security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

82 Commits

Author SHA1 Message Date
Atomic Red Team doc generator e2115e52c0 Generated docs from job=generate-docs branch=master [ci skip] 2025-10-06 15:55:53 +00:00
Bhavin Patel 1a197af893 Insecure curl execution from a pod (#3187) 
Co-authored-by: Hare Sudhan <code@0x6c.dev>
 2025-10-06 11:54:51 -04:00
Atomic Red Team doc generator 098f6f146f Generated docs from job=generate-docs branch=master [ci skip] 2025-03-20 02:34:45 +00:00
Michael Haag 35d35a585f T1105- OneDriveStandaloneUpdater (#3085) 
Co-authored-by: Bhavin Patel <bhavin.j.patel91@gmail.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2025-03-19 22:33:52 -04:00
Atomic Red Team doc generator f30d6050ca Generated docs from job=generate-docs branch=master [ci skip] 2024-11-19 18:17:02 +00:00
Burak Karaduman 33ca146f03 T1105 - Windows pull file using sftp.exe (#2987) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-11-19 13:16:05 -05:00
Atomic Red Team doc generator 12bf341353 Generated docs from job=generate-docs branch=master [ci skip] 2024-11-19 18:10:36 +00:00
Burak Karaduman 0c76b2cad3 T1105 - Windows push file using sftp.exe (#2986) 
* T1105 - Windows push file using sftp.exe

* Update T1105.yaml

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-11-19 13:09:36 -05:00
Atomic Red Team doc generator d1430f6cb8 Generated docs from job=generate-docs branch=master [ci skip] 2024-11-19 18:04:20 +00:00
Burak Karaduman 35b0abe836 T1105 - Windows pull file using scp.exe (#2985) 
* T1105 - Windows pull file using scp.exe

* Update T1105.yaml

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-11-19 13:03:15 -05:00
Atomic Red Team doc generator fb37dd4a03 Generated docs from job=generate-docs branch=master [ci skip] 2024-11-15 19:53:56 +00:00
Burak Karaduman 11648ff2bd T1105 - Windows push file using scp.exe (#2983) 
* T1105 - Windows push file using scp.exe

* Improvments for "Windows push file using scp.exe"

* Update T1105.yaml

---------

Co-authored-by: Bhavin Patel <bhavin.j.patel91@gmail.com>
 2024-11-15 11:52:51 -08:00
BlueTeamOps 2e9bea8316 Blueteam0ps 31072024 (#2902) 
* Update T1560.001.yaml

* Create T1564.008.yaml

* Update T1105.yaml

* Update T1560.001.yaml

Added back elevation_required: true to the previous test as it was mistakenly removed.

* Update T1105.yaml

Fixed up errors

* Update T1560.001.yaml

removed addition elevation_required option

* Update T1560.001.yaml

Fixed the issues based on the feedback
 2024-09-24 16:42:55 -05:00
AlbertoPellitteri 6ffa493693 Fix test T1105.yaml (#2935) 
Co-authored-by: Hare Sudhan <code@0x6c.dev>
 2024-09-17 17:13:03 -04:00
Atomic Red Team doc generator 1e3b63fbaf Generated docs from job=generate-docs branch=master [ci skip] 2024-06-04 14:50:36 +00:00
NeuralGlitch 30b73d06bf Update to T1105 with New Atomic Test (#2792) 
* Adding a sample zip file to help with atomic test

* Update T1105.yaml

* Update T1105.yaml

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-06-04 09:49:22 -05:00
Atomic Red Team GUID generator 61c178723c Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-04-06 02:13:42 +00:00
pratinavchandra 87eff2b6b8 Added new atomic test: Update T1105.yaml (#2734) 
* Added new atomic test: Update T1105.yaml

* Update T1105.yaml
 2024-04-03 01:04:06 -04:00
Atomic Red Team GUID generator 2ef494158f Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-03-17 01:48:33 +00:00
NeuralGlitch 91912fdd93 Added a new atomic to T1202 (#2715) 
* Create src

* Delete atomics/T1202/src

* Create GUP.exe

* Delete atomics/T1202/src/GUP.exe

* Create TEST.exe

* Add files via upload

* Delete atomics/T1202/src/TEST.exe

* Update T1202.yaml

Updated new atomic test

* Create test

* Add files via upload

* Delete atomics/T1105/bin/test

* Update T1105.yaml

* remove duplicate

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-03-16 20:47:56 -05:00
Hare Sudhan 62a85c12b5 FreeBSD changes (#2585) 
* freebsd changes

* renaming freebsd to linux
 2023-11-06 17:41:43 -05:00
Jose Enrique Hernandez 2c1db3e4dd Merge branch 'master' into master 2023-11-01 19:10:13 -04:00
Carrie Roberts d4709021fb Handle spaces in file paths (#2535) 
* updating atomics count in README.md [ci skip]

* wip

* handle spaces in path

* update readme

* fix typo

---------

Co-authored-by: publish bot <opensource@redcanary.com>
 2023-09-22 10:47:25 -06:00
Carrie Roberts 586818a01f use ExternalPayloads folder (#2462) 
* use ExternalPayloads folder

* psexec as external dependency

* psexec as external dependency
 2023-06-15 13:52:16 -06:00
Carrie Roberts 068d32b1ea use ExternalPayloads directory (#2460) 
* use ExternalPayloads directory

* use ExternalPayloads directory

* use ExternalPayloads directory
 2023-06-15 10:16:12 -06:00
Alonso Cárdenas f1c5a9be03 Add FreeBSD support 2023-05-08 11:06:08 -05:00
Josh Rickard a5dd0813cd fix: Updating atomics YAML file structure to align with the new JSON schema definition (#2323) 
* fix: Updating atomics YAML file structure to align with the new JSON schema definition.

This also fixes some white space issues and general line formatting across all impacted atomics.

* fix: One additional change needed

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 16:10:37 -07:00
çidem b0b413cc9d T1105 :: Correct remote_url, Change del to rm (#2265) 2023-01-03 22:23:39 -05:00
tlor89 e3cb7dbc2b T1105_update (#2191) 
* T1105_update

* Update the syntax issue

* typo fix

Co-authored-by: Toua Lor <tlor@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-10-18 19:22:14 -06:00
Atomic Red Team GUID generator 5e91e948fc Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-10-03 15:43:42 +00:00
sourabhsharmasourabh d081d1dc33 New Atomic test 29 - iwr download (#2172) 
* New Atomic test 29 - iwr download

iwr or Invoke Web-Request download. Use 'iwr' or "Invoke-WebRequest" -URI argument to download a file from the web. Note: without -URI also works in some versions.

* Update T1105.yaml

* Update T1105.yaml

at 793 added line for elevation required : true, as it was missed to include earlier

* Update T1105.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-10-03 09:43:01 -06:00
Carrie Roberts df43a95da6 better prereq (#2116) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2022-09-07 05:44:24 -06:00
frack113 521378f17e Fix prereg test nimgrab (#2100) 2022-08-29 10:23:40 -06:00
Kyaw-Pyiyt-Htet-Mikoyan baae936580 Mikoyan dee patch 1 (#2095) 
* Update T1105.yaml

nimgrab.exe from nim programming package for windows can be used to download file.

* Update T1105.yaml

Update on nimgrab.exe execution information

* Update T1105.yaml

update the adjustment of nimgrab.exe block structure

* Update T1105.yaml

error fixed, nimgrab.exe

* Update T1105.yaml

error fixed, nimgrab.exe

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-08-22 10:51:28 -06:00
Atomic Red Team GUID generator bf0c945de8 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-08-17 21:30:01 +00:00
Michael Haag a93030e394 Linux and Windows (#2085) 
* Linux and Windows

* Update T1115.yaml
 2022-08-17 15:29:33 -06:00
Atomic Red Team GUID generator e3b3dc6c03 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-08-01 16:52:17 +00:00
Panos Moullotos 4ab943e73b New T1105 test based on open issue (#2060) 
* Create T1105-download-file.vbs

* Added 2 tests to T1105 based on open issue

* Update T1105.yaml

* remove duplicate

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-08-01 10:51:46 -06:00
Atomic Red Team GUID generator 7cfc9b3bef Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-25 20:45:34 +00:00
Panos Moullotos 2e852f836a Updated T1105.yaml with new certreq test (#2044) 
Inspired by https://lolbas-project.github.io/lolbas/Binaries/Certreq/

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-25 14:45:05 -06:00
Atomic Red Team GUID generator a8f00eb241 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-25 04:12:12 +00:00
frack113 af529da1e5 Add lolbin (#1979) 2022-05-24 22:11:43 -06:00
Atomic Red Team GUID generator 81681bd735 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-10 20:43:54 +00:00
frack113 9a3d6d4b5e Add lolbin test (#1933) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-10 14:43:25 -06:00
Atomic Red Team GUID generator a0ca031612 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-10 14:38:43 +00:00
Leo Verlod 7ca06f5892 Adding T1105 Test 21 - MAZE Propagation (#1918) 
* Adding T1105 Test 21 - MAZE Propagation

* Making requested changes to T1105 MAZE Propagation Script

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-10 08:38:16 -06:00
CircleCI Atomic Red Team GUID generator 8863882725 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-01-29 19:20:42 +00:00
Jay_darknight 8abff96c87 Added a new test for T1105 - cmdl32 LolBins (#1744) 
* Added a new test for T1105 - cmdl32 LolBins

* Added references

* chaning the bin folder to src based on suggesstion from clr2of8

* deleted bin

* changed the path for input arguments

Co-authored-by: Jayaram Rajamurugan <jrajamurugan@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-01-29 13:20:16 -06:00
Carrie Roberts 5bb5878e62 Cleaning up the Cleanup commands (#1685) 
* cleanup fixes

* cleanup fixes

* cleanup fixes
 2021-12-09 11:42:14 -07:00
CircleCI Atomic Red Team GUID generator 080294af8e Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 16:09:51 +00:00