security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

5173 Commits

Author SHA1 Message Date
Bhavin Patel 78dd709e50 Merge branch 'master' into patch-3 2023-01-05 12:27:19 -08:00
Atomic Red Team doc generator c91b9c49a6 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-05 20:15:55 +00:00
Bhavin Patel f82a189443 Update T1610.yaml 
remove guid
 2023-01-05 12:15:47 -08:00
Atomic Red Team GUID generator 06001ce6a0 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-01-05 20:15:47 +00:00
Bhavin Patel 6e09a8d6b7 Merge branch 'master' into featureaddition 2023-01-05 12:14:21 -08:00
Atomic Red Team doc generator fb6aba6a73 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-05 19:25:21 +00:00
packetzero 32c65b84f2 cleanup 1110.001 4 SUDO brute debian (#2253) 
* cleanup 1110.001 4 SUDO brute debian

* Add echo to have success exit status

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2023-01-05 12:24:48 -07:00
Atomic Red Team doc generator 808ac9832d Generated docs from job=generate-docs branch=master [ci skip] 2023-01-05 18:17:13 +00:00
Atomic Red Team GUID generator 34a89d53e3 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-01-05 18:17:07 +00:00
packetzero 1a81100d17 Clean up T1546.005 linux TRAP (#2251) 
Cleans up a few things:
 - rather than modifying current shell, launches new one with -c argument.  This makes it easy to test EXIT trap.
 - previous was doing `nohup sh echo-art-fish.sh | bash` in trap. no need for the pipe to bash now.
 - I separated the EXIT and SIGINT traps. otherwise, it's not possible to tell which trap(s) executed.
 - The previous SIGINT case required user to hit CTRL+C.  now it's automated using signal
 - added cleanup. 
Tested on macOS BigSur and Ubuntu 20.04

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2023-01-05 11:16:34 -07:00
Atomic Red Team doc generator fc5e51dbb3 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-05 18:15:22 +00:00
packetzero 3f4996c8ff T1082 list linux kernel modules - remove sudo (#2234) 
* T1082 list linux kernel modules - remove sudo

Fix for #2233.  Remove unnecessary  `sudo` from T1082 "Linux list kernel modules" commands.  Add another mechanism to `cat /proc/modules`.

* change to grep proc modules

A little more interesting to grep the /proc/modules file rather than cat.

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2023-01-05 11:14:50 -07:00
Atomic Red Team doc generator 2b239f16b3 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-05 15:03:11 +00:00
Atomic Red Team GUID generator edace96a04 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-01-05 15:03:03 +00:00
Justin Schoenfeld da583c45ff change forwarding domain 2023-01-05 10:01:19 -05:00
Justin Schoenfeld b1fc7ca9fe Update T1114.003.yaml 2023-01-05 09:44:00 -05:00
Justin Schoenfeld 52bf96f197 Implement option email forwarding address 2023-01-05 09:43:34 -05:00
aman143kri 11ccc35807 Removed auto_generated_guid 
This was creating an error, hence removed
 2023-01-05 08:33:06 +05:30
aman143kri 8ba658e520 Update T1610.yaml 2023-01-05 08:29:02 +05:30
Bhavin Patel d64905e2af Merge branch 'master' into featureaddition 2023-01-04 18:19:07 -08:00
Justin Schoenfeld 174ff319bb Update T1114.003.yaml 2023-01-04 16:46:20 -05:00
Justin Schoenfeld c09c0afbd9 Update T1114.003.yaml 2023-01-04 16:44:01 -05:00
Justin Schoenfeld 95a9c36019 Update T1114.003.yaml 2023-01-04 16:36:17 -05:00
Justin Schoenfeld ef832dc7aa Create T1114.003.yaml 2023-01-04 16:25:29 -05:00
Atomic Red Team doc generator eeefbccf77 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-04 03:26:19 +00:00
Atomic Red Team doc generator 703af1c830 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-04 03:24:07 +00:00
çidem b0b413cc9d T1105 :: Correct remote_url, Change del to rm (#2265) 2023-01-03 22:23:39 -05:00
Atomic Red Team doc generator c2aca27df1 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-04 03:19:27 +00:00
Atomic Red Team GUID generator b5dde3c8f2 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-01-04 03:19:21 +00:00
Michael Haag 6db82cba9c T1505.004 - IIS Components & T1562.002 - Disable HTTP logging (#2266) 2023-01-03 22:18:53 -05:00
Atomic Red Team doc generator 9627003081 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-03 13:36:41 +00:00
Carrie Roberts fd7772813a corrected code so it will execute (#2263) 
* corrected code so it will execute

* elevation not needed

* update description
 2023-01-03 06:36:03 -07:00
Atomic Red Team doc generator 9a6e0425ff Generated docs from job=generate-docs branch=master [ci skip] 2022-12-30 16:02:40 +00:00
Atomic Red Team GUID generator 8036dec1c4 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-12-30 16:02:34 +00:00
devapriya16 4a4fd153d8 Update T1112.yaml (#2262) 
Enabling Restricted Admin Mode via Command_Prompt, enables an attacker to perform a pass-the-hash attack using RDP

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-12-30 11:02:04 -05:00
Atomic Red Team doc generator 08579bb5be Generated docs from job=generate-docs branch=master [ci skip] 2022-12-30 00:42:18 +00:00
Carrie Roberts 0dab0ee7e9 block regedit and cmd.exe (#2260) 2022-12-29 17:41:33 -07:00
aman143kri 8ecc8d8e62 Update T1610.yaml 
Changed the name for the atomic test case,  Added references to the description & Changed the path as recommended
 2022-12-24 14:56:22 +05:30
aman143kri 6ac70b7b6d Made changes as per the comment 
Changed the name for the atomic test case,  Added references to the description & Changed the path as recommended
 2022-12-24 14:54:58 +05:30
Atomic Red Team doc generator 25acadc0b4 Generated docs from job=generate-docs branch=master [ci skip] 2022-12-20 16:01:17 +00:00
Noy-s1 5c710cc04e Fixed Automated Collection Command Prompt variable call (#2259) 
* Fixed Automated Collection Command Prompt variable call

While using the commands from a batch file the old code wont work because of the way the variable is being called.
The addition of '%' fixed the issue.

* Update T1119.yaml

* add slash

* Update T1564.004.yaml

* Update T1564.004.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-12-20 11:00:42 -05:00
Atomic Red Team doc generator 84d9edaaaa Generated docs from job=generate-docs branch=master [ci skip] 2022-12-17 15:46:08 +00:00
Atomic Red Team GUID generator 6564ab464e Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-12-17 15:46:01 +00:00
Michael Haag 9c34bcb1a8 Create T1562.yaml (#2258) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-12-17 10:45:29 -05:00
Atomic Red Team doc generator 2fadd2287c Generated docs from job=generate-docs branch=master [ci skip] 2022-12-16 21:55:22 +00:00
Carrie Roberts c17eeb2b66 move reference to description (#2257) 2022-12-16 16:54:51 -05:00
Atomic Red Team doc generator 13e23151c8 Generated docs from job=generate-docs branch=master [ci skip] 2022-12-16 20:27:20 +00:00
Atomic Red Team GUID generator 204c86694e Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-12-16 20:27:13 +00:00
sai prashanth pulisetti 7fd3529b28 Update for name: Abuse Nslookup with DNS Records (#2248) 
* Update for name: Abuse Nslookup with DNS Records

* custom nslookup function

* fix spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-12-16 15:26:42 -05:00
aman143kri 12f2a903a8 Removed auto_generated_guid 2022-12-16 10:49:19 +05:30