* Update T1555.yaml
Loot local Credentials - Invoke-WCMDump technique via function of WinPwn
Loot local Credentials - Wifi Credentials technique via function of WinPwn
Loot local Credentials - Decrypt Teamviewer Passwords technique via function of WinPwn
* Update T1555.yaml
added name: powershell
* Update T1555.yaml
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* Extract credentials from Windows Credential Manager using vaultcmd.exe
* Replace external script dependency in T1555 with powershell command
* Add tests for both vaults in T1555
* T1555 fix name and description
* Revert "Replace external script dependency in T1555 with powershell command"
This reverts commit d8d6a7cf2bbc94a8240643ca600d9be62e0b697e.
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* Update T1204.002.md
Added lines to each test using IWR for invoke-webrequest to set the acceptable TLS versions for the commands to complete successfully by prepending the tests with
```[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12```
* Update T1555.yaml
added line to set ssl/tls version
* Update T1134.001.yaml
updated IWR lines to allow ssl/tls version 1.2
* Update T1069.002.yaml
added lines to every IWR instance to set ssl/tls version to 1.2
* Update T1558.003.yaml
added line to allow TLS/SSL 1.2
* Update T1033.yaml
added command to enable SSL/TLS v1.2
* Update T1055.012.yaml
added command to enable TLS/SSL v1.2
* Update T1115.yaml
Added command to enable SSL/TLS v1.2
* Update T1070.001.yaml
added command enabling SSL/TLS v 1.2
* Update T1564.yaml
added commands to enable SSL/TLS v 1.2
* Update T1566.001.yaml
added command to enable SSL/TLS V1.2
* Update T1135.yaml
added command to enable SSL/TLS v1.2
* Update T1055.yaml
added commands to enable TLS/SSL v 1.2
* Update T1110.003.yaml
added command to enable TLS/SSL v1.2
* Update T1003.yaml
Added command to enable TLS/SSL v1.2
* Update T1053.005.yaml
added command to enable TLS/SSL v1.2
* Update T1003.001.yaml
added commands to enable TLS/SSL v1.2 for any command using invoke-webrequest
* Update T1069.002.yaml
syntax correction
* Update T1134.001.yaml
syntax correction
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* New Dump credentials from Windows Credential Manager With PowerShell [windows Credentials & web Credentials]
* Update T1555.yaml
* Update T1555.yaml
* use permanent github link for script
* use github permanent link for script
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* Update maintainers.md
Remove reference to announcements channel, which has been created.
* Generate docs from job=validate_atomics_generate_docs branch=maintainers-updates
* Update maintainers.md
Updates to maintainers meeting purpose, scope, and agendas.
* Generate docs from job=validate_atomics_generate_docs branch=maintainers-updates
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Atomic Red Team doc generator