08579bb5be
Generated docs from job=generate-docs branch=master [ci skip]
2022-12-30 00:42:18 +00:00
0dab0ee7e9
block regedit and cmd.exe ( #2260 )
2022-12-29 17:41:33 -07:00
8ecc8d8e62
Update T1610.yaml
...
Changed the name for the atomic test case, Added references to the description & Changed the path as recommended
2022-12-24 14:56:22 +05:30
6ac70b7b6d
Made changes as per the comment
...
Changed the name for the atomic test case, Added references to the description & Changed the path as recommended
2022-12-24 14:54:58 +05:30
25acadc0b4
Generated docs from job=generate-docs branch=master [ci skip]
2022-12-20 16:01:17 +00:00
5c710cc04e
Fixed Automated Collection Command Prompt variable call ( #2259 )
...
* Fixed Automated Collection Command Prompt variable call
While using the commands from a batch file the old code wont work because of the way the variable is being called.
The addition of '%' fixed the issue.
* Update T1119.yaml
* add slash
* Update T1564.004.yaml
* Update T1564.004.yaml
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2022-12-20 11:00:42 -05:00
84d9edaaaa
Generated docs from job=generate-docs branch=master [ci skip]
2022-12-17 15:46:08 +00:00
6564ab464e
Generate GUIDs from job=generate-docs branch=master [skip ci]
2022-12-17 15:46:01 +00:00
9c34bcb1a8
Create T1562.yaml ( #2258 )
...
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2022-12-17 10:45:29 -05:00
2fadd2287c
Generated docs from job=generate-docs branch=master [ci skip]
2022-12-16 21:55:22 +00:00
c17eeb2b66
move reference to description ( #2257 )
2022-12-16 16:54:51 -05:00
13e23151c8
Generated docs from job=generate-docs branch=master [ci skip]
2022-12-16 20:27:20 +00:00
204c86694e
Generate GUIDs from job=generate-docs branch=master [skip ci]
2022-12-16 20:27:13 +00:00
7fd3529b28
Update for name: Abuse Nslookup with DNS Records ( #2248 )
...
* Update for name: Abuse Nslookup with DNS Records
* custom nslookup function
* fix spacing
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2022-12-16 15:26:42 -05:00
12f2a903a8
Removed auto_generated_guid
2022-12-16 10:49:19 +05:30
f4338f3e0d
Added Deploying a docker
...
Fairly straight forward to deploy a container.
Details:
There was no test case for deploying a container in the atomic-red team and I was working with atomic red team so thought to create a pr for this feature
Testing:
Tested using ubuntu as the base image. It creates an image and runs that image to check that image is deployed properly.
It may take up to a couple of minutes to run due to image creation. If it hangs for longer than a minute, something went wrong.
Associated Issues:
None
2022-12-15 20:08:54 -08:00
d13230ced8
Added docker testcase for T1609.yaml
...
Fairly straight forward way to execute into a container.
Details:
The test was created for kubernetes and mitre framework also mentioned about docker. So created a second test for the same.
Testing:
Tested using ubuntuas the base image. If using just Docker, run the container(already present in the script) and execute the testcase.
It may take up to a minute to run due to image creation. If it hangs for longer than a minute, something went wrong.
Associated Issues:
None
2022-12-15 19:57:12 -08:00
fd2c5239c1
T1497.001 linux detect Virtualization - run both cmds
2022-12-15 17:30:43 -06:00
b86d24fd99
Generated docs from job=generate-docs branch=master [ci skip]
2022-12-14 23:10:06 +00:00
51c59e06d3
Generate GUIDs from job=generate-docs branch=master [skip ci]
2022-12-14 23:09:58 +00:00
54cc912687
Remote System Discovery - net group Domain Controller ( #2249 )
...
* Remote System Discovery - net group Domain Controller
Identify remote systems with net.exe querying the Active Directory Domain Controller. Upon successful execution, cmd.exe will execute cmd.exe against Active Directory to list the "Domain Controller" in the domain. Output will be via stdout.
* Update T1018.yaml
* Update T1018.yaml
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2022-12-14 18:09:24 -05:00
c17e4303bc
Generated docs from job=generate-docs branch=master [ci skip]
2022-12-14 22:50:55 +00:00
939774541e
Merge pull request #2243 from redcanaryco/clr2of8-patch-29
...
correct name
2022-12-14 14:50:22 -08:00
17a66b018f
Merge branch 'master' into clr2of8-patch-29
2022-12-14 13:42:35 -07:00
324b2a7401
Generated docs from job=generate-docs branch=master [ci skip]
2022-12-14 20:41:48 +00:00
09043e625c
Merge branch 'master' into clr2of8-patch-29
2022-12-14 13:41:37 -07:00
14271bcbc5
removing duplicate test ( #2239 )
...
* removing duplicate test
* add elevation required
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com >
2022-12-14 13:41:20 -07:00
45741c6c95
Generated docs from job=generate-docs branch=master [ci skip]
2022-12-14 20:35:27 +00:00
684a637c1a
fix typo, user temp directory ( #2238 )
...
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com >
2022-12-14 13:34:57 -07:00
9d2f6e05c9
Update T1567.002.yaml ( #2245 )
...
Removed tab from file which was causing parsing to break
2022-12-14 07:33:55 -07:00
5c1e6f1b4f
Generated docs from job=generate-docs branch=master [ci skip]
2022-12-07 01:40:37 +00:00
c6368a624d
Updating ATT&CK and Navigator ( #2244 )
...
This should update the Navigator layers from ATT&CK 11 to 12 and from Navigator 4.5.5 to 4.7.1
2022-12-06 18:39:57 -07:00
063610ad8e
correct name
2022-12-03 18:37:00 -05:00
ce55c6dfb1
Generated docs from job=generate-docs branch=master [ci skip]
2022-11-29 00:09:43 +00:00
747a28a689
Generate GUIDs from job=generate-docs branch=master [skip ci]
2022-11-29 00:09:36 +00:00
d4721d481c
adding credman gump using keymgr.dll ( #2242 )
...
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2022-11-28 19:09:04 -05:00
c65c1656a4
Generated docs from job=generate-docs branch=master [ci skip]
2022-11-29 00:06:26 +00:00
4fbdacf673
Generate GUIDs from job=generate-docs branch=master [skip ci]
2022-11-29 00:06:19 +00:00
414118431e
Tests to simulate misuse of secedit.exe ( #2241 )
...
* secedit config template
* added secedit based persistence
* added secedit based discovery
2022-11-28 19:05:09 -05:00
1e6c1c70fd
Generated docs from job=generate-docs branch=master [ci skip]
2022-11-24 14:10:04 +00:00
18baf6d730
T1560.002 :: Fix typo for gzip ( #2240 )
2022-11-24 09:09:26 -05:00
bfbb8be4e3
Generated docs from job=generate-docs branch=master [ci skip]
2022-11-21 20:42:04 +00:00
d1343687d4
Generate GUIDs from job=generate-docs branch=master [skip ci]
2022-11-21 20:41:57 +00:00
17b80161a4
adding atomic test T1055.003 ( #2237 )
...
* adding atomic test T1055.003
* adding atomic test T1055.003
2022-11-21 13:41:23 -07:00
9837b4fcd1
Generated docs from job=generate-docs branch=master [ci skip]
2022-11-21 14:43:35 +00:00
ee62e616b9
T1482 additional techniques ( #2236 )
...
* Updated T1482.md
Additional trust enumeration techniques.
* Update T1482.yaml
Additional trust enumeration techniques.
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2022-11-21 07:42:51 -07:00
6a621382ba
Generated docs from job=generate-docs branch=master [ci skip]
2022-11-18 16:23:19 +00:00
3c6c880503
Merge pull request #2231 from cnotin/pr-aad-federation-aadinternals
...
Use AADInternals for AAD federation attack
2022-11-18 11:22:43 -05:00
fdb6cdb7c6
Generated docs from job=generate-docs branch=master [ci skip]
2022-11-18 16:21:18 +00:00
696f2c1d72
Generate GUIDs from job=generate-docs branch=master [skip ci]
2022-11-18 16:21:12 +00:00
Atomic Red Team doc generator