security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

5173 Commits

Author SHA1 Message Date
Tony M Lambert 2dbe24c325 T1064 Scripting (#357) 2018-10-01 13:42:14 -07:00
CircleCI Atomic Red Team doc generator aed844bbc4 Generate docs from job=validate_atomics_generate_docs branch=master 2018-10-01 20:40:44 +00:00
Tony M Lambert f046d56246 T1027 Obfuscated Files or Information (#359) 
* T1027 Obfuscated Files or Information

* Fix extension
 2018-10-01 13:40:25 -07:00
Tony M Lambert e6166c4499 T1217 Browser Bookmark Discovery (#360) 2018-10-01 13:40:14 -07:00
caseysmithrc a61dbfbbb5 Component Object Model Hijacking (#354) 
* Component Object Model Hijacking

* Update T1122.yaml

* Generate docs from job=validate_atomics_generate_docs branch=Fix-1122-COMHijack
 2018-09-28 12:08:15 -07:00
caseysmithrc 789b2cfc59 Added '---' (#350) 2018-09-25 11:39:52 -07:00
Michael Haag ba64b21e2a T1126 fix (#341) 
* Resolve issue #340

Fixed #340

* Generate docs from job=validate_atomics_generate_docs branch=T1126-fix
 2018-09-18 08:38:22 -07:00
Tony M Lambert ef0b8f073e Hopefully this works remotely now 2018-09-14 20:49:10 -05:00
Tony M Lambert 62ed0f30ab Fix script again 2018-09-14 20:46:03 -05:00
Tony M Lambert 03adb61ee4 Added remote test, simplified script file 2018-09-14 20:35:48 -05:00
Tony M Lambert ddd0e81e54 Fix customer name 2018-09-14 16:21:39 -05:00
Tony M Lambert f344a573b7 Add MSXSL test to T1127 2018-09-14 16:20:25 -05:00
CircleCI Atomic Red Team doc generator d0a5bb7762 Generate docs from job=validate_atomics_generate_docs branch=T1140-Add 2018-09-14 13:34:52 +00:00
Michael Haag 52ca3f8b1b Added certutil rename 
Reference: https://www.fireeye.com/blog/threat-research/2018/09/apt10-targeting-japanese-corporations-using-updated-ttps.html

https://twitter.com/ItsReallyNick/status/1040402921777782784
 2018-09-14 08:34:29 -05:00
CircleCI Atomic Red Team doc generator 8b6116bffc Generate docs from job=validate_atomics_generate_docs branch=master 2018-09-13 20:33:22 +00:00
Jimmy Astle d5a791015b Minor update to cmstp.exe syntax 
need to add teh /s so this test runs without user interaction
 2018-09-11 15:36:29 -04:00
2*yo 909df7b204 Fix path of RegSvr32.sct 
`RegSvr32.sct` isn't in the `bin` folder.
 2018-09-11 15:49:39 +02:00
caseysmithrc 18ae6fb97a Merge pull request #335 from MSAdministrator/T1193-modifying-download-of-payload 
Added test for T1193 that downloads a macro-enabled excel sheet
 2018-09-06 21:33:25 -06:00
caseysmithrc 41073650e6 Merge pull request #338 from MSAdministrator/origin/T1060-adding-removal-of-registry-keys 
Adding removal of registry keys for T1060 based on issue #328
 2018-09-06 21:31:50 -06:00
Josh Rickard 823766d2c9 Adding removal of registry keys for T1060 based on issue #328 2018-09-06 21:56:10 -04:00
Josh Rickard 0738765238 Removing outdated tests for T1193 and Office/excel pre-check to test 2018-09-06 21:20:14 -04:00
caseysmithrc 0ed64ddf4a Merge pull request #336 from MSAdministrator/T1112-modifying-the-registry 
Add test for T1112 that modifies registry keys
 2018-09-06 07:23:03 -06:00
caseysmithrc 7aa0e28a90 Merge pull request #332 from redcanaryco/PowerShell-Executor.Command-Properties 
Power shell executor.command properties
 2018-09-06 07:06:14 -06:00
Josh Rickard 28c470b40c Add test for T1112 that modifies registry keys 2018-09-05 23:46:44 -04:00
Josh Rickard aa7e700a93 Added test for T1193 that downloads an macro-enabled excel sheet and opens your default web-browser 2018-09-05 21:49:22 -04:00
CircleCI Atomic Red Team doc generator 8778460f74 Generate docs from job=validate_atomics_generate_docs branch=Fix-T1170 2018-09-05 19:56:09 +00:00
caseysmithrc 7735933ba7 Fixed T1170 execution command 2018-09-05 13:55:53 -06:00
CircleCI Atomic Red Team doc generator 36b00a7d20 Generate docs from job=validate_atomics_generate_docs branch=PowerShell-Executor.Command-Properties 2018-09-05 18:58:23 +00:00
Michael Haag 165ab03d68 t1086 
fixed a executor
 2018-09-05 14:58:05 -04:00
CircleCI Atomic Red Team doc generator c03d202bd5 Generate docs from job=validate_atomics_generate_docs branch=PowerShell-Executor.Command-Properties 2018-09-05 15:35:37 +00:00
Michael Haag b512869c36 Powershell fixes 
Fixed per issue #322
 2018-09-05 11:35:24 -04:00
Michael Haag 626deed1ad T1033 fix 
Typo on T1033
 2018-09-05 11:25:52 -04:00
Michael Haag 7b57631c20 T1126 fix 
Fixed per issue #329
 2018-09-05 11:17:19 -04:00
Michael Haag a48a8de6da Merge pull request #324 from redcanaryco/technique-fixup-cs 
Technique fixup cs
 2018-09-05 10:45:28 -04:00
Michael Haag 643472f5ee Merge pull request #327 from redcanaryco/Fix-T1179 
Fix t1179
 2018-09-05 09:38:08 -04:00
Michael Haag ae0022cc32 Merge pull request #326 from redcanaryco/Fix-T1121 
Fix T1121
 2018-09-05 09:36:22 -04:00
Michael Haag f19fb29bfa Merge pull request #311 from redcanaryco/rootkit-T1014-Windows 
Rootkit T1014 windows
 2018-09-05 09:35:51 -04:00
caseysmithrc 11e9f88a62 Merge branch 'Fix-T1179' of https://github.com/redcanaryco/atomic-red-team into Fix-T1179 2018-09-05 07:35:12 -06:00
caseysmithrc 9e542eaad5 Removed MessageBox Prompt 2018-09-05 07:35:05 -06:00
CircleCI Atomic Red Team doc generator 7e8594e288 Generate docs from job=validate_atomics_generate_docs branch=Fix-T1179 2018-09-05 13:31:22 +00:00
caseysmithrc 2dfe7cce3f fix 2018-09-05 07:31:09 -06:00
caseysmithrc 32be456da1 Fixed Test 2018-09-05 07:30:14 -06:00
CircleCI Atomic Red Team doc generator deca346fcb Generate docs from job=validate_atomics_generate_docs branch=Fix-T1121 2018-09-05 12:16:41 +00:00
caseysmithrc cbe95e5a3a clean up 2018-09-05 06:15:36 -06:00
CircleCI Atomic Red Team doc generator 14cbfa95e9 Generate docs from job=validate_atomics_generate_docs branch=Fix-T1121 2018-09-05 02:44:59 +00:00
caseysmithrc 6a3cb5d779 Merge branch 'Fix-T1121' of https://github.com/redcanaryco/atomic-red-team into Fix-T1121 2018-09-04 20:44:47 -06:00
caseysmithrc da9748c7db parameterized path and source code 2018-09-04 20:44:37 -06:00
CircleCI Atomic Red Team doc generator 8418f40294 Generate docs from job=validate_atomics_generate_docs branch=Fix-T1121 2018-09-05 02:40:48 +00:00
caseysmithrc f85b47c2d2 T1121 Fixed Test 2018-09-04 20:40:31 -06:00
CircleCI Atomic Red Team doc generator 2e17e3d025 Generate docs from job=validate_atomics_generate_docs branch=technique-fixup-cs 2018-09-03 14:54:17 +00:00