security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,422 Commits 47 Branches 0 Tags
oscd
Commit Graph

2422 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CircleCI Atomic Red Team doc generator f427e2c338 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-11-23 13:41:01 +00:00
Matt Graeber 3610e65375 Merge pull request #1240 from remotephone/oscdt1016 
[OSCD] Test for T1016 - macOS firewall enumeration
 2020-11-23 08:40:31 -05:00
CircleCI Atomic Red Team doc generator 3a001ee8f9 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-11-23 13:40:04 +00:00
Matt Graeber 5f34ccd556 Merge pull request #1267 from oscd-initiative/oscd_sigma_sync 
[OSCD] split Linux and macOS tests for T1518.001; update processes list
 2020-11-23 08:39:33 -05:00
CircleCI Atomic Red Team doc generator 795ce8f499 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-11-12 18:22:28 +00:00
OG c4535c64dc [OSCD] Adding T1547.010 (#1264) 
* Port monitor addition

* Rename T1547.010.yml to T1547.010.yaml
 2020-11-12 11:22:04 -07:00
yugoslavskiy 60d73a2780 Update T1518.001.yaml 2020-10-30 06:56:20 +01:00
CircleCI Atomic Red Team doc generator cb5079f516 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-30 04:50:15 +00:00
Keith McCammon e0a61be952 Merge branch 'master' into oscd 2020-10-29 22:49:50 -06:00
CircleCI Atomic Red Team doc generator c570863162 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-30 04:44:05 +00:00
Keith McCammon 0b55c53c83 Grr 2020-10-29 22:43:10 -06:00
Keith McCammon 0a509412dd Remove index files to avoid CI complaints. 2020-10-29 22:23:49 -06:00
CircleCI Atomic Red Team doc generator b99407210d Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-26 04:16:29 +00:00
Carl f0b2cad95a Merge pull request #1268 from aw350m33d/ISS_1219 
[OSCD] Added T1562.006 tests to emulate indicator blocking on Linux
 2020-10-25 22:15:56 -06:00
CircleCI Atomic Red Team doc generator 1114a1d32e Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-26 04:13:24 +00:00
Carl d630fdfc2d Merge pull request #1263 from oscd-initiative/oscd_updates 
[OSCD] updated a few tests
 2020-10-25 22:12:59 -06:00
CircleCI Atomic Red Team doc generator eccacb66b4 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-26 04:12:11 +00:00
Carl 00f9e63a1c Merge pull request #1262 from oscd-initiative/oscd 
[OSCD] Update T1564.002: Hidden User Creation test for macOS
 2020-10-25 22:11:41 -06:00
CircleCI Atomic Red Team doc generator f1dacdfeb7 Generate docs from job=validate_atomics_generate_docs branch=master 2020-10-24 14:41:32 +00:00
MrOrOneEquals1 6e2e9122ab Fix Technique Highlighting (#1272) 
Adds technique highlighting when a sub-technique has an atomic written for it.
 2020-10-24 08:39:37 -06:00
CircleCI Atomic Red Team doc generator 83ebbf049d Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-24 14:23:47 +00:00
omkargudhate22 e0495296ac [OSCD] Office persiststence : Office test (#1266) 
* Office persiststence :  Office test

* Added technique details
 2020-10-24 08:23:13 -06:00
Carrie Roberts 9658f928e5 better test name (#1261) 
* better name

* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-14

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-10-24 08:19:12 -06:00
Carrie Roberts 49285769f7 cleaner title (#1260) 
* cleaner title

* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-13

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-10-24 08:17:34 -06:00
Carrie Roberts 8c75682918 title clarification (#1259) 
* title clarification

* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-12

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-10-24 08:15:58 -06:00
Carrie Roberts 9e4b0e36d2 move cleanup to cleanup command (#1258) 
* move cleanup to cleanup command

* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-11

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-10-24 08:15:20 -06:00
CircleCI Atomic Red Team doc generator c9715c0d8c Generate docs from job=validate_atomics_generate_docs branch=master 2020-10-24 14:12:36 +00:00
MrOrOneEquals1 36db298ade Update Layer Names (#1271) 
More descriptive Mitre ATT&CK Navigator names.
 2020-10-24 08:12:17 -06:00
Michael Haag c8f43265c7 Introducing AtomicTestHarnesses Tests to ART (#1270) 
* Introduce AtomicTestHarness Tests to ART

Adding:
- T1134.004 - Access Token Manipulation: Parent PID Spoofing
- T1218.001 - Signed Binary Proxy Execution: Compiled HTML File
- T1218.005 - Signed Binary Proxy Execution: Mshta

These tests utilize the recently released [AtomicTestHarnesses](https://github.com/redcanaryco/atomictestharnesses) to simulate the base tests from from each ATH Harness. Input arguments may be manipulated as needed to enhance simulation.

* Generate docs from job=validate_atomics_generate_docs branch=atomictestharness-tests

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-10-22 14:34:31 -06:00
CircleCI Atomic Red Team doc generator 8e3abf4620 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-21 16:52:26 +00:00
omkargudhate22 d3873c48a4 Indirect command execution - conhost (#1265) 2020-10-21 10:51:54 -06:00
CircleCI Atomic Red Team doc generator 7a1c4e857b Generate docs from job=validate_atomics_generate_docs branch=master 2020-10-21 16:48:59 +00:00
Carrie Roberts e0d6242f7a add nav score for parent technique (#1269) 2020-10-21 10:48:21 -06:00
aw350m3 347457a693 Removed prereq and fixed command endings 2020-10-20 08:48:23 +00:00
yugoslavskiy 618c150a94 Update T1518.001.yaml 2020-10-20 05:31:30 +02:00
Yugoslavskiy Daniil 2db46f3ca3 split linux and macos tests for TT1518.001; update processes list 2020-10-20 05:26:38 +02:00
aw350m3 5fb2ebf442 Added T1562.006 tests to emulate indicator blocking by modifying configuration files 2020-10-19 22:05:18 +00:00
Yugoslavskiy Daniil 30d8defed6 add Gatekeeper disable; add cleanup for security tools disable; add another launchagent for carbon black defense; remove Gatekeeper disable command from Gatekeeper bypass technique 2020-10-18 02:04:01 +02:00
Yugoslavskiy Daniil 23b1ad6331 update T1564.002 2020-10-18 01:23:05 +02:00
Yugoslavskiy Daniil d381056952 update T1564.002 2020-10-18 01:19:25 +02:00
CircleCI Atomic Red Team doc generator ce8e4dcf80 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-15 16:59:46 +00:00
sn0w0tter 761eb9cc72 [OSCD] Create atomic test for T1113 for Windows (#1251) 2020-10-15 10:59:14 -06:00
CircleCI Atomic Red Team doc generator 72e6640db6 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-15 16:51:45 +00:00
mrblacyk f9637403eb T1136.002 - 2 tests added (#1252) 2020-10-15 10:51:21 -06:00
CircleCI Atomic Red Team doc generator c51438c486 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-15 16:42:07 +00:00
mrblacyk dd48a41960 [OSCD] T1036.004: Masquerade Task or Service - 2 tests (#1253) 
* T1036.004 - 2 tests added

* Update T1036.004.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-10-15 10:41:21 -06:00
CircleCI Atomic Red Team doc generator d5ef015f53 Generate docs from job=validate_atomics_generate_docs branch=oscd 2020-10-15 16:36:33 +00:00
gregclermont 8e322ecb76 Add test for T1006 Direct Volume Access (#1254) 2020-10-15 10:36:07 -06:00
CircleCI Atomic Red Team doc generator 29ae06b032 Generate docs from job=validate_atomics_generate_docs branch=master 2020-10-15 16:28:04 +00:00
Micheal Fleck fde64c6173 Update T1012.yaml (#1255) 
Removed extra spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-10-15 10:27:40 -06:00