security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

6538 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Atomic Red Team doc generator 167123c18d Generated docs from job=generate-docs branch=master [ci skip] 2023-02-22 02:06:30 +00:00
Atomic Red Team GUID generator 0ea8334a99 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-22 02:06:14 +00:00
IntelScott 41ed45bbdb Add new test - Windows time Command (#2337) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-21 19:05:49 -07:00
Atomic Red Team doc generator 833a7d910b Generated docs from job=generate-docs branch=master [ci skip] 2023-02-22 02:02:55 +00:00
Clément Notin 4babecb60e Minor English fixes (#2339) 2023-02-21 19:02:06 -07:00
Jose Enrique Hernandez e6b9d61bfe Merge branch 'master' into Awfulshred-TTPs 2023-02-21 20:53:15 -05:00
Clément Notin fc5a75efd1 Use -Filter instead of Where-Object to improve perf and avoid missed items 
-Filter is the recommended way to filter objects because it filters them at the source (AAD)
instead of fetching everything and filtering on the client. So the perf are better.
Moreover, by default the cmdlets returns a limited number of items so it can miss stuff
(except if using -All like it was done in some cases)
 2023-02-21 14:33:47 +01:00
D4rkCiph3r 6798df9620 Merge branch 'redcanaryco:master' into patch-3 2023-02-21 11:20:17 +05:30
D4rkCiph3r 73edc25a41 Merge branch 'redcanaryco:master' into patch-2 2023-02-21 11:20:03 +05:30
D4rkCiph3r bb23c59f41 Merge branch 'redcanaryco:master' into patch-1 2023-02-21 11:19:45 +05:30
D4rkCiph3r b1303b68d2 Merge branch 'redcanaryco:master' into T1078.003 2023-02-21 11:18:30 +05:30
Atomic Red Team doc generator 7cfbdc1449 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-21 04:36:32 +00:00
Nathan McNulty 41393c010f Fix T1543.001 Test 2 Defaults (#2338) 
Co-authored-by: Nathan McNulty <nathanmcnulty@outlook.com>
 2023-02-20 21:35:11 -07:00
biot-2131 bdb575c823 T1110.001 updated two tests 2023-02-18 09:43:35 +00:00
D4rkCiph3r 6cd755321b Update T1070.002.yaml 
Minor modifications
 2023-02-18 14:07:34 +05:30
D4rkCiph3r 2f1c0e9f76 Update T1070.002.yaml 2023-02-18 13:18:46 +05:30
D4rkCiph3r b1bda776fe Update T1070.002.yaml 
New tests added:
1. Delete system log files using unlink utility
2. Delete system log files using shred utility
3. Delete system log files using srm utility
4. Delete system log files using OSAScript
5. Delete system log files using Applescript
6. Delete system log files using JXA
7. System log file deletion using Cocoa API - 1
8. System log file deletion using Cocoa API - 2

Minor modifications to "System log file deletion using find utility"

The scripts will be available in "src" location
 2023-02-18 12:55:58 +05:30
D4rkCiph3r 024d22c960 Added new tests (T562) - macOS 
New tests added:
1. Disable journal logging
2. Disable journal logging via journald.conf

The man pages of the respective utilities can be referred
 2023-02-18 11:19:56 +05:30
D4rkCiph3r 70fde6a40f Added new tests - T1070.002 (macOS and Linux) 
New tests added:

Delete log files using built-in log utility
Truncate system log files
Delete log files by appending null bytes
System log file deletion using find utility
Delete system logs using syslog utility
Overwrite macOS system log using echo utility
Real-time system log clearance/deletion
Delete system journal logs
The man pages of respective utilities can be referred for the same
 2023-02-18 10:41:11 +05:30
D4rkCiph3r 9184e421e9 Added new test case - T1027.001 
Added a new test case.
Minor changes to the existing test case.
 2023-02-17 18:19:33 +05:30
Atomic Red Team doc generator 3da64960cd Generated docs from job=generate-docs branch=master [ci skip] 2023-02-16 16:27:28 +00:00
Atomic Red Team GUID generator 018ecb6ee7 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-16 16:27:08 +00:00
Jose Enrique Hernandez c5cf8ce6b3 Merge pull request #2316 from johnbrydon/T1614.001_add_sys_lang_test 
T1614.001: Add discovery tests for linux
 2023-02-16 11:26:35 -05:00
Jose Enrique Hernandez 268846b19b Merge branch 'master' into T1614.001_add_sys_lang_test 2023-02-16 11:22:19 -05:00
tccontre bd2d2ae1ed Update T1562.001.yaml 2023-02-16 11:09:44 +01:00
Atomic Red Team doc generator b3bbf28256 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-15 20:20:24 +00:00
Atomic Red Team GUID generator 5847dca08c Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-15 20:20:07 +00:00
Bhavin Patel 28934201ad new atomic post testing (#2307) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2023-02-15 13:19:34 -07:00
John Brydon 07a3a13019 T1614.001: Add grep to environment commands to keep output concise 
Signed-off-by: John Brydon <jbrydon@secureworks.com>
 2023-02-14 19:51:16 +00:00
John Brydon 29d2cdcbce T1614.001: Add exit for failed deps test 
Signed-off-by: John Brydon <jbrydon@secureworks.com>
 2023-02-14 19:51:16 +00:00
John Brydon 543cd253db T1614.001: Add discovery tests for linux 
Signed-off-by: John Brydon <jbrydon@secureworks.com>
 2023-02-14 19:51:16 +00:00
Atomic Red Team doc generator 8da17a40cc Generated docs from job=generate-docs branch=master [ci skip] 2023-02-14 18:33:21 +00:00
Josh Rickard c690a13984 fix: Updating format of 2 yaml defintions for new schema (#2330) 
* fix: Updating format of 2 yaml defintions for new schema

* fix: Updating T1048

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
 2023-02-14 11:32:38 -07:00
Josh Rickard 2c2d29d2ca Merge branch 'master' into T1078.003 2023-02-14 11:47:38 -06:00
Atomic Red Team doc generator 89a2c90aae Generated docs from job=generate-docs branch=master [ci skip] 2023-02-14 16:16:58 +00:00
Carrie Roberts d56cc45551 doesn't exfil data as written (#2329) 2023-02-14 09:15:58 -07:00
Atomic Red Team doc generator 16594d72c5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 23:11:19 +00:00
Josh Rickard a5dd0813cd fix: Updating atomics YAML file structure to align with the new JSON schema definition (#2323) 
* fix: Updating atomics YAML file structure to align with the new JSON schema definition.

This also fixes some white space issues and general line formatting across all impacted atomics.

* fix: One additional change needed

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 16:10:37 -07:00
Josh Rickard 78bd56f47a ci: Updating duration for stale issues before they close. (#2322) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 15:55:02 -07:00
Atomic Red Team doc generator e2e66117b8 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 22:53:46 +00:00
Biological Robot f50d13881d T1546.004_II (#2324) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 15:53:06 -07:00
Atomic Red Team doc generator 7168ecda1e Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 22:50:58 +00:00
Atomic Red Team GUID generator 4cc2099338 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-13 22:50:40 +00:00
Michael Haag ee8b35e90a Update T1552.004.yaml (#2327) 2023-02-13 15:49:26 -07:00
rc-dbogle 1263730a1d Merge branch 'master' into T1548_001_add_find_cmds 2023-02-13 10:09:40 -07:00
Biological Robot a8076269ce Update T1059.004.yaml 2023-02-12 15:22:08 +00:00
biot-2131 7a411af7f6 T1059.004 Added two tests 2023-02-12 15:14:01 +00:00
Atomic Red Team doc generator 18767571a5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-10 19:15:02 +00:00
Atomic Red Team GUID generator 08c23c0d81 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-10 19:14:46 +00:00
Jose Enrique Hernandez aa566c116b Merge pull request #2313 from biot-2131/T1546.004 
T1546.004 added three tests
 2023-02-10 14:14:17 -05:00