security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,508 Commits 47 Branches 0 Tags
AutoSUID_linux
Commit Graph

26 Commits

Author SHA1 Message Date
CircleCI Atomic Red Team doc generator 8985aaf0f0 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-12-09 18:42:48 +00:00
Carrie Roberts 5bb5878e62 Cleaning up the Cleanup commands (#1685) 
* cleanup fixes

* cleanup fixes

* cleanup fixes
 2021-12-09 11:42:14 -07:00
CircleCI Atomic Red Team doc generator 6e4cbb9e85 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-08-09 16:07:26 +00:00
CircleCI Atomic Red Team GUID generator bb1885e040 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-08-09 16:07:19 +00:00
Brandon Morgan ddeb15ae41 Update T1003.002.yaml (#1595) 
Added test 6 to dump hives with System.IO.File.  Also tweaked test 5 so that the hive could be selected by the user, same as in test 6
 2021-08-09 10:07:00 -06:00
CircleCI Atomic Red Team doc generator 8d84482954 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-08-07 18:14:40 +00:00
CircleCI Atomic Red Team GUID generator 38cd41e80e Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-08-07 18:14:36 +00:00
Brandon Morgan bd5ae3ad84 dump shadow hive w/ certutil (#1594) 2021-08-07 12:14:14 -06:00
CircleCI Atomic Red Team doc generator 36d49de4c8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 17:04:33 +00:00
CircleCI Atomic Red Team doc generator 575b36a8e6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 15:16:54 +00:00
CircleCI Atomic Red Team doc generator 6a570c2a46 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-18 14:52:23 +00:00
tjgeorgen 7d494dcbce Fix file path for PowerDump Import (#1466) 
seemed to download the module to $Env:Temp then run from .\, so I changed both to $Env:Temp
 2021-05-18 08:51:47 -06:00
CircleCI Atomic Red Team doc generator 73bdd9c307 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-02-11 15:59:48 +00:00
Brandon Morgan 81f2b097b5 prereq fixes (#1388) 
prereq fixes

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-02-11 08:59:22 -07:00
CircleCI Atomic Red Team doc generator 57ba7350b8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-01-22 16:30:47 +00:00
MrOrOneEquals1 22c65f4acd Fix to Cleanup Command for T1003.002 Test Number 3 (#1374) 2021-01-22 09:30:13 -07:00
Carrie Roberts 9e4b0e36d2 move cleanup to cleanup command (#1258) 
* move cleanup to cleanup command

* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-11

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-10-24 08:15:20 -06:00
CircleCI Atomic Red Team doc generator 910a2a764a Generate docs from job=validate_atomics_generate_docs branch=master 2020-09-29 13:53:28 +00:00
CircleCI Atomic Red Team doc generator b69f27c2b3 Generate docs from job=validate_atomics_generate_docs branch=master 2020-09-03 21:49:12 +00:00
kpsmiley23 730a62b977 Update T1003.002.yaml (#1212) 
Request raw Invoke-PowerDump.ps1 instead of repository page
 2020-09-03 15:48:52 -06:00
CircleCI Atomic Red Team doc generator 19b5ee9ee4 Generate docs from job=validate_atomics_generate_docs branch=master 2020-08-16 02:31:44 +00:00
Jesse Moore f4d059dbbc Update T1003.002.yaml for PowerDump (#1196) 
* Update T1003.002.yaml for PowerDump

Added PowerDump to parse SAM and SYSTEM for usernames and Hash

* Add fixes

Updated with fixes.
Its not erroring with Multiple cleanup
Removed preReqs, don't need them
Removed SAM and SYSTEM file dep... PowerDump can just Dump Registry for Hashes and Usernames

* Getting permanent links to file

Added permanent link to PowerDump in BC-SECURITY Github

* updated description

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-08-15 20:31:19 -06:00
CircleCI Atomic Red Team doc generator 5d59fdbce1 Generate docs from job=validate_atomics_generate_docs branch=master 2020-07-17 15:13:28 +00:00
Brandon Morgan 6b04e9421e Update T1003.002.yaml (#1135) 
initial esentutl-copy-sam commit
 2020-07-17 09:12:47 -06:00
CircleCI Atomic Red Team doc generator 8a82e9b66a Generate docs from job=validate_atomics_generate_docs branch=master 2020-06-18 01:57:35 +00:00
Carrie Roberts 24549e3866 Convert to Mitre ATT&CK sub-technique schema (#1056) 
* Initial transfer of atomics to MITRE subtechniques

* Add GUIDs back in, attack_technique to string (#1019)

* technique to string and add guids back in

* technique to string and add guids back in

* technique to string and add guids back in

* technique to string and add guids back in

* Subtechnique transfer T1220-T1546.005 (#1020)

* Create T1222.001.yaml

* Create T1222.002.yaml

* Create T1505.002.yaml

* Update T1543.003.yaml

* Update AtomicService.cs

* Update T1546.005.yaml

* Delete T1222.yaml

* Update T1482.yaml

* Update T1485.yaml

* Update T1220.yaml

* Update T1489.yaml

* Update T1490.yaml

* Update T1496.yaml

* Update T1505.003.yaml

* Update T1505.yaml

* Update T1518.001.yaml

* Update T1518.yaml

* Update T1529.yaml

* Update T1543.004.yaml

* Update T1546.001.yaml

* Update T1546.002.yaml

* Update T1546.002.yaml

* Update T1546.001.yaml

* Update T1543.004.yaml

* Update T1543.002.yaml

* Update T1543.001.yaml

* Update T1518.001.yaml

* Update T1546.004.yaml

* Update T1546.003.yaml

* Update T1531.yaml

* Update T1222.001.yaml

* Update T1222.002.yaml

* Update T1505.002.yaml

* Update T1505.003.yaml

* Update T1518.001.yaml

* Update T1543.001.yaml

* Update T1546.005.yaml

* Update T1546.004.yaml

* Update T1546.003.yaml

* Update T1546.002.yaml

* Update T1546.001.yaml

* Update T1543.004.yaml

* Update T1543.003.yaml

* Update T1543.002.yaml

* added auto_generated_guid 1220

* added T1222.001 auto_generated_guid

* Update T1222.002.yaml

added   auto_generated_guid entries

* Update T1482.yaml

  auto_generated_guid added

* Update T1485.yaml

added   auto_generated_guids

* Update T1489.yaml

added   auto_generated_guids

* Update T1490.yaml

added   auto_generated_guids

* Update T1496.yaml

added   auto_generated_guid

* Update T1505.002.yaml

added   auto_generated_guid from old T1505 same atomic

* Update T1505.003.yaml

added  auto_generated_guid from previous atomic 1100

* Delete T1505.yaml

no longer needed, moved to 1505.002

* Update T1518.yaml

added  auto_generated_guids

* Update T1529.yaml

added   auto_generated_guids

* Update T1531.yaml

added   auto_generated_guids

* Update T1543.001.yaml

added   auto_generated_guid

* Update T1543.002.yaml

added   auto_generated_guid

* Update T1543.004.yaml

added   auto_generated_guid

* Update T1546.001.yaml

added   auto_generated_guid

* Update T1546.002.yaml

added   auto_generated_guid

* Update T1546.003.yaml

* Update T1546.004.yaml

added  auto_generated_guid

* Update T1546.005.yaml

added  auto_generated_guid

* add guids back in

* fix spacing issue

* fix spacing

* fix spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>

* Sub-techniques T1053-T1113 - Updates (#1022)

* Sub-techniques T1053-T1113 - Updates

Updated techniques for sub-techniques.

* minor fixes

format fixing

* Added GUIDs

- Added GUIDs back
- Fixed typo (T1054)
- Fixed attack_technique from an array to a string

* Sub-technique updates T1546.008 through T1574.011 (#1024)

* sub technique updates

* sub technique updates

* sub technique updates

* Carrie updates (#1017)

* updated T1110,12,13

* updated T1114

* updated T1114

* updated T1115

* updated T1119

* updated T1123,24

* updated T1127

* updated T1114

* updated T1127

* updated T1132

* T1134.004

* T1134.004

* updated T1135

* updated T1136

* updated T1137

* updated T1140

* remove depracted T1153

* updated T1176

* updated T1197

* updated T1201

* updated T1202

* updated T1204

* updated T1207

* updated T1216

* updated T1204

* updated T1217

* updated T1218

* updated T1218

* updated T1219

* updated T1218

* attack_technique to string

* Subtechnique transfer (#1025)

* T1003 review

* T1005 manual review changes

* T1027.002 sub-technique review

* T1027.004 sub-technique review

* T1036 sub-technique review

* T1037 sub-technique review

* T1048 sub-technique review

* YAML bugfixes

* Adding auto-generated GUIDs back to tests

* merging with Mike's PR

* Merging with Carrie's PR

* fix spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>

* Subtechnique fix (#1026)

* add atomic_tests: element

* add atomic_tests: element

* more fixes

* more fixes

* more fixes

* sub technique minor fixes 1 (#1027)

* fixes

* fixes

* more fixes

* more fixes

* display name fix (#1028)

* remove some deprecated stuff. reorganize a little (#1031)

* Gendocs fix (#1033)

* gendocs updates for subtechniques

* add folders

* ignore auto generated markdown files

* remove tmp files

* add tmp files

* Generate docs from job=validate_atomics_generate_docs branch=subtechnique_transfer

* navigator layer v3.0

* Generate docs from job=validate_atomics_generate_docs branch=subtechnique_transfer

Co-authored-by: Matt Graeber <60448025+mgraeber-rc@users.noreply.github.com>
Co-authored-by: Tsora-Pop <35981510+Tsora-Pop@users.noreply.github.com>
Co-authored-by: Michael Haag <mike@redcanary.com>
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-06-17 12:55:46 -06:00