security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,616 Commits 47 Branches 0 Tags
master
Commit Graph

68 Commits

Author SHA1 Message Date
Atomic Red Team doc generator 9f6a1eab36 Generated docs from job=generate-docs branch=master [ci skip] 2026-02-18 16:55:45 +00:00
Atomic Red Team doc generator 376bf2a64d Generated docs from job=generate-docs branch=master [ci skip] 2026-02-18 16:46:29 +00:00
Atomic Red Team doc generator 5ede8f21e4 Generated docs from job=generate-docs branch=master [ci skip] 2025-02-13 22:03:40 +00:00
Atomic Red Team doc generator 6a3a2ede32 Generated docs from job=generate-docs branch=master [ci skip] 2024-01-20 20:45:01 +00:00
Hare Sudhan e742bcb626 Fix schema validation (#2666) 2024-01-20 14:44:16 -06:00
Atomic Red Team doc generator f6fc008a05 Generated docs from job=generate-docs branch=master [ci skip] 2024-01-20 04:21:06 +00:00
Atomic Red Team GUID generator e9ab27efff Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-01-20 04:20:53 +00:00
sai prashanth pulisetti b6fa8857a5 Atomic Test #7 - System Owner/User Discovery Using Command Prompt (#2657) 
* Atomic Test #7 - System Owner/User Discovery Using Command Prompt

Identify the system owner or current user using native Windows command prompt utilities.

* Update T1033.yaml

adjusted - "del %output_path%\\user_info_*.tmp"

* Update T1033.yaml

adjusted output_path with Temp

* Update T1033.yaml

* Update T1033.yaml

* Update T1033.yaml

* Update T1033.yaml

* Update T1033.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-19 22:20:19 -06:00
Atomic Red Team doc generator ad2d7c8f13 Generated docs from job=generate-docs branch=master [ci skip] 2023-11-06 22:42:54 +00:00
Hare Sudhan 62a85c12b5 FreeBSD changes (#2585) 
* freebsd changes

* renaming freebsd to linux
 2023-11-06 17:41:43 -05:00
Atomic Red Team doc generator 4d6c4e8e23 Generated docs from job=generate-docs branch=master [ci skip] 2023-11-02 00:56:51 +00:00
Alonso Cárdenas 86913f3573 Merge branch 'master' of https://github.com/alonsobsd/atomic-red-team 2023-06-01 22:03:39 -05:00
Atomic Red Team doc generator b1f3c968f2 Generated docs from job=generate-docs branch=master [ci skip] 2023-05-19 17:06:33 +00:00
Alonso Cárdenas f1c5a9be03 Add FreeBSD support 2023-05-08 11:06:08 -05:00
Atomic Red Team doc generator 8ec8bb8d24 Generated docs from job=generate-docs branch=master [ci skip] 2023-03-17 20:01:43 +00:00
Burning_PM 67afbfe15c Fix-Cleanup-Command 
Fix the cleanup command to pass the output_path input argument instead of being hardcoded.
 2023-03-17 06:53:35 -07:00
Atomic Red Team doc generator 8025353c3d Generated docs from job=generate-docs branch=master [ci skip] 2023-03-16 23:41:15 +00:00
Atomic Red Team GUID generator d62766548b Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-03-16 23:40:55 +00:00
Paul 73a144caa6 T1033-whoami-simplification (#2370) 
* Variation on system/user discovery

Slight variation on Test 1: System Owner/User Discovery. This is meant to be a stripped down version.

* Update T1033.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-03-16 17:39:46 -06:00
Atomic Red Team doc generator 16594d72c5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 23:11:19 +00:00
Josh Rickard a5dd0813cd fix: Updating atomics YAML file structure to align with the new JSON schema definition (#2323) 
* fix: Updating atomics YAML file structure to align with the new JSON schema definition.

This also fixes some white space issues and general line formatting across all impacted atomics.

* fix: One additional change needed

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 16:10:37 -07:00
CircleCI Atomic Red Team doc generator 7091fa8b16 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-04-01 14:37:00 +00:00
CircleCI Atomic Red Team doc generator 13200b42f9 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-23 17:44:48 +00:00
tccontre a41a63ffd9 Powershell tactics (#1825) 
* Update T1112.yaml

* Update T1112.yaml

* typos

* Update T1033.yaml

* Update T1033.yaml

* Update T1546.015.yaml

* Update T1546.015.yaml

* Update T1033.yaml

* Update T1546.015.yaml

* Update T1546.015.yaml

* Update T1546.015.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-23 11:44:16 -06:00
CircleCI Atomic Red Team doc generator bc21f59ff0 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-04 00:21:31 +00:00
Josh Rickard 1513717eb2 Updating atomics to conform to standard (#1619) 
* Updated format of input_argument types for Url

* Updated type for input_arguments to Url (missed)

* Updating Path type for input_arguments

* Updated String type for input_arguments

* Missed a few Strings and Url types

* Updated default values for input_arguments to align with their types

* Updated Integer type for input_arguments

* Updated formatting and spacing of atomics
 2021-09-03 18:20:46 -06:00
CircleCI Atomic Red Team doc generator 36d49de4c8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 17:04:33 +00:00
CircleCI Atomic Red Team doc generator 575b36a8e6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 15:16:54 +00:00
CircleCI Atomic Red Team doc generator 88ad3fd322 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-16 18:41:22 +00:00
SecurityShrimp 42799b033d added TLS/SSL v1.2 enabling commands to any atomic test utilizing IWR (#1519) 
* Update T1204.002.md

Added lines to each test using IWR for invoke-webrequest to set the acceptable TLS versions for the commands to complete successfully by prepending the tests with 

```[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12```

* Update T1555.yaml

added line to set ssl/tls version

* Update T1134.001.yaml

updated IWR lines to allow ssl/tls version 1.2

* Update T1069.002.yaml

added lines to every IWR instance to set ssl/tls version to 1.2

* Update T1558.003.yaml

added line to allow TLS/SSL 1.2

* Update T1033.yaml

added command to enable SSL/TLS v1.2

* Update T1055.012.yaml

added command to enable TLS/SSL v1.2

* Update T1115.yaml

Added command to enable SSL/TLS v1.2

* Update T1070.001.yaml

added command enabling SSL/TLS v 1.2

* Update T1564.yaml

added commands to enable SSL/TLS v 1.2

* Update T1566.001.yaml

added command to enable SSL/TLS V1.2

* Update T1135.yaml

added command to enable SSL/TLS v1.2

* Update T1055.yaml

added commands to enable TLS/SSL v 1.2

* Update T1110.003.yaml

added command to enable TLS/SSL v1.2

* Update T1003.yaml

Added command to enable TLS/SSL v1.2

* Update T1053.005.yaml

added command to enable TLS/SSL v1.2

* Update T1003.001.yaml

added commands to enable TLS/SSL v1.2 for any command using invoke-webrequest

* Update T1069.002.yaml

syntax correction

* Update T1134.001.yaml

syntax correction

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-06-16 12:41:04 -06:00
CircleCI Atomic Red Team doc generator 228dcb1ae3 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-02 13:28:54 +00:00
Carrie Roberts 8b6c9af427 add usebasicparsing flag (#1410) 2021-04-02 07:28:29 -06:00
Michael Haag 3304c0b020 T1555.003 (#1311) 
* Generate docs from job=validate_atomics_generate_docs branch=T1555.003

* Windows LaZagne

Adding test for LaZagne on Windows to collect passwords stored in browser. Issue #1030

* Generate docs from job=validate_atomics_generate_docs branch=T1555.003

* Generate docs from job=validate_atomics_generate_docs branch=T1555.003

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-12-01 13:31:40 -07:00
MrOrOneEquals1 90cc72063a dummy PR to cause documentation to be rebuilt (#1309) 2020-12-01 07:40:10 -07:00
Murat ERDEM 9ca764c258 Update T1033.yml (#1308) 
i seen a small error and  fixed it
 2020-12-01 07:19:19 -07:00
CircleCI Atomic Red Team doc generator 910a2a764a Generate docs from job=validate_atomics_generate_docs branch=master 2020-09-29 13:53:28 +00:00
CircleCI Atomic Red Team doc generator 99a4e8850a Generate docs from job=validate_atomics_generate_docs branch=master 2020-08-07 17:14:19 +00:00
CircleCI Atomic Red Team doc generator 19243f40d9 Generate docs from job=validate_atomics_generate_docs branch=master 2020-06-25 17:09:11 +00:00
Hare Sudhan Muthusamy 21888d12fc Typo fix (#1080) 
* Fixed execution issue and added cleanup command

* Cleanup command added

* Added cleanup command

* Typo fix
 2020-06-25 11:08:25 -06:00
CircleCI Atomic Red Team doc generator 8a82e9b66a Generate docs from job=validate_atomics_generate_docs branch=master 2020-06-18 01:57:35 +00:00
Carrie Roberts 24549e3866 Convert to Mitre ATT&CK sub-technique schema (#1056) 
* Initial transfer of atomics to MITRE subtechniques

* Add GUIDs back in, attack_technique to string (#1019)

* technique to string and add guids back in

* technique to string and add guids back in

* technique to string and add guids back in

* technique to string and add guids back in

* Subtechnique transfer T1220-T1546.005 (#1020)

* Create T1222.001.yaml

* Create T1222.002.yaml

* Create T1505.002.yaml

* Update T1543.003.yaml

* Update AtomicService.cs

* Update T1546.005.yaml

* Delete T1222.yaml

* Update T1482.yaml

* Update T1485.yaml

* Update T1220.yaml

* Update T1489.yaml

* Update T1490.yaml

* Update T1496.yaml

* Update T1505.003.yaml

* Update T1505.yaml

* Update T1518.001.yaml

* Update T1518.yaml

* Update T1529.yaml

* Update T1543.004.yaml

* Update T1546.001.yaml

* Update T1546.002.yaml

* Update T1546.002.yaml

* Update T1546.001.yaml

* Update T1543.004.yaml

* Update T1543.002.yaml

* Update T1543.001.yaml

* Update T1518.001.yaml

* Update T1546.004.yaml

* Update T1546.003.yaml

* Update T1531.yaml

* Update T1222.001.yaml

* Update T1222.002.yaml

* Update T1505.002.yaml

* Update T1505.003.yaml

* Update T1518.001.yaml

* Update T1543.001.yaml

* Update T1546.005.yaml

* Update T1546.004.yaml

* Update T1546.003.yaml

* Update T1546.002.yaml

* Update T1546.001.yaml

* Update T1543.004.yaml

* Update T1543.003.yaml

* Update T1543.002.yaml

* added auto_generated_guid 1220

* added T1222.001 auto_generated_guid

* Update T1222.002.yaml

added   auto_generated_guid entries

* Update T1482.yaml

  auto_generated_guid added

* Update T1485.yaml

added   auto_generated_guids

* Update T1489.yaml

added   auto_generated_guids

* Update T1490.yaml

added   auto_generated_guids

* Update T1496.yaml

added   auto_generated_guid

* Update T1505.002.yaml

added   auto_generated_guid from old T1505 same atomic

* Update T1505.003.yaml

added  auto_generated_guid from previous atomic 1100

* Delete T1505.yaml

no longer needed, moved to 1505.002

* Update T1518.yaml

added  auto_generated_guids

* Update T1529.yaml

added   auto_generated_guids

* Update T1531.yaml

added   auto_generated_guids

* Update T1543.001.yaml

added   auto_generated_guid

* Update T1543.002.yaml

added   auto_generated_guid

* Update T1543.004.yaml

added   auto_generated_guid

* Update T1546.001.yaml

added   auto_generated_guid

* Update T1546.002.yaml

added   auto_generated_guid

* Update T1546.003.yaml

* Update T1546.004.yaml

added  auto_generated_guid

* Update T1546.005.yaml

added  auto_generated_guid

* add guids back in

* fix spacing issue

* fix spacing

* fix spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>

* Sub-techniques T1053-T1113 - Updates (#1022)

* Sub-techniques T1053-T1113 - Updates

Updated techniques for sub-techniques.

* minor fixes

format fixing

* Added GUIDs

- Added GUIDs back
- Fixed typo (T1054)
- Fixed attack_technique from an array to a string

* Sub-technique updates T1546.008 through T1574.011 (#1024)

* sub technique updates

* sub technique updates

* sub technique updates

* Carrie updates (#1017)

* updated T1110,12,13

* updated T1114

* updated T1114

* updated T1115

* updated T1119

* updated T1123,24

* updated T1127

* updated T1114

* updated T1127

* updated T1132

* T1134.004

* T1134.004

* updated T1135

* updated T1136

* updated T1137

* updated T1140

* remove depracted T1153

* updated T1176

* updated T1197

* updated T1201

* updated T1202

* updated T1204

* updated T1207

* updated T1216

* updated T1204

* updated T1217

* updated T1218

* updated T1218

* updated T1219

* updated T1218

* attack_technique to string

* Subtechnique transfer (#1025)

* T1003 review

* T1005 manual review changes

* T1027.002 sub-technique review

* T1027.004 sub-technique review

* T1036 sub-technique review

* T1037 sub-technique review

* T1048 sub-technique review

* YAML bugfixes

* Adding auto-generated GUIDs back to tests

* merging with Mike's PR

* Merging with Carrie's PR

* fix spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>

* Subtechnique fix (#1026)

* add atomic_tests: element

* add atomic_tests: element

* more fixes

* more fixes

* more fixes

* sub technique minor fixes 1 (#1027)

* fixes

* fixes

* more fixes

* more fixes

* display name fix (#1028)

* remove some deprecated stuff. reorganize a little (#1031)

* Gendocs fix (#1033)

* gendocs updates for subtechniques

* add folders

* ignore auto generated markdown files

* remove tmp files

* add tmp files

* Generate docs from job=validate_atomics_generate_docs branch=subtechnique_transfer

* navigator layer v3.0

* Generate docs from job=validate_atomics_generate_docs branch=subtechnique_transfer

Co-authored-by: Matt Graeber <60448025+mgraeber-rc@users.noreply.github.com>
Co-authored-by: Tsora-Pop <35981510+Tsora-Pop@users.noreply.github.com>
Co-authored-by: Michael Haag <mike@redcanary.com>
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-06-17 12:55:46 -06:00
CircleCI Atomic Red Team doc generator a34350f2f1 Generate docs from job=validate_atomics_generate_docs branch=master 2020-05-21 21:31:46 +00:00
Andrew Beers e3786e4dc3 write test (#1003) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-05-21 15:31:27 -06:00
CircleCI Atomic Red Team doc generator 35c42f2c61 Generate docs from job=validate_atomics_generate_docs branch=master 2020-05-15 17:19:25 +00:00
Michael Haag e4ce60f9f2 Updated Descriptions (#897) 
* Updated Descriptions

Updated descriptions with what to expect from successful execution.

* Update T1028.yaml

* Update T1028.yaml

* Generate docs from job=validate_atomics_generate_docs branch=description-updates

* move text to description

* Generate docs from job=validate_atomics_generate_docs branch=description-updates

* typo fix

* Generate docs from job=validate_atomics_generate_docs branch=description-updates

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-03-19 21:23:10 -06:00
Carrie Roberts 71223b2514 backslash fix for markdown (#881) 2020-03-16 08:50:43 -06:00
Carrie Roberts 6ec7d4bcf0 Specify language for markdown code blocks (#882) 
* specify code block type in markdown

* specify code block type in markdown
 2020-03-16 08:46:25 -06:00
Tony M Lambert a4c9ee4430 Replay the Dependencies Merge (#786) 
* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* lowercase url

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* lowercase url

* fixing yaml spacing issue

* correcting input name

* rm to del

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-01-21 12:11:45 -06:00
Tony M Lambert c3b398e48c Revert "Add Dependencies section to test Yaml and support to use them… (#773) 
* Revert "Add Dependencies section to test Yaml and support to use them in the PS execution framework (#772)"

This reverts commit 511bb87af2.

* Generate docs from job=validate_atomics_generate_docs branch=revert-511bb87af29fb302dbd9e85bd93c2c00a47953ba
 2020-01-09 09:12:38 -06:00
Carrie Roberts 511bb87af2 Add Dependencies section to test Yaml and support to use them in the PS execution framework (#772) 
* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* first draft at dependencies

* lowercase url
 2020-01-09 07:36:07 -07:00