security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,616 Commits 47 Branches 0 Tags
master
Commit Graph

57 Commits

Author SHA1 Message Date
Atomic Red Team doc generator 9f6a1eab36 Generated docs from job=generate-docs branch=master [ci skip] 2026-02-18 16:55:45 +00:00
Atomic Red Team doc generator 376bf2a64d Generated docs from job=generate-docs branch=master [ci skip] 2026-02-18 16:46:29 +00:00
Atomic Red Team doc generator a6ec993396 Generated docs from job=generate-docs branch=master [ci skip] 2025-07-17 16:52:39 +00:00
Retrospected 7d68f07d75 Update T1547.001.yaml (#3147) 2025-07-17 09:51:20 -07:00
Atomic Red Team doc generator 5ede8f21e4 Generated docs from job=generate-docs branch=master [ci skip] 2025-02-13 22:03:40 +00:00
Atomic Red Team doc generator ccd6146de1 Generated docs from job=generate-docs branch=master [ci skip] 2025-01-07 20:35:45 +00:00
SanSan-monkey 8d13023cc6 New Atomic TestT1547.001.yaml (#3025) 
Co-authored-by: Bhavin Patel <bhavin.j.patel91@gmail.com>
 2025-01-07 12:34:41 -08:00
Atomic Red Team doc generator f477866de4 Generated docs from job=generate-docs branch=master [ci skip] 2024-12-18 16:53:07 +00:00
Retrospected f308db7af9 Fix T1547.001 test b051b3c0-66e7-4a81-916d-e6383bd3a669 by adding /f argument to the reg modification by reg.exe (#3017) 
Co-authored-by: Bhavin Patel <bhavin.j.patel91@gmail.com>
 2024-12-18 08:52:10 -08:00
Atomic Red Team doc generator 12c1fabcf5 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-16 22:37:48 +00:00
abhijose09 6b16e95579 Update T1547.001.yaml (#2856) 
* Update T1547.001.yaml

Allowing custom application to execute during new RDP logon session

* Update T1547.001.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-16 17:36:37 -05:00
Atomic Red Team doc generator c126089a0d Generated docs from job=generate-docs branch=master [ci skip] 2024-07-16 18:15:15 +00:00
abhijose09 1b800b29ca Update T1547.001.yaml (#2854) 
* Update T1547.001.yaml

Creating Boot Verification Program Key for application execution during successful boot

* Update T1547.001.yaml

updated few changes

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-16 13:14:02 -05:00
Atomic Red Team doc generator 157de65031 Generated docs from job=generate-docs branch=master [ci skip] 2023-11-07 00:28:51 +00:00
Atomic Red Team doc generator a228ee8656 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-22 19:15:21 +00:00
Carrie Roberts d4709021fb Handle spaces in file paths (#2535) 
* updating atomics count in README.md [ci skip]

* wip

* handle spaces in path

* update readme

* fix typo

---------

Co-authored-by: publish bot <opensource@redcanary.com>
 2023-09-22 10:47:25 -06:00
Atomic Red Team doc generator b1f3c968f2 Generated docs from job=generate-docs branch=master [ci skip] 2023-05-19 17:06:33 +00:00
Atomic Red Team GUID generator 4177d016ad Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-05-09 19:38:56 +00:00
Michael Haag 7b2ba6e0ac modify BootExecute (#2412) 
* modify BootExecute

* Update T1547.001.yaml

* Update T1547.001.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-05-09 13:38:16 -06:00
Atomic Red Team doc generator c42cd26868 Generated docs from job=generate-docs branch=master [ci skip] 2023-03-13 18:41:34 +00:00
Carrie Roberts 08f1fdcc2b use ART repo instead of ARTifacts (#2361) 
* use ART repo instead of ARTifacts

* typo fix
 2023-03-13 12:40:49 -06:00
Atomic Red Team doc generator 16594d72c5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 23:11:19 +00:00
Josh Rickard a5dd0813cd fix: Updating atomics YAML file structure to align with the new JSON schema definition (#2323) 
* fix: Updating atomics YAML file structure to align with the new JSON schema definition.

This also fixes some white space issues and general line formatting across all impacted atomics.

* fix: One additional change needed

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 16:10:37 -07:00
Atomic Red Team doc generator c65c1656a4 Generated docs from job=generate-docs branch=master [ci skip] 2022-11-29 00:06:26 +00:00
BlueTeamOps 414118431e Tests to simulate misuse of secedit.exe (#2241) 
* secedit config template

* added secedit based persistence

* added secedit based discovery
 2022-11-28 19:05:09 -05:00
Atomic Red Team doc generator c55f3ecce0 Generated docs from job=generate-docs branch=master [ci skip] 2022-11-07 21:25:36 +00:00
Carrie Roberts ee954d215c mv 2 1547 tests to 1546 (#2223) 2022-11-07 14:25:09 -07:00
Atomic Red Team doc generator 31d9ef273e Generated docs from job=generate-docs branch=master [ci skip] 2022-11-01 15:25:54 +00:00
Atomic Red Team GUID generator dde1c39789 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-11-01 15:25:47 +00:00
BlueTeamOps 5da061570e Added CommandProcessor Autorun (#2214) 
* Added CommandProcessor Autorun

* add an hcku version as well

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-11-01 10:25:17 -05:00
Atomic Red Team doc generator 52d1f72af2 Generated docs from job=generate-docs branch=master [ci skip] 2022-10-03 22:33:32 +00:00
frack113 f41e92b834 T1547.001 Fix test a70faea1-e206-4f6f-8d9a-67379be8f6f1 (#2171) 
* Fix test a70faea1-e206-4f6f-8d9a-67379be8f6f1

* Restore b5c9a9bc-dda3-4ea0-b16a-add8e81ab75f

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-10-03 16:32:48 -06:00
Atomic Red Team doc generator b07c165d9e Generated docs from job=generate-docs branch=master [ci skip] 2022-09-26 17:51:03 +00:00
Atomic Red Team GUID generator ff75bdc167 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-09-26 17:50:55 +00:00
Thomas de Brelaz c0c31e4c0c T1547.001 runkeys (#2150) 
* added tests 10-15 to T1547.001.yaml covering various missing keys used for run persistence

 Committer: Thomas De Brelaz <thockoro@hotmail.com>

* fixed name for test 14

 Committer: Thomas De Brelaz <thockoro@hotmail.com>

* added missing HKLM test for explorer run key

 Committer: Thomas De Brelaz <thockoro@hotmail.com>

* readability improvements

* fixed readability issues

 Committer: Thomas De Brelaz <thockoro@hotmail.com>

* small ymal type fix

 Committer: Thomas De Brelaz <thockoro@hotmail.com>

Co-authored-by: Thomas De Brelaz <thomas.de-brelaz@ubisoft.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-09-26 11:50:21 -06:00
Atomic Red Team doc generator d0dad62dbc Generated docs from job=generate-docs branch=master [ci skip] 2022-09-23 22:57:18 +00:00
Atomic Red Team doc generator 819934cc3f Generated docs from job=generate-docs branch=master [ci skip] 2022-06-16 22:47:00 +00:00
CircleCI Atomic Red Team doc generator 20df4c7262 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-16 03:52:57 +00:00
CircleCI Atomic Red Team GUID generator 37f0539284 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-16 03:52:52 +00:00
CyberBilly7 08dd613bb0 systembc (#1814) 
Co-authored-by: Chase James <cjames@nti.local>
 2022-03-15 21:52:20 -06:00
CircleCI Atomic Red Team doc generator 3947bbc2a5 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-14 17:41:32 +00:00
CircleCI Atomic Red Team GUID generator de94c41347 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-14 17:41:26 +00:00
frack113 d3a53714b4 Add persistance via Recycle bin (#1809) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-14 11:41:04 -06:00
CircleCI Atomic Red Team doc generator 36d49de4c8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 17:04:33 +00:00
CircleCI Atomic Red Team doc generator 575b36a8e6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 15:16:54 +00:00
CircleCI Atomic Red Team doc generator 507e5b8716 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-21 20:26:14 +00:00
Adam Mashinchi f2cb520542 Remove ARTifacts directory (#1408) 
* Update 1547.001 with link to stable "ARTifact" URL

Creating static link for Discovery.bat as "ARTifacts" directory is slated for removal.

* Update 1547.001.md to reflect YAML change

* Delete ARTifacts directory

Legacy URL available here: https://github.com/redcanaryco/atomic-red-team/tree/e88a1ea463964839e267dba74ec1cf7bf634ccbf/ARTifacts
 2021-03-24 12:38:00 -06:00
Keith McCammon 5ff80f6f90 Update maintainers.md (#1335) 
* Update maintainers.md

* Generate GUIDs from job=generate_and_commit_guids branch=maintainers-update

* Generate docs from job=generate_and_commit_docs branch=maintainers-update

Co-authored-by: CircleCI Atomic Red Team GUID generator <email>
 2020-12-17 22:57:51 -07:00
4rb1t3r 756a90294b Shortcut additions to user startup (#1329) 
* Shortcut additions to user startup

New addition to test creating a shortcut link to an executable in a users startup directory

* Update T1547.001.yaml

* remove extra whitespace

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-12-17 07:23:03 -07:00
Keith McCammon 28086402e2 Maintainers updates (#1328) 
* Update maintainers.md

Remove reference to announcements channel, which has been created.

* Generate docs from job=validate_atomics_generate_docs branch=maintainers-updates

* Update maintainers.md

Updates to maintainers meeting purpose, scope, and agendas.

* Generate docs from job=validate_atomics_generate_docs branch=maintainers-updates

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-12-15 14:18:41 -07:00