security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

6538 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CircleCI Atomic Red Team doc generator ac22c95011 Generate docs from job=validate_atomics_generate_docs branch=master 2019-09-05 01:04:02 +00:00
Carrie Roberts 75cfe33de9 Add GPP Password test definitions (#551) 
* add gpp tests

* error handling to work with ART

* search all xml files

* add verbose output

* use default path relative to atomics folder
 2019-09-04 19:03:45 -06:00
Carrie Roberts 968bf887c2 fail pre-req check if elevation required but not provided (#549) 
* add InputParameters example

* fail pre-req check if elevation required but not provided

* fail pre-req check if elevation required but not provided

* fail pre-req check if elevation required but not provided
 2019-09-04 10:52:24 -06:00
Carrie Roberts d7f2290669 allow caller to specify non-default input parameters (#547) 2019-09-03 19:29:04 -06:00
CircleCI Atomic Red Team doc generator 4bc6eb5ca1 Generate docs from job=validate_atomics_generate_docs branch=master 2019-09-03 20:13:44 +00:00
Nick McLoota c3dc0dc593 windows subtitle wasn't properly formatted (#527) 2019-09-03 14:13:34 -06:00
CircleCI Atomic Red Team doc generator 6e0c26b97c Generate docs from job=validate_atomics_generate_docs branch=master 2019-09-03 20:11:38 +00:00
Carrie Roberts 0859cb997a removing descriptions of xxx (left over from template) (#546) 
* removing descriptions of xxx (left over from template)

* update input param descriptions

* description update

* removing descriptions of xxx (left over from template)
 2019-09-03 14:11:18 -06:00
CircleCI Atomic Red Team doc generator 1848f84fda Generate docs from job=validate_atomics_generate_docs branch=master 2019-09-03 16:04:49 +00:00
Carrie Roberts ce07c60109 double quote fixes (#545) 2019-09-03 10:04:32 -06:00
CircleCI Atomic Red Team doc generator 3899ee00cf Generate docs from job=validate_atomics_generate_docs branch=master 2019-09-03 15:31:13 +00:00
n0lepointer e4981743f7 Add test for T1217 that looks for bookmarks from Google Chrome browser (#536) 2019-09-03 09:30:58 -06:00
CircleCI Atomic Red Team doc generator 159697cc2e Generate docs from job=validate_atomics_generate_docs branch=master 2019-09-03 15:21:17 +00:00
Carrie Roberts b3978a03b4 markdown fix for manual tests (#544) 2019-09-03 09:20:59 -06:00
CircleCI Atomic Red Team doc generator 84de04b082 Generate docs from job=validate_atomics_generate_docs branch=master 2019-09-03 13:37:19 +00:00
Carrie Roberts c0405724ec move cleanup/undo commands to cleanup_command attribute (#543) 2019-09-03 07:37:06 -06:00
CircleCI Atomic Red Team doc generator 499c751bcc Generate docs from job=validate_atomics_generate_docs branch=master 2019-09-03 13:36:10 +00:00
Carrie Roberts 3da3a89cf4 markdown fix (#541) 2019-09-03 07:35:52 -06:00
CircleCI Atomic Red Team doc generator d8ac1118b3 Generate docs from job=validate_atomics_generate_docs branch=master 2019-09-03 13:34:56 +00:00
Carrie Roberts 1bfefdacfc Add elevated (#542) 
* provide elevation_required attribute

* provide elevation_required attribute

* provide elevation_required attribute
 2019-09-03 07:34:42 -06:00
Carrie Roberts 749039f3b9 Remove Invoke-AllAtomicTests (#540) 
* use 'Invoke-AtomicTest All' instead of 'Invoke-AllAtomicTest'

* removing some outdated examples

* removing the older documentation
 2019-08-30 22:05:14 -06:00
Carrie Roberts 96d882444d Write test execution details to log file (#539) 2019-08-30 12:16:53 -06:00
CircleCI Atomic Red Team doc generator 440e85a9c8 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-30 15:42:59 +00:00
Carrie Roberts 019b63fdb5 Support for CheckPrereqs and Cleanup Commands (#531) 
* Support for CheckPrereqs and Cleanup Commands

* for powershell executor, report prereqs are met if no prereq_commands are given

* remove invoke call from end of file, commited accidentally
 2019-08-30 09:42:44 -06:00
CircleCI Atomic Red Team doc generator 75c332ac52 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-29 22:18:28 +00:00
Carrie Roberts 9f535f0547 add "elevation_required" attribute to test definition yaml (#532) 
* add elevation_required attribute to test definition yaml

* Update atomic_red_team/atomic_test_template.yaml

Co-Authored-By: Brian Beyer <brianebeyer@users.noreply.github.com>

* Update atomics/T1089/T1089.yaml

Co-Authored-By: Brian Beyer <brianebeyer@users.noreply.github.com>

* Update atomics/T1089/T1089.yaml

Co-Authored-By: Brian Beyer <brianebeyer@users.noreply.github.com>
 2019-08-29 16:18:07 -06:00
Brian Beyer 5f460b5a8f update all gems (#535) 2019-08-29 08:28:09 -06:00
dependabot[bot] 1571f4dcb0 Bump nokogiri from 1.10.1 to 1.10.4 (#534) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.1 to 1.10.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.1...v1.10.4)

Signed-off-by: dependabot[bot] <support@github.com>
 2019-08-29 08:10:56 -06:00
A. Didier 48ad5e308d Update rocke-and-roll-stage-01.sh (#533) 
Noticed this misspelling during a training session today.
 2019-08-29 07:36:47 -06:00
Michael Haag b51284297d Initial Access - Atomic Friday July 2019 (#530) 
Adding the following:
- New DragonsTail Chain reaction that does not execute Mimikatz.
- Generic .HTA file with supporting markdown file highlighting details.
- Generic `Atomic.doc` with supporting markdown file highlighting embedded macro.
- Guide (markdown) explaining how to zip files to simulate email borne threats.
- Simple guide on how to setup a "Listener" for C2 communication in Python and Powershell.
- Generate-Macro.ps1 - Builder script that will generate 8 different macro embedded XLS files to simulate macro techniques actively being used.
 2019-08-28 11:38:26 -07:00
CircleCI Atomic Red Team doc generator 604f7cd730 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-28 14:53:16 +00:00
weev3 6e65bbd146 Add T1196(Control Panel Item) (#521) 
* Add test for T1196 that pops calc.exe

* calc.cpl

* Rename T1196.md to T1196.yaml

* Create calc.cpp
 2019-08-28 08:53:05 -06:00
Carrie Roberts ac0546a494 Specify TTP as string, no need to call Get-AtomicTechnique first. Optionally specify individual attacks by atomic test # or name. (#525) 2019-08-27 20:32:00 -06:00
CircleCI Atomic Red Team doc generator 86486588cf Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-27 15:43:54 +00:00
zinint fa19b6b075 Add files via upload (#528) 2019-08-27 09:43:39 -06:00
CircleCI Atomic Red Team doc generator 3206a83186 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-27 15:40:20 +00:00
Makenzie Schwartz 3523ec7a1c T1097 - Move PTT atomic test to appropriate technique (#524) 
* Move Mimikatz PTT atomic from T1075 to T1097

* Update docs
 2019-08-27 09:40:03 -06:00
CircleCI Atomic Red Team doc generator 5898dab7e4 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-27 15:35:27 +00:00
Carrie Roberts 5f846ced08 Add test to T1089 that uninstalls sysmon (#529) 2019-08-27 09:35:15 -06:00
Michael Haag 26c8eae322 Install Atomic - Fixed Paths (#517) 
I reverted https://github.com/redcanaryco/atomic-red-team/issues/478 for the moment. @caseysmithrc and I will update the script to remove the `atomic-red-team-master` path. This will at least get you up and running today.

Issue #516
 2019-08-14 10:36:16 -06:00
Michael Haag c11d9e847d T1112 bracket fix (#523) 
* Fixed bracket

Fixed bracket causing error.

* Generate docs from job=validate_atomics_generate_docs branch=T1112-bracket-fix
 2019-08-14 10:33:55 -06:00
CircleCI Atomic Red Team doc generator 041777beb9 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-09 14:30:20 +00:00
Trevor Steen 4e979c26ed update formatting (#519) 2019-08-09 08:29:41 -06:00
CircleCI Atomic Red Team doc generator 4e1d01f56d Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-09 14:25:01 +00:00
Trevor Steen e82b207b66 updated code formatting (#520) 2019-08-09 08:24:44 -06:00
CircleCI Atomic Red Team doc generator 421b5c56a3 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-09 14:22:16 +00:00
Makenzie Schwartz fe943551bd Supply Invoke-AppPathBypass with Payload as argument (#522) 2019-08-09 08:21:58 -06:00
caseysmithrc 5f6ad32db2 Fix t1138path (#513) 
* Updating the path and description

* Generate docs from job=validate_atomics_generate_docs branch=fix-t1138path
 2019-06-14 14:06:29 -06:00
CircleCI Atomic Red Team doc generator 587dbb39e5 Generate docs from job=validate_atomics_generate_docs branch=master 2019-06-14 14:55:42 +00:00
caseysmithrc cd32b7cf92 Updated T1118 Path and Code (#510) 
* Update T1118.yaml

* Update T1118.cs
 2019-06-14 08:55:21 -06:00