security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

6538 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jose Enrique Hernandez b20b72a9a8 Merge branch 'master' into T1546.004 2023-02-10 14:03:06 -05:00
rc-dbogle 2034b35190 Added two new tests to T1548.001 
Fixed minor typo in chmod command
 2023-02-09 15:10:20 -08:00
Atomic Red Team doc generator 78b49d87d2 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-09 16:13:03 +00:00
Atomic Red Team GUID generator 836b81b127 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-09 16:12:48 +00:00
Josh Rickard b4463e0d9c Merge pull request #2302 from biot-2131/T1048.003_http.server 
T1048.003 Python3 http.server
 2023-02-09 10:12:17 -06:00
Josh Rickard 42527f4bdf Merge branch 'master' into T1048.003_http.server 2023-02-09 10:11:27 -06:00
Atomic Red Team doc generator 9d9a7cc251 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-09 16:08:02 +00:00
Atomic Red Team GUID generator 1b886699f1 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-09 16:07:43 +00:00
Josh Rickard ba385b1251 Merge pull request #2301 from biot-2131/T1059.004_four_tests 
T1059.004 - Added four tests
 2023-02-09 10:07:13 -06:00
Josh Rickard efaae59060 Merge branch 'master' into T1059.004_four_tests 2023-02-09 10:05:53 -06:00
D4rkCiph3r 5c17c4668a minor update 2023-02-08 14:27:12 +05:30
D4rkCiph3r 424bb247a0 Update T1078.003.yaml 2023-02-08 14:23:24 +05:30
D4rkCiph3r b52925c839 Merge branch 'redcanaryco:master' into master 2023-02-08 14:20:18 +05:30
D4rkCiph3r 3c22d0867e Added 3 new testings - macOS 
3 new tests to add a new account and enable admin privileges
 2023-02-08 14:19:07 +05:30
Atomic Red Team doc generator 7d7049f64a Generated docs from job=generate-docs branch=master [ci skip] 2023-02-08 01:33:36 +00:00
Atomic Red Team GUID generator 291fef80f6 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-08 01:33:20 +00:00
Bhavin Patel f451e4ca24 Merge pull request #2304 from yogisec/T1552-007-all-secrets 
T1552.007 Kubernetes list all secrets
 2023-02-07 17:32:52 -08:00
Bhavin Patel 07bf46163d Merge branch 'master' into T1552-007-all-secrets 2023-02-07 17:27:08 -08:00
Biological Robot f11240fd8d Update T1059.004.yaml 2023-02-07 10:10:37 +00:00
Biological Robot 0279620882 Merge branch 'redcanaryco:master' into T1546.004 2023-02-07 10:07:58 +00:00
Biological Robot 37e7469b3a Merge branch 'master' into T1059.004_four_tests 2023-02-07 10:06:34 +00:00
Atomic Red Team doc generator 5fc044b874 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-06 22:16:07 +00:00
Josh Rickard 6dab7992a0 fix: fix: Adding missing index files (#2320) 
Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
 2023-02-06 15:15:23 -07:00
Josh Rickard 1fe727afc4 fix: Removing index files with colons (#2319) 
Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
 2023-02-06 15:07:17 -07:00
Josh Rickard 028a179f3f fix: Fixing index file names by removing colon and replacing with underscore (#2318) 
Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
 2023-02-06 15:01:14 -07:00
Atomic Red Team doc generator a7e555c092 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-06 20:20:38 +00:00
Josh Rickard 9913e9b23a fix: Fix unescaped backslash in description (#2317) 
Details:

When generating markdown documents, certain commands were not being parsed correctly when rendering strings from Mitre ATT&CK JSON objects. This PR fixes that issue by replacing double backslash with null strings in the technique['description'] portion of the ERB template.

Testing:

Generated docs and the only document/technique effected by this change is T1546.008. I know it's small but it helps.

Associated Issues:

fixed #1539
 2023-02-06 15:19:46 -05:00
Josh Rickard a24028a3e3 Add platform based indexes (#2311) 
* feat: Adding call to generate YAML index files broken out by platform type based on the supported_platforms array values.

* feat: Add new method generate_yaml_index_by_platform to generate yaml indexes based on the provided platform type

* feat: Added new method atomic_tests_for_technique_by_platform to retrieve techniques from API and add atomic_tests based on the provided platform vbalue

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-06 11:36:25 -07:00
Atomic Red Team doc generator d61000ff30 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-06 13:25:25 +00:00
Atomic Red Team GUID generator 0db5a0261a Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-06 13:25:17 +00:00
Paul Michaud ab7bfc70cc Merge pull request #2312 from redcanaryco/CertUtil 
Export Certificates
 2023-02-06 13:24:41 +00:00
Paul Michaud a17a26f2f9 Merge branch 'master' into CertUtil 2023-02-06 13:22:22 +00:00
Keith McCammon d3131e5583 Create stale.yml to close stale issues and PRs (#2315) 2023-02-04 18:22:43 -07:00
0xv1n 9c20512b68 Begin T1580 Coverage - AWS 
This commit adds coverage for AWS Cloud Discovery commands run from EC2. Stratus is utilized to spin up and tear down needed testing infrastructure, similar to other cloud coverage in the ART repo previously.
 2023-02-04 13:59:57 -05:00
biot-2131 44f5d3ce23 T1546.004 2023-02-04 13:59:36 +00:00
Michael Haag c0bba5e5ec Update T1552.004.yaml 2023-02-04 06:36:46 -07:00
Michael Haag 599e147cfd ExportPFX 2023-02-04 05:55:40 -07:00
Atomic Red Team doc generator cd3690b100 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-31 14:48:55 +00:00
Atomic Red Team GUID generator b12b28bf52 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-01-31 14:48:49 +00:00
Leo Verlod 1896e182c5 Adding T1112 Mimic Ransomware Registry Modification Tests (#2306) 
Adding T1112 tests 45 and 46 to emulate Mimic ransomware's ability to modify the registry in order to enable multiple user sessions locally, as well as allow multiple RDP sessions per user. 

Reference: https://www.trendmicro.com/en_us/research/23/a/new-mimic-ransomware-abuses-everything-apis-for-its-encryption-p.html

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-01-31 09:48:20 -05:00
Atomic Red Team doc generator 70b897d8d8 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-31 14:45:49 +00:00
Atomic Red Team GUID generator 8efb2a9443 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-01-31 14:45:42 +00:00
Leo Verlod fed5ad2204 Adding T1562.004 Test 18 - Blackbit - Disable Windows Firewall using netsh firewall (#2305) 
* Adding T1562.004 Test 18 - Blackbit - Disable Windows Firewall using netsh firewall

Adding T1562.004 Test 18 - Blackbit - Disable Windows Firewall using netsh firewall. Within BlackBit ransomware, one of the commands ran is "netsh firewall set opmode mode=disable". While "netsh firewall" has been deprecated and replaced with "netsh advfirewall", the old command still does work, leading to a vector that adversaries can use for firewall disablement.

* Adding error handling to cleanup
 2023-01-31 09:45:07 -05:00
yogisec 45964ab763 echo for prereq 2023-01-29 07:21:21 -06:00
yogisec 5173af83ae add missing | 2023-01-29 07:19:22 -06:00
yogisec 2f1cbadead adding get prereq command 2023-01-29 07:17:55 -06:00
yogisec 37e1fd7c4d initial 2023-01-29 06:49:35 -06:00
Biological Robot eed9c5b08d Merge branch 'master' into T1059.004_four_tests 2023-01-28 17:19:31 +00:00
biot-2131 4ed469e217 T1048.003 Python3 http.server 2023-01-28 09:19:12 +00:00
biot-2131 d15214994a T1059.004 - Added four tests 2023-01-28 08:38:16 +00:00