security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,616 Commits 47 Branches 0 Tags
master
Commit Graph

54 Commits

Author SHA1 Message Date
Atomic Red Team doc generator 9f6a1eab36 Generated docs from job=generate-docs branch=master [ci skip] 2026-02-18 16:55:45 +00:00
Atomic Red Team doc generator 376bf2a64d Generated docs from job=generate-docs branch=master [ci skip] 2026-02-18 16:46:29 +00:00
Atomic Red Team doc generator 5ede8f21e4 Generated docs from job=generate-docs branch=master [ci skip] 2025-02-13 22:03:40 +00:00
Atomic Red Team doc generator d10a13eb17 Generated docs from job=generate-docs branch=master [ci skip] 2025-01-28 05:03:31 +00:00
Hare Sudhan bfdd702717 Remove unused variable (#3040) 2025-01-28 00:02:41 -05:00
Atomic Red Team doc generator 054798feb3 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-05 16:47:58 +00:00
NeuralGlitch 600767fcca Update T1003.002.yaml (#2826) 
new atomic test added

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-05 11:46:48 -05:00
Atomic Red Team doc generator e9b9f2ed7b Generated docs from job=generate-docs branch=master [ci skip] 2024-02-26 15:24:49 +00:00
Jake H edea906548 Implementation of venv into Windows Python atomics (#2703) 
* Improve pip handling (#1)

* virtual env added to T1018, tested and confirmed working

* virtual env added to T1003.001, tested and confirmed working

* virtual env added to T1555.003, tested and confirmed working

* Removing pip-autoremove installation as not required

* updating atomics count in README.md [ci skip]

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Co-authored-by: publish bot <opensource@redcanary.com>
 2024-02-26 09:19:26 -06:00
Atomic Red Team doc generator ceea7ce1e0 Generated docs from job=generate-docs branch=master [ci skip] 2023-10-12 03:45:06 +00:00
Carrie Roberts 0f7d8de6a6 exit code 0 on success (#2565) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2023-10-11 21:44:03 -06:00
Atomic Red Team doc generator 098dfbfe5b Generated docs from job=generate-docs branch=master [ci skip] 2023-09-25 20:27:05 +00:00
Antonio Piazza a301206811 Download Directory creation (#2543) 
* Added ExternalPayloads dir creation

* Created ExternaPayloads Dir

Created ExternaPayloads Directory using powershell command

* Added External Payloads Dir

Added External Payloads Directory using a powershell command for all Procedures.

* Fixed ExternalPayload directory creation

Fixed ExternalPayload directory creation.  Got rid of the Split path

* Created External Payloads directory

Created External Payloads directory for procedure 14d55ca0-920e-4b44-8425-37eedd72b173

* Update T1003.002.yaml

Added ExternalPayloads directory creation PowerShell command for procedure 804f28fc-68fc-40da-b5a2-e9d0bce5c193

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-09-25 14:26:08 -06:00
Atomic Red Team doc generator cef46e4479 Generated docs from job=generate-docs branch=master [ci skip] 2023-06-15 16:17:12 +00:00
Carrie Roberts 068d32b1ea use ExternalPayloads directory (#2460) 
* use ExternalPayloads directory

* use ExternalPayloads directory

* use ExternalPayloads directory
 2023-06-15 10:16:12 -06:00
Atomic Red Team doc generator b1f3c968f2 Generated docs from job=generate-docs branch=master [ci skip] 2023-05-19 17:06:33 +00:00
Atomic Red Team doc generator 16594d72c5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 23:11:19 +00:00
Josh Rickard a5dd0813cd fix: Updating atomics YAML file structure to align with the new JSON schema definition (#2323) 
* fix: Updating atomics YAML file structure to align with the new JSON schema definition.

This also fixes some white space issues and general line formatting across all impacted atomics.

* fix: One additional change needed

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 16:10:37 -07:00
Atomic Red Team doc generator 6024dac957 Generated docs from job=generate-docs branch=master [ci skip] 2022-11-15 15:56:55 +00:00
Carrie Roberts cecca22f67 HiveNightmare simplifications (#2230) 
* HiveNightmare simplifications

* Update T1003.002.yaml

* Update T1003.002.yaml

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2022-11-15 08:56:24 -07:00
Atomic Red Team doc generator 2a798d98d1 Generated docs from job=generate-docs branch=master [ci skip] 2022-11-10 16:59:20 +00:00
Carrie Roberts 956a699a65 expand description (#2227) 
* expand description

* add cve number and link
 2022-11-10 11:58:47 -05:00
Atomic Red Team doc generator d0dad62dbc Generated docs from job=generate-docs branch=master [ci skip] 2022-09-23 22:57:18 +00:00
Atomic Red Team doc generator 812f7dcbaa Generated docs from job=generate-docs branch=master [ci skip] 2022-05-13 01:56:04 +00:00
Atomic Red Team GUID generator b3ab708511 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-13 01:56:00 +00:00
tlor89 3b2e6e7404 Update T1003.002.yaml (#1963) 
* Update T1003.002.yaml

add Loot local Credentials - Dump SAM-File for NTLM Hashes technique via function of WinPwn

* Update T1003.002.yaml

updated

* Update T1003.002.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-12 19:55:35 -06:00
CircleCI Atomic Red Team doc generator 4d713c6a01 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-04-08 15:13:11 +00:00
lucasRiley 38d904f4f1 T1003.002 #4, Powerdump Improvement (#1856) 
* T1003.002 #4 Improvement

* T1003.002 #4 Improvement

* keep previous guid

Co-authored-by: Riley <lriley@NTI.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-04-08 09:12:28 -06:00
CircleCI Atomic Red Team doc generator 8985aaf0f0 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-12-09 18:42:48 +00:00
Carrie Roberts 5bb5878e62 Cleaning up the Cleanup commands (#1685) 
* cleanup fixes

* cleanup fixes

* cleanup fixes
 2021-12-09 11:42:14 -07:00
CircleCI Atomic Red Team doc generator 6e4cbb9e85 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-08-09 16:07:26 +00:00
CircleCI Atomic Red Team GUID generator bb1885e040 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-08-09 16:07:19 +00:00
Brandon Morgan ddeb15ae41 Update T1003.002.yaml (#1595) 
Added test 6 to dump hives with System.IO.File.  Also tweaked test 5 so that the hive could be selected by the user, same as in test 6
 2021-08-09 10:07:00 -06:00
CircleCI Atomic Red Team doc generator 8d84482954 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-08-07 18:14:40 +00:00
CircleCI Atomic Red Team GUID generator 38cd41e80e Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-08-07 18:14:36 +00:00
Brandon Morgan bd5ae3ad84 dump shadow hive w/ certutil (#1594) 2021-08-07 12:14:14 -06:00
CircleCI Atomic Red Team doc generator 36d49de4c8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 17:04:33 +00:00
CircleCI Atomic Red Team doc generator 575b36a8e6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 15:16:54 +00:00
CircleCI Atomic Red Team doc generator 6a570c2a46 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-18 14:52:23 +00:00
tjgeorgen 7d494dcbce Fix file path for PowerDump Import (#1466) 
seemed to download the module to $Env:Temp then run from .\, so I changed both to $Env:Temp
 2021-05-18 08:51:47 -06:00
CircleCI Atomic Red Team doc generator 73bdd9c307 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-02-11 15:59:48 +00:00
Brandon Morgan 81f2b097b5 prereq fixes (#1388) 
prereq fixes

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-02-11 08:59:22 -07:00
CircleCI Atomic Red Team doc generator 57ba7350b8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-01-22 16:30:47 +00:00
MrOrOneEquals1 22c65f4acd Fix to Cleanup Command for T1003.002 Test Number 3 (#1374) 2021-01-22 09:30:13 -07:00
Carrie Roberts 9e4b0e36d2 move cleanup to cleanup command (#1258) 
* move cleanup to cleanup command

* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-11

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-10-24 08:15:20 -06:00
CircleCI Atomic Red Team doc generator 910a2a764a Generate docs from job=validate_atomics_generate_docs branch=master 2020-09-29 13:53:28 +00:00
CircleCI Atomic Red Team doc generator b69f27c2b3 Generate docs from job=validate_atomics_generate_docs branch=master 2020-09-03 21:49:12 +00:00
kpsmiley23 730a62b977 Update T1003.002.yaml (#1212) 
Request raw Invoke-PowerDump.ps1 instead of repository page
 2020-09-03 15:48:52 -06:00
CircleCI Atomic Red Team doc generator 19b5ee9ee4 Generate docs from job=validate_atomics_generate_docs branch=master 2020-08-16 02:31:44 +00:00
Jesse Moore f4d059dbbc Update T1003.002.yaml for PowerDump (#1196) 
* Update T1003.002.yaml for PowerDump

Added PowerDump to parse SAM and SYSTEM for usernames and Hash

* Add fixes

Updated with fixes.
Its not erroring with Multiple cleanup
Removed preReqs, don't need them
Removed SAM and SYSTEM file dep... PowerDump can just Dump Registry for Hashes and Usernames

* Getting permanent links to file

Added permanent link to PowerDump in BC-SECURITY Github

* updated description

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-08-15 20:31:19 -06:00