security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

6538 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Brendan Malone d2cf4f16bb Uploaded swift keylogging script 2022-06-08 10:13:51 -05:00
Brendan Malone 749c30e4b6 Added MacOS Test for T1056.001 2022-06-08 10:13:11 -05:00
Brendan Malone 40917c1a65 Moved c script 2022-06-07 10:36:26 -05:00
Jose Enrique Hernandez 89c697c951 Merge branch 'master' into master 2022-06-04 23:05:22 -04:00
Atomic Red Team GUID generator d8f1820ef6 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-04 00:04:19 +00:00
tccontre a768529778 Creates Schedule task with hidden attribute settings (#1986) 
* Update T1112.yaml

* Update T1112.yaml

* typos

* Update T1087.002.yaml

* Update T1087.002.yaml

* Update T1087.002.yaml

* Add files via upload

* Update T1053_05_SCTASK_HIDDEN_ATTRIB.xml

* Update T1053.005.yaml

* Update T1053.005.yaml

* Update T1087.002.yaml

* Update T1087.002.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-06-03 18:03:49 -06:00
Atomic Red Team GUID generator 3d378b3924 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-03 22:48:12 +00:00
Ján Trenčanský 3ccb32ec78 WMI Persistence using ActiveScriptEventConsumer (#1987) 2022-06-03 16:47:47 -06:00
Brendan Malone df67a8aa4d Fixed not compiling 2022-06-03 10:23:25 -05:00
Brendan Malone 3e36aa671f MacOS Dylib injection for T1574.006 
reference: https://cedowens.medium.com/taking-esf-for-a-nother-spin-6e1e6acd1b74
 2022-06-02 14:57:35 -05:00
Brendan Malone 7748526bd4 C file for opening calc 2022-06-02 14:56:00 -05:00
Atomic Red Team GUID generator 5b1111f223 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-01 20:32:51 +00:00
Bhavin Patel a42be924d6 Merge pull request #1983 from javery-sysdig/patch-2 
Create T1611.002.yaml "Escape to Host"
 2022-06-01 13:32:12 -07:00
Bhavin Patel fa3a182989 Merge branch 'master' into patch-2 2022-06-01 13:30:54 -07:00
Atomic Red Team doc generator 3b83031d25 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-31 17:14:18 +00:00
Atomic Red Team GUID generator cc5498aee5 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-31 17:14:13 +00:00
Bhavin Patel 5c7c272b82 Merge pull request #1981 from Leomon5/patch-14 
Adding T1110.003 Test 7 - Password Spray with MSOLSpray
 2022-05-31 10:13:40 -07:00
Bhavin Patel 0d57af5887 Merge branch 'master' into patch-14 2022-05-31 10:12:43 -07:00
Atomic Red Team doc generator a111959d19 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-25 04:21:58 +00:00
Atomic Red Team GUID generator d9b7195f86 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-25 04:21:53 +00:00
IT-Native c02ec5c36e Changes file extension of Test 1195 so that the file is detected and … (#1982) 
* Changes file extension of Test 1195 so that the file is detected and there is no error anymore

* Update T1195.yaml

Co-authored-by: Georg Schlagholz <georg.schlagholz@it-native.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-24 22:21:26 -06:00
Atomic Red Team doc generator a888e0e7c9 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-25 04:12:17 +00:00
Atomic Red Team GUID generator a8f00eb241 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-25 04:12:12 +00:00
frack113 af529da1e5 Add lolbin (#1979) 2022-05-24 22:11:43 -06:00
Jason Avery be60206066 Create T1611.002.yaml "Escape to Host" 
Fairly straight forward way to escape a privileged docker container and compromise the host once getting root on the container.
 2022-05-24 11:16:30 -05:00
Leo Verlod 322f6843fa Adding T1110.003 Test 7 - Password Spray with MSOLSpray 2022-05-23 23:44:09 -05:00
Atomic Red Team doc generator 9e8bb918d5 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-19 23:05:53 +00:00
Atomic Red Team GUID generator 7846e9770a Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-19 23:05:48 +00:00
Carrie Roberts 908924d51f add a lightweight password spray test (#1978) 2022-05-19 17:05:21 -06:00
Atomic Red Team doc generator ebfc28708d Generated docs from job=generate-docs branch=master [ci skip] 2022-05-17 22:48:32 +00:00
Carrie Roberts c171910f63 typo fix (#1973) 2022-05-17 16:48:04 -06:00
Atomic Red Team doc generator 2007ac5d8d Generated docs from job=generate-docs branch=master [ci skip] 2022-05-17 22:25:12 +00:00
Atomic Red Team GUID generator a204b5bcfb Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-17 22:25:08 +00:00
Jesse Moore 0ba9c7ec9e Challenge Bounty T1615 LOL-cmdlet Get-GPO cmdlet (#1966) 
* ChallengeBounty T1615 LOLB Get-GPO cmdlet

* Added changes 

Took out variableInput and put in $ENV:userdnsdomain, on attack command also made the CheckPreqs say people need to install RSAT manually for GroupPolicy and ActiveDirectory. The cleanUp command won't take those RSAT modules out, but instead will remove the gpo_output file.  The GetPrereq might need a little work but shouldn't need it..... since the -CheckPrereq says to Manually install on Windows 10. Hope that works out.

* Update T1615.yaml

Glad you showed me the PreReq "if" command trick, I would of struggled with it, thank you. Thanks for pointing out the GetPreqs need to be in there separate areas, I don't think I've had to do that before. Ya, glad you had me look more into getting the Win10 to work; I was just going for win server but its nice to have both as an option, thanks for kindly suggesting.

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-17 16:24:48 -06:00
Atomic Red Team doc generator 086eb73ee8 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-17 16:51:43 +00:00
Atomic Red Team GUID generator 6dffd90b7f Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-17 16:51:38 +00:00
Leo Verlod df1f3bf6ce Create T1560.003 Test 1 (#1967) 
* Create T1560.003 test 1

* Add T1048.003 Test 6

* Delete T1560.003 (moved to T1048.003

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-17 10:51:09 -06:00
Atomic Red Team doc generator 989bef284b Generated docs from job=generate-docs branch=master [ci skip] 2022-05-17 00:07:30 +00:00
Atomic Red Team GUID generator 351ee2e429 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-17 00:07:25 +00:00
Leo Verlod f949628243 Adding T1555.003 Test 14 - Chrome Login Data Access (MacOS) (#1965) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-16 18:07:01 -06:00
Atomic Red Team doc generator 4c969327d5 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-16 14:38:51 +00:00
Jason Avery d6158d5f8d Fix T1574.006-1 CleanUp (#1968) 
Fix sed syntax to properly remove the test library from ld.so.preload.
 2022-05-16 08:38:18 -06:00
Atomic Red Team doc generator ef93c45591 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-13 01:57:09 +00:00
Atomic Red Team GUID generator db49bd847c Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-13 01:57:04 +00:00
tlor89 73f3c752a4 Update T1555.003.yaml (#1949) 
* Update T1555.003.yaml

Loot local Credentials - Invoke-WCMDump technique via function of WinPwn

* Update T1555.003.yaml

added mimi-kittenz for extracting juicy info from memory and Sharpweb gathering Browser Credentials

* Update T1555.003.yaml

update

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-12 19:56:38 -06:00
Atomic Red Team doc generator 812f7dcbaa Generated docs from job=generate-docs branch=master [ci skip] 2022-05-13 01:56:04 +00:00
Atomic Red Team GUID generator b3ab708511 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-13 01:56:00 +00:00
tlor89 3b2e6e7404 Update T1003.002.yaml (#1963) 
* Update T1003.002.yaml

add Loot local Credentials - Dump SAM-File for NTLM Hashes technique via function of WinPwn

* Update T1003.002.yaml

updated

* Update T1003.002.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-12 19:55:35 -06:00
Atomic Red Team doc generator 574a81359d Generated docs from job=generate-docs branch=master [ci skip] 2022-05-13 01:21:21 +00:00
Atomic Red Team GUID generator adebeb27d1 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-13 01:21:16 +00:00