security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

5173 Commits

Author SHA1 Message Date
Carl e66d81e45c Merge branch 'master' into T1036.006 2021-12-07 09:24:44 -07:00
Carl 5a1033bad6 Merge branch 'master' into T1036.006 2021-12-07 09:23:42 -07:00
CircleCI Atomic Red Team doc generator 2e0b4540be Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-12-07 16:23:41 +00:00
Carl d731ff90f6 Merge branch 'master' into T1003.008 2021-12-07 09:21:58 -07:00
CircleCI Atomic Red Team doc generator 6dc53a3a72 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-12-07 16:21:33 +00:00
Danvele 3ecfab37f7 Merge branch 'redcanaryco:master' into T1048.002 2021-11-24 10:03:25 +01:00
George Allen 1b2cbdba8d T1485 - constrains dd to write the original file size when overwriting 2021-11-23 22:39:51 +00:00
George Allen 9a304d3485 T1003.008 - tweak test to move arg off cmdline 2021-11-23 14:19:38 +00:00
George Allen e96ce08275 T1003.008: set elevation_required 2021-11-22 03:29:56 +00:00
George Allen 3468842c02 T1003.008 - fix guids (again) 
the previous guid fix attempt was done by deleting the auto_generated_guid
field, then running bin/generate-guids.rb. But I deleted the field under the
wrong, existing test. Swapped the new guid back under the new test, since this
didn't hit the jsons yet.
 2021-11-22 03:23:39 +00:00
George Allen 1c28bb0384 T1003.008 - fix copy/pasted guids 2021-11-22 03:19:29 +00:00
George Allen 50bb3347e2 T1036.006: adds the actual masquerading part 
Added execution, confirmed that the process name shows as `init ` via htop.

Between ART, echo, yaml, bash, &c, I could not just `echo '...' > file` with the
required escaping and had to resort to more drastic measures with `ed`
 2021-11-22 03:11:40 +00:00
George Allen 974334e776 T1036.006: tweak based on testing 2021-11-22 01:20:43 +00:00
George Allen 2e055a11b9 T1036.006 generate-guids 2021-11-22 01:05:59 +00:00
George Allen 56f162be2f T1027.004 generate-guids 2021-11-22 00:57:11 +00:00
George Allen 19011b569a T1069.001 - update existing test with: id, getent, cat group 2021-11-21 17:16:54 +00:00
George Allen ba45698be7 T1036.006 - add test for space after filename 2021-11-21 17:13:14 +00:00
George Allen d190d830db T1003.008 - additional tests 2021-11-21 17:11:37 +00:00
George Allen a0ba29cd43 adds new tests for compiling C,CC,Go 2021-11-21 17:01:26 +00:00
CircleCI Atomic Red Team doc generator 4b1bc4557e Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-19 18:43:15 +00:00
glallen 4a5881e343 Linux prereq updates (#1673) 
* T1070.003-9 update (get_)prereq_commmand

- moved system changes to the get_prereq(s)
- ubuntu `passwd` didn't accept `--stdin`
- updated get_prereqs for both ubuntu/centos

* T1016 - update prereq

* T1018 - update prereq

* T1562.001 - update rsyslog prereq

* T1560.001 updates dep check/install, update default likely to exist

switch to /var/log/wtmp and /var/log/btmp vs ${HOME}/*.txt, since those will
always be present

tests for zip in the prereq

adds deb/rpm install for zip

* T1486 - update getprereqs

* T1135 - update prereqs

* T1046 - update prereqs

* T1040 - update prereqs
 2021-11-19 11:42:46 -07:00
Danvele afb6714c80 Merge branch 'redcanaryco:master' into T1048.002 2021-11-17 12:56:31 +01:00
Daniel Danho 133317d806 Removed broken Windows check, saved elsewhere for a later commit 2021-11-17 12:54:25 +01:00
Daniel Danho 447d5fc601 Implemented initial test for T1048.002 on Linux 2021-11-17 11:47:00 +01:00
CircleCI Atomic Red Team doc generator 9d99436432 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-16 16:09:02 +00:00
CircleCI Atomic Red Team GUID generator 3101f0225d Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-16 16:08:57 +00:00
Carrie Roberts 64b06bc2dc Add lsass dump via NanoDump atomic (#1670) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-11-16 09:08:26 -07:00
CircleCI Atomic Red Team doc generator 6146dbfa24 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-16 16:04:07 +00:00
CircleCI Atomic Red Team GUID generator 274fa5584b Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-16 16:04:02 +00:00
Carrie Roberts 8fdb9ba016 Add golden ticket attack with Rubeus tool (#1668) 
* Add golden ticket attack with Rubeus tool

* update spacing

* clarify input arg desc
 2021-11-16 09:03:23 -07:00
CircleCI Atomic Red Team doc generator 22dd2fba1b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 17:27:38 +00:00
Josh Rickard 7c386fea12 Removed key from yaml - auto_generate_guid (#1669) 2021-11-15 10:27:01 -07:00
CircleCI Atomic Red Team doc generator e058cc65aa Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 17:01:26 +00:00
CircleCI Atomic Red Team GUID generator 2b19a51db5 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 17:01:21 +00:00
Carl 6c76a479aa Merge branch 'master' into T1053.006 2021-11-15 10:00:01 -07:00
CircleCI Atomic Red Team doc generator acbc93f04b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 16:56:25 +00:00
Carl 74bc0631de Merge branch 'master' into fix_python_test 2021-11-15 09:55:08 -07:00
CircleCI Atomic Red Team doc generator c75738380e Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 16:55:05 +00:00
CircleCI Atomic Red Team GUID generator 0e54e4cb93 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 16:55:00 +00:00
Carl 6fd073f2b0 Merge branch 'master' into fix_python_test 2021-11-15 09:54:49 -07:00
Carl 3e8b87aa40 Merge branch 'master' into t1124 2021-11-15 09:53:12 -07:00
CircleCI Atomic Red Team doc generator 45a72df216 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 16:40:52 +00:00
Carrie Roberts 3f34e8322f set domain programatically (#1667) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-11-15 09:40:21 -07:00
CircleCI Atomic Red Team doc generator 9ebf782b2f Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 16:38:44 +00:00
Carrie Roberts 66f06f62d9 set domain programatically (#1666) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-11-15 09:38:13 -07:00
CircleCI Atomic Red Team doc generator e9f25c654a Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 16:09:56 +00:00
CircleCI Atomic Red Team GUID generator 080294af8e Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-15 16:09:51 +00:00
Michael Haag df76fb17bd Curl - Upload a file (#1665) 
* T1105 - Curl for Windows

* Update T1105.yaml

* T1105 - Upload with Curl

* Update T1105.yaml

* Removed cleanup
 2021-11-15 09:09:21 -07:00
CircleCI Atomic Red Team doc generator f76dce59fa Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-11-10 00:55:10 +00:00
tlor89 41edb9d581 T-1110.001-Update (#1664) 
* T-1110.001-Update

* Update T1110.001.yaml

Co-authored-by: Toua Lor <tlor@nti.local>
 2021-11-09 17:54:45 -07:00