security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

6538 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
sai prashanth pulisetti a2a74b30e9 Update T1070.003.yaml 2024-03-13 18:58:10 +05:30
sai prashanth pulisetti a128b9981a Update T1070.003.yaml 
Clear Docker Container Logs
 2024-03-13 18:53:48 +05:30
Atomic Red Team doc generator a492a7390c Generated docs from job=generate-docs branch=master [ci skip] 2024-03-10 22:24:16 +00:00
chandangupta1997 2340af5ccc Update T1040.yaml Link was broken (#2721) 
Link is broken Might be a typo :-https://1.eu.dl.wireshark.org/win64/Wireshark-win64-latest.exe

Correct Link :-https://1.eu.dl.wireshark.org/win64/Wireshark-latest-x64.exe
 2024-03-10 18:23:29 -04:00
Hare Sudhan 64c84cac97 Merge branch 'master' into patch-7 2024-03-07 20:06:16 -05:00
Atomic Red Team doc generator 8be0e2d8a4 Generated docs from job=generate-docs branch=master [ci skip] 2024-03-07 18:25:32 +00:00
Atomic Red Team GUID generator 5ed75190b2 Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-03-07 18:25:13 +00:00
Bhavin Patel c4a5113db0 Merge pull request #2688 from W00glin/master 
T1613 - Podman
 2024-03-07 10:24:26 -08:00
Bhavin Patel e218a8a775 Update T1613.yaml 
Updated the Atomic File in a correct format as per the comments.
 2024-03-07 10:20:22 -08:00
Bhavin Patel 4cf246e1ed Merge branch 'master' into master 2024-03-07 10:15:48 -08:00
Bhavin Patel 9d4056fdbf Merge branch 'master' into patch-7 2024-03-07 10:11:24 -08:00
Atomic Red Team doc generator 4e9698e67c Generated docs from job=generate-docs branch=master [ci skip] 2024-03-07 02:20:46 +00:00
Badoodish e4129551f7 Update T1562.003.yaml (#2717) 
Corrected executor for powershell cmdlet test.
 2024-03-06 19:19:55 -07:00
Atomic Red Team doc generator 2d82fc9563 Generated docs from job=generate-docs branch=master [ci skip] 2024-03-06 19:35:27 +00:00
Atomic Red Team GUID generator dd87338bc0 Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-03-06 19:35:14 +00:00
Badoodish 7d311f19f1 Update T1562.003.yaml (#2716) 
Corrected the MITRE ATT&CK subtechnique name at top of the file.
Added two new tests for disabling Windows Command Line Auditing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-03-06 13:34:39 -06:00
publish bot 9877156eec updating atomics count in README.md [ci skip] 2024-03-06 16:43:12 +00:00
Raghav_Singh 097ed862cc New Tests: T1001.002 - Data Obfuscation: Steganography (#2695) 
* Create T1001.002.yaml

* Create T1001.002.md

* Update T1001.002.yaml

* Update T1001.002.yaml

* Delete atomics/T1001.002/T1001.002.md

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-03-06 10:42:19 -06:00
BF 3e5736d57c Merge branch 'master' into master 2024-03-05 09:23:18 -08:00
Atomic Red Team doc generator 029110b694 Generated docs from job=generate-docs branch=master [ci skip] 2024-03-01 19:23:30 +00:00
Atomic Red Team GUID generator 82729bc3bc Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-03-01 19:23:17 +00:00
jandress 498aecdb83 New test: T1542.001 - 'UEFI Persistence via Wpbbin.exe File Creation' (#2714) 
* New test: T1542.001 - 'UEFI Persistence via Wpbbin.exe File Creation'

* Update T1542.001.yaml

---------

Co-authored-by: jandress <1542666+jandress@users.noreply.github.com>
 2024-03-01 13:22:39 -06:00
Atomic Red Team doc generator de85398163 Generated docs from job=generate-docs branch=master [ci skip] 2024-03-01 17:54:31 +00:00
Zitni Handoo 13937a18f4 Fix T1071.001 Test 2 (#2713) 
Test #2 for T1071.001 is currently not working properly, since the pre-requisite command is incorrect.
This change is to fix the md and yaml files to update the URL for curl
 2024-03-01 11:53:40 -06:00
Atomic Red Team doc generator 11a5b66c38 Generated docs from job=generate-docs branch=master [ci skip] 2024-02-29 01:57:59 +00:00
Atomic Red Team GUID generator f7c26683f5 Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-02-29 01:57:47 +00:00
Leo Verlod 133cc748ff Adding T1134.001 Test 5 - JuicyPotato (#2711) 
* Update T1134.001.yaml

* Update T1134.001.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-02-28 19:57:14 -06:00
Atomic Red Team doc generator 03aa370b35 Generated docs from job=generate-docs branch=master [ci skip] 2024-02-29 01:53:08 +00:00
Atomic Red Team GUID generator 91a921ee4f Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-02-29 01:52:56 +00:00
collinmsec 610573612b Update T1120.yaml (#2710) 
* Update T1120.yaml

Added fsutil drive discovery for the technique of Peripheral Device Discovery

* Update T1120.yaml

Made some changes due to error in the workflow

* Update T1120.yaml

Made changes to remove several items

* Update T1120.yaml

Changes made

* Update T1120.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-02-28 19:52:23 -06:00
Atomic Red Team doc generator 78c918a02e Generated docs from job=generate-docs branch=master [ci skip] 2024-02-29 01:28:02 +00:00
Atomic Red Team GUID generator 07e40226c9 Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-02-29 01:27:49 +00:00
Pattharadanai Sanitjairak aa236952ec Creating new test for T1059 and T1071 (#2708) 
* Adding T1059 and T1071

* Update T1071.md

* Delete atomics/T1071/src directory

* Add files via upload

* change localhost to 127.0.0.1 in T1070.yaml

* Update T1071.md

* Update T1071.md

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-02-28 19:27:14 -06:00
Atomic Red Team doc generator cc2ac1e0c1 Generated docs from job=generate-docs branch=master [ci skip] 2024-02-29 01:20:49 +00:00
Atomic Red Team GUID generator d017a40f10 Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-02-29 01:20:32 +00:00
Matt Anderson af587464f6 Update T1112.yaml (#2709) 
* Update T1112.yaml

Added Powershell method to modify Wdigest registry setting to store cleartext credentials.

* remove redundant powershell.exe

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-02-28 19:19:52 -06:00
BF ac82f6da9b Merge branch 'master' into master 2024-02-27 11:25:44 -08:00
Atomic Red Team doc generator ef76a8b32c Generated docs from job=generate-docs branch=master [ci skip] 2024-02-26 19:51:20 +00:00
Atomic Red Team GUID generator 344dea9fbd Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-02-26 19:51:04 +00:00
swathinator 29e3c6eb8f Update RustDesk T1219.yaml (#2706) 
* Update RustDesk T1219.yaml

Update RustDesk T1219

* Update T1219.yaml

* Update T1219.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-02-26 13:50:20 -06:00
Atomic Red Team doc generator e9b9f2ed7b Generated docs from job=generate-docs branch=master [ci skip] 2024-02-26 15:24:49 +00:00
Atomic Red Team GUID generator c09d2a3748 Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-02-26 15:24:32 +00:00
sai prashanth pulisetti b166507614 Update T1030.yaml Network-Based Data Transfer in Small Chunks (#2658) 
* Update T1030.yaml Network-Based Data Transfer in Small Chunks

# Atomic Test # - T1030 - Data Transfer Size Limits: Network-Based Data Transfer in Small Chunks

## Objective

Simulate the technique of transferring data over a network in small chunks to evade size-based detection mechanisms.

## Description

This test involves transferring data over a network (either to a controlled external endpoint like `example.com`) in small, segmented sizes. This simulates an adversary's behavior in conducting stealthy data exfiltration.

* Update T1030.yaml

* Update T1030.yaml

removed clean up commands and detection

* Update T1030.yaml

* Update T1030.yaml

updated guid

* Update T1030.yaml

* Update T1030.yaml

updated intendents

* Update T1030.yaml

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-02-26 09:23:55 -06:00
Jake H edea906548 Implementation of venv into Windows Python atomics (#2703) 
* Improve pip handling (#1)

* virtual env added to T1018, tested and confirmed working

* virtual env added to T1003.001, tested and confirmed working

* virtual env added to T1555.003, tested and confirmed working

* Removing pip-autoremove installation as not required

* updating atomics count in README.md [ci skip]

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Co-authored-by: publish bot <opensource@redcanary.com>
 2024-02-26 09:19:26 -06:00
Atomic Red Team doc generator 5aef5da247 Generated docs from job=generate-docs branch=master [ci skip] 2024-02-26 15:17:23 +00:00
Atomic Red Team GUID generator 05fc04f419 Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-02-26 15:17:09 +00:00
chefengineer a09cebd1a3 Adding new test for T1654 for Enumerate Windows Security Log (#2704) 
* Adding new test for T1654 for Enumerate Windows Security Log via WevtUtil

Adding new test for T1654 for Enumerate Windows Security Log via WevtUtil

* Update T1654.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-02-26 09:16:32 -06:00
publish bot d7cdd5d68a updating atomics count in README.md [ci skip] 2024-02-26 15:08:34 +00:00
dependabot[bot] 61733d1e90 Bump actions/checkout from 3 to 4 (#2705) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-26 09:07:37 -06:00
publish bot 8daf92f314 updating atomics count in README.md [ci skip] 2024-02-25 01:30:51 +00:00