security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

5173 Commits

Author SHA1 Message Date
Atomic Red Team doc generator 429bad7d5b Generated docs from job=generate-docs branch=master [ci skip] 2023-09-19 19:51:19 +00:00
Atomic Red Team GUID generator 9cb101bde7 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-09-19 19:51:00 +00:00
Maskit Ariely 33fa790c25 T1005 (#2532) 
* final test

* final test

* remove auto_generated_guid:

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-09-19 13:50:16 -06:00
Atomic Red Team doc generator fc49b11d8e Generated docs from job=generate-docs branch=master [ci skip] 2023-09-19 19:41:40 +00:00
Atomic Red Team GUID generator d604c832de Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-09-19 19:41:22 +00:00
Swachchhanda Shrawan Poudel f62d4c157c Modify Internet Zone Protocol Defaults in Current User Registry through PowerShell (#2534) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-09-19 13:40:44 -06:00
Atomic Red Team doc generator ac64299bcc Generated docs from job=generate-docs branch=master [ci skip] 2023-09-19 19:37:14 +00:00
final five three fantasy e1fa1bfd42 fixed some path errors (#2533) 
* Repair path error

* Repair path error

---------

Co-authored-by: ywliang <ywliang@Hillstonenet.com>
 2023-09-19 13:35:57 -06:00
Atomic Red Team doc generator 980f3f83fd Generated docs from job=generate-docs branch=master [ci skip] 2023-09-14 13:27:41 +00:00
Atomic Red Team GUID generator 9c8e0a75aa Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-09-14 13:27:17 +00:00
Ryan Plas a297bbc206 T1564.003 - Headless Browser Mockbin (#2529) 
* T1564.003 - Headless Browser Mockbin

* Update T1564.003.yaml

---------

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2023-09-14 07:26:24 -06:00
Atomic Red Team doc generator b76b49523e Generated docs from job=generate-docs branch=master [ci skip] 2023-09-13 01:31:11 +00:00
Atomic Red Team GUID generator 2ce6565ace Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-09-13 01:30:53 +00:00
Nasreddine Bencherchali 39534eb4ed Update T1112.yaml (#2522) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-09-12 19:30:08 -06:00
Atomic Red Team doc generator 205e8b3149 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-13 01:28:09 +00:00
Atomic Red Team GUID generator c973f6a07c Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-09-13 01:27:43 +00:00
Maskit Ariely 6dd26cd1f3 T1567.003 (#2523) 
* init

* finished test

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-09-12 19:26:54 -06:00
Atomic Red Team doc generator 5d76ff7aa1 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-13 01:22:52 +00:00
Atomic Red Team GUID generator bd99b04a31 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-09-13 01:22:34 +00:00
Thomas Meng d2562f763a T1055.002 Process Injection: (Fileless) Portable Executable Injection (#2524) 
* Add new T1055 process injection test named dirty vanity

* Fix typos

* Update build.bat

* Delete atomics/T1055/T1055.yaml.bak

* T1055.002 Process Injection: Portable Executable Injection implemented and tested on both Windows 10 and 11. Bypassed Windows defender. A messagebox spawned with message Atomic Red Team

* Update T1055.002 proc privilege level

* Fix some small issues related to code compliation with different compilers in different archs

* Update T1055.002.md

Update documentation for T1055.002

* Update T1055.002.md

Update clean up command

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-09-12 19:21:55 -06:00
Atomic Red Team doc generator 53f605e142 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-12 19:14:33 +00:00
Carrie Roberts 5dc57a112a handle spaces in file path (#2527) 2023-09-12 15:13:14 -04:00
Atomic Red Team doc generator 4624b2c995 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-12 02:52:27 +00:00
Atomic Red Team GUID generator a68b2cfabe Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-09-12 02:52:08 +00:00
art-labs 0c57c49f1b Update T1055.yaml (#2526) 
removing invalid guid. a new one will be automatically assigned by github actions
 2023-09-11 20:51:30 -06:00
Bhavin Patel edf3453ac2 Merge branch 'master' into T1021.005 2023-09-11 11:35:06 -07:00
Bhavin Patel d597a5e021 Merge branch 'master' into T1098.003-2 2023-09-11 11:33:15 -07:00
Thomas Meng 886ede1606 Process injection dirty vanity (#2520) 
* Add new T1055 process injection test named dirty vanity

* Fix typos

* Update build.bat

* Delete atomics/T1055/T1055.yaml.bak

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-09-06 12:28:11 -06:00
Atomic Red Team doc generator 9eeb1cd6f0 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-06 17:24:36 +00:00
Atomic Red Team GUID generator f902e6d232 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-09-06 17:24:18 +00:00
Scoubi 7f2a7db461 Update T1564.004.yaml (#2521) 
Include a test to test twitter.com/pfiatde/status/1681977680688738305
It creates a directory that you can only access by specifying '::$index_allocation' even if not shown in the name of the folder. It then create a file called 'secrets.txt' to hide information/payloads
 2023-09-06 11:23:30 -06:00
Atomic Red Team doc generator 38368fe078 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-02 01:36:39 +00:00
Atomic Red Team GUID generator 81d3e7889a Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-09-02 01:36:21 +00:00
IntelScott 947edecd81 Update T1021.001.yaml (#2517) 
Add new test (Disable NLA for RDP via Command Prompt)
 2023-09-01 19:35:35 -06:00
Hare Sudhan 65fe70a420 adding T1021.005 
adding T1021.005
 2023-08-31 12:20:43 -04:00
Kyaw-Pyiyt-Htet-Mikoyan 5562068aa2 Update T1082.yaml (#2516) 2023-08-29 21:43:06 -06:00
blueteam0ps 48702a9d62 Adding Simulate - Post BEC persistence via user password reset followed by user added to company administrator role 2023-08-26 05:44:16 -07:00
Atomic Red Team doc generator ca7374abdb Generated docs from job=generate-docs branch=master [ci skip] 2023-08-15 01:05:57 +00:00
Atomic Red Team GUID generator b472e5f639 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-08-15 01:05:39 +00:00
CyberBilly7 a82678a616 Update T1564.yaml (#2510) 
NirCmd is used by threat actors to execute commands, which can include recon and privilege escalation via running commands via the SYSTEM account

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-08-14 19:04:57 -06:00
Atomic Red Team doc generator 48e7be16d5 Generated docs from job=generate-docs branch=master [ci skip] 2023-08-15 01:03:29 +00:00
Atomic Red Team GUID generator befa9a2a43 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-08-15 01:03:08 +00:00
Michael Haag 55301cf3a3 Customshellhost (#2509) 
* Adding CustomShellHost

* Update T1218.yaml

* fixed
 2023-08-14 19:02:11 -06:00
Atomic Red Team doc generator 6765527ef0 Generated docs from job=generate-docs branch=master [ci skip] 2023-08-05 00:48:02 +00:00
Atomic Red Team GUID generator 447d3f4705 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-08-05 00:47:44 +00:00
BlueTeamOps d8aa2f4f70 Create T1098.003.yaml (#2478) 
* Create T1098.003.yaml

* add header info

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Bhavin Patel <bhavin.j.patel91@gmail.com>
 2023-08-04 19:47:06 -05:00
Atomic Red Team doc generator 6af8c8fe51 Generated docs from job=generate-docs branch=master [ci skip] 2023-08-03 17:15:53 +00:00
Atomic Red Team GUID generator b928bdc3a3 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-08-03 17:15:35 +00:00
Bhavin Patel 136266bcea Merge branch 'master' into master 2023-08-03 09:33:50 -07:00
Atomic Red Team doc generator eec95b5b86 Generated docs from job=generate-docs branch=master [ci skip] 2023-08-02 03:24:15 +00:00