security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

6538 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Atomic Red Team GUID generator 4fb5bddaff Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-01-18 21:53:49 +00:00
sai prashanth pulisetti b28f61b5e1 Update T1020.yaml -Add New Atomic Test for T1020 - Exfiltration via Encrypted FTP (#2656) 
* Update T1020.yaml

Atomic Test #2 - Exfiltration via Encrypted FTP
Simulates encrypted file transfer to an FTP server, representing stealthy data exfiltration methods.

* Update T1020.yaml

updated notes

* Update T1020.yaml

updated line 50

* move notes to description, remove empty tags

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-18 15:52:59 -06:00
sai prashanth pulisetti d626e7ed29 Update T1580.yaml 2024-01-19 00:27:12 +05:30
sai prashanth pulisetti 5348c67b51 Update T1580.yaml 
removed un supported formats
 2024-01-19 00:12:24 +05:30
sai prashanth pulisetti 13da08ba97 Update T1580.yaml 
updated with 
dependencies:
  - description: AWS CLI installed and configured with the necessary access rights.
    prereq_command: type aws || aws --version
    get_prereq_command: |
      if [ "$(uname)" = "Darwin" ] || [ "$(expr substr $(uname) 1 5)" = "Linux" ]; then
        curl "https://aws.amazon.com/cli/" -o "Install-AWSCLI.sh" && sh Install-AWSCLI.sh
      elif [ "$(expr substr $(uname) 1 5)" = "MINGW" ]; then
        Invoke-WebRequest -Uri "https://aws.amazon.com/cli/" -OutFile "Install-AWSCLI.ps1"; .\Install-AWSCLI.ps1
      fi
 2024-01-18 14:37:01 +05:30
sai prashanth pulisetti 73b75c2db7 Update T1580.yaml 2024-01-18 14:32:39 +05:30
sai prashanth pulisetti 6796db1ee1 Update T1580.yaml 2024-01-18 14:31:00 +05:30
sai prashanth pulisetti 1ba98b5f23 Update T1580.yaml 
updated :

supported_platforms:
  - windows
  - macos
  - linux
  - iaas:aws
 2024-01-18 14:29:17 +05:30
sai prashanth pulisetti 8ec468e6e2 Update T1580.yaml 
updated supported_platforms:
iass:aws
 2024-01-18 14:27:31 +05:30
sai prashanth pulisetti b80b06ad72 Update T1580.yaml AWS - EC2 Security Group Enumeration 
Simulate an attacker's action to enumerate EC2 Security Groups in a compromised AWS environment.
 2024-01-18 14:21:45 +05:30
Atomic Red Team doc generator 32d9b8c9f5 Generated docs from job=generate-docs branch=master [ci skip] 2024-01-17 21:46:45 +00:00
Atomic Red Team GUID generator 7b0ba0b341 Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-01-17 21:46:21 +00:00
Leo Verlod b8e521c714 Adding T1543.006 Test 6 - Modify Service to Run Arbitrary Binary (Powershell) (#2653) 
* Adding T1543.006 Test 6

* Update T1543.003.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-17 15:44:54 -06:00
publish bot 2723c2f750 updating atomics count in README.md [ci skip] 2024-01-03 22:23:55 +00:00
Ikko Eltociear Ashimine 71a478e525 Update README.md (#2649) 
Github -> GitHub

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-03 16:23:17 -06:00
Atomic Red Team doc generator 49f738b461 Generated docs from job=generate-docs branch=master [ci skip] 2024-01-03 22:12:30 +00:00
Atomic Red Team GUID generator cb9433117b Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-01-03 22:12:17 +00:00
rosan091 f1c38b0670 Msedge proxy execution (#2647) 
Co-authored-by: unknown <administrator@ADAWS.COM>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-03 16:11:43 -06:00
Atomic Red Team doc generator bd7e635b21 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-28 15:35:40 +00:00
Hare Sudhan 00c9f11bbe Update T1221.yaml (#2648) 2023-12-28 09:34:49 -06:00
Atomic Red Team doc generator e1164d3054 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-27 17:58:55 +00:00
dwhite9 06ebf05785 Added the "-c" option to adfind commands. (#2645) 
* Added the "-c" option to adfind commands. This will cause it to print a
count of the returned objects instead of the actual objects. This is
very useful for large environments and allows it run quicker without
actually exposing any sensitive information.

* Adding the code to allow specifying optional arguments at runtime instead of hardcoding the -c to allow more flexibility per this request:
https://github.com/redcanaryco/atomic-red-team/pull/2645#pullrequestreview-1795339526

---------

Co-authored-by: dwhite <n/a>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Co-authored-by: dwhite9 <n@a>
 2023-12-27 11:58:02 -06:00
publish bot de637b370b updating atomics count in README.md [ci skip] 2023-12-22 21:43:36 +00:00
Hare Sudhan 460135314e Github Codespace added (#2644) 
* Create devcontainer.json

* devcontainers added

* devcontainers added

* add setup files

* Update README.md
 2023-12-22 15:43:02 -06:00
Atomic Red Team doc generator b998ba7370 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-20 03:35:19 +00:00
Tessa Georgen c30ed0fe85 Remove improper extra field from T1562.010.yaml (#2642) 2023-12-19 20:34:27 -07:00
Atomic Red Team doc generator a79c9e0e82 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-14 15:28:03 +00:00
Atomic Red Team GUID generator 7f3f0be18b Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-14 15:27:50 +00:00
BlueTeamOps 9ba4043595 ESXi ART Tests Batch 1 (#2635) 
* ESXi Tests Batch 1

* remove duplicate key

* Update T1082.yaml

Updated the binary location to ExternalPayloads folder and also added the folder creation in GetPreReqs

* Update T1083.yaml

Added External Payloads and included folder creation in GetPreReqs

* Update T1129.yaml

Added ExternalPayloads refence. 
Added folder creation in GetPreReqs
Move the reference of the vib to src

* Update T1529.yaml

Added External Payloads folder and added folder creation step to GetPreReqs

* Update T1529.yaml

987c9b4d-a637-42db-b1cb-e9e242c3991b - added external payloads

* Update T1562.010.yaml

Added External Payloads reference and folder creation to GetPreReqs

* Moved the vib to src

* Delete atomics/T1129/bin directory

* Delete atomics/T1082/bin directory

* Delete atomics/T1083/bin directory

* Delete atomics/T1562.010/bin directory

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-14 08:27:13 -07:00
Atomic Red Team doc generator 2dcdc27df7 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-14 04:47:22 +00:00
AJ King 8bca554bc8 Update T1555.003.yaml - typo fix (#2637) 2023-12-13 21:46:31 -07:00
咸鱼型233 b37aaabcd5 fixed path error (#2629) 
* fixed path error

* add cleanup commands

* updating atomics count in README.md [ci skip]

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: publish bot <opensource@redcanary.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-13 15:26:00 -06:00
Atomic Red Team doc generator 810de6cc88 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-13 20:51:58 +00:00
Théo Letailleur fff607c240 [FIX] T1047 - fix tightvnc path (#2636) 2023-12-13 14:50:54 -06:00
Atomic Red Team doc generator d7c45a052d Generated docs from job=generate-docs branch=master [ci skip] 2023-12-07 02:56:57 +00:00
Atomic Red Team GUID generator 8d8fdce249 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-07 02:56:42 +00:00
tccontre de8f541aaa T1112 - DarkGate Registry Modification (#2633) 
* T1112 - DarkGate Registry Modification

* Update T1112.yaml

* Update T1112.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-06 21:56:04 -05:00
Atomic Red Team doc generator 866d5adfa4 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-07 02:50:35 +00:00
Tessa Georgen da79b028aa fix misc formatting errors/extra fields (#2634) 2023-12-06 21:49:46 -05:00
Atomic Red Team doc generator b2bc904f4c Generated docs from job=generate-docs branch=master [ci skip] 2023-12-04 18:56:01 +00:00
Atomic Red Team GUID generator cc6a655d63 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-04 18:55:44 +00:00
PhyoPaingHtun ChiLai bb601df2f8 Update T1112.yaml (Scarab Ransomware Defense Evasion Activities & Me… (#2625) 
* Update T1112.yaml (Scarab Ransomware Defense Evasion Activities  & Merdoor Backdoor Persistence Activities)

Scarab Ransomware Defense Evasion Activities 
Merdoor Backdoor Persistence Activities

* Update T1112.yaml (Update Merdoor Backdoor article)

* Update T1112.yaml (Update Syntax Error)

* Update T1112.yaml (Update Syntax Error)

* Update T1112.yaml

---------

Co-authored-by: PhyoPaingHtun ChiLai <83696447+PhyoPaing777@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-04 12:55:07 -06:00
Atomic Red Team doc generator 6607ee34b6 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-04 18:35:28 +00:00
Atomic Red Team GUID generator 966bf4b50d Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-04 18:35:11 +00:00
Leo Verlod b9ff7d2f85 Adding T1555.003 Test - Dump Chrome Login Data with esentutl (#2628) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-04 12:34:29 -06:00
Atomic Red Team doc generator e6fb2beca0 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-04 18:31:49 +00:00
Atomic Red Team GUID generator d46b0d874e Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-04 18:31:36 +00:00
PhyoPaingHtun ChiLai 0e7356bccb Update T1112.yaml (Update Disable FIDO Authentication) (#2626) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-04 12:30:59 -06:00
Atomic Red Team doc generator d8b3cefbdb Generated docs from job=generate-docs branch=master [ci skip] 2023-12-01 21:29:03 +00:00
Atomic Red Team GUID generator 5c63f2082e Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-01 21:28:45 +00:00