @@ atomic_tests:
     cleanup_command: |
       rm #{path_to_output_file}
 - name: Compressing data using tarfile in Python (Linux)
+  auto_generated_guid: e86f1b4b-fcc1-4a2a-ae10-b49da01458db
   description: |
     Uses tarfile from Python to compress files
   supported_platforms:
diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt
index 6c053da8..21d36646 100644
--- a/atomics/used_guids.txt
+++ b/atomics/used_guids.txt
@@ -679,3 +679,14 @@ d34ef297-f178-4462-871e-9ce618d44e50
 ff1d8c25-2aa4-4f18-a425-fede4a41ee88
 30558d53-9d76-41c4-9267-a7bd5184bed36ca45b04-9f15-4424-b9d3-84a217285a5c
 e16b3b75-dc9e-4cde-a23d-dfa2d0507b3b
+3a95cdb2-c6ea-4761-b24e-02b71889b8bb
+6c4d1dcb-33c7-4c36-a8df-c6cfd0408be8
+0b44d79b-570a-4b27-a31f-3bf2156e5eaa
+7b8ce084-3922-4618-8d22-95f996173765
+53e6735a-4727-44cc-b35b-237682a151ad
+08cbf59f-85da-4369-a5f4-049cffd7709f
+142752dc-ca71-443b-9359-cf6f497315f1
+391f5298-b12d-4636-8482-35d9c17d53a8
+c75612b2-9de0-4d7c-879c-10d7b077072d
+001a042b-859f-44d9-bf81-fd1c4e2200b0
+e86f1b4b-fcc1-4a2a-ae10-b49da01458db