security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

6538 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
WojciechLesicki 30af70bef9 Removing md file 2022-03-11 23:59:46 +01:00
WojciechLesicki 8578fc3308 Correct description 2022-03-11 23:52:07 +01:00
Wojciech Lesicki 3c9dfe7e80 Merge branch 'redcanaryco:master' into master 2022-03-11 23:50:15 +01:00
CircleCI Atomic Red Team doc generator 8aedc6cdd9 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-09 21:03:01 +00:00
Carrie Roberts 4e7a2ed599 fix prereq for screenshot test (#1805) 2022-03-09 14:02:31 -07:00
CircleCI Atomic Red Team doc generator 82df99e7c8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-09 16:16:04 +00:00
CircleCI Atomic Red Team GUID generator 455cd5837e Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-09 16:15:58 +00:00
Leo Verlod 5148b9db57 Adding T1003.007 Test 3 - MimiPenguin Usage (#1804) 
Adding T1003.007 Test 3 - Capture Passwords with MimiPenguin. This test is designed to run the MimiPenguin script, which takes advantage of a vulnerability in Ubuntu-based distros, as well as certain versions of GNOME Keyring, in order to capture passwords in cleartext. Upon successful execution, user passwords will be exported to a file and displayed on-screen.
 2022-03-09 09:15:17 -07:00
Araveti Esanya Reddy af719c41d2 udpated azure eventhub deletion scenario 2022-03-08 17:57:22 +05:30
CircleCI Atomic Red Team doc generator 6052b5118a Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-08 01:33:09 +00:00
SecWilson 42dd141032 Fixing Blackbyte Cleanup Commands (#1802) 
Co-authored-by: Wilson <SWilson@nti.local>
 2022-03-07 18:32:31 -07:00
Carrie Roberts 9186e32eb2 Merge branch 'master' into master 2022-03-07 11:35:13 -06:00
CircleCI Atomic Red Team doc generator 682d8d732b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-07 17:34:07 +00:00
CircleCI Atomic Red Team GUID generator 03c3400af9 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-07 17:34:02 +00:00
SecWilson 43fa5fb8a0 Blackbyte privilege escalation via Powershell (#1796) 
Co-authored-by: Wilson <SWilson@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-07 10:33:31 -07:00
CircleCI Atomic Red Team doc generator 7dd9d481b5 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-07 17:18:44 +00:00
CircleCI Atomic Red Team GUID generator a38b68f067 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-07 17:18:39 +00:00
Leo Verlod 5388982089 Adding T1059.003 Test 4 - BlackByte Print Bombing (#1799) 
Adding T1059.003 Test 4, which is designed to emulate the print bombing behavior observed in recent BlackByte ransomware attacks.

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-07 10:18:20 -07:00
CircleCI Atomic Red Team doc generator c81858120b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-07 16:39:15 +00:00
lucasRiley 999d18a36d T1059.005 Fix Cleanup and Prereq (#1798) 
Co-authored-by: Riley <lriley@NTI.local>
 2022-03-07 09:38:41 -07:00
WojciechLesicki 54f98b9930 Added one more newline :) 2022-03-06 19:15:00 +01:00
WojciechLesicki eb50e5b1e0 Adding new lines 2022-03-06 18:59:52 +01:00
WojciechLesicki 2be981e92d I added another atomic related to adding permission to the application in AzureAD. 2022-03-06 18:54:11 +01:00
CircleCI Atomic Red Team doc generator a3717a8c52 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-04 04:34:08 +00:00
CircleCI Atomic Red Team GUID generator b355887a3c Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-04 04:34:02 +00:00
Adam Mashinchi 4ace9f41d2 Update T1036.005.yaml (#1795) 
Cleanup file and add new test "Masquerade" test.

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-03 22:33:27 -06:00
Araveti Esanya Reddy 6b9b55ff88 Automated o365 Exchange Audit Log disabled scenario 2022-03-03 16:27:56 +05:30
CircleCI Atomic Red Team doc generator 0e616b34b3 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-02 22:00:09 +00:00
CircleCI Atomic Red Team GUID generator 28e7237bc1 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-02 22:00:03 +00:00
SecWilson b62ba2e548 Atomic that mimics recent Qakbot behavior (#1793) 
* Atomic that mimics recent Qakbot behavior

* small edits

removed elevation_required, shortened test name, made some readability updates.

Co-authored-by: Wilson <SWilson@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-02 14:59:28 -07:00
CircleCI Atomic Red Team doc generator 9d17172d5b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-02 20:37:37 +00:00
CircleCI Atomic Red Team GUID generator 150d0db325 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-02 20:37:30 +00:00
Leo Verlod a24baaf6da Adding T1217 Test 8 - List Safari Bookmarks (#1794) 
Adding T1217 Test 8 - List Safari Bookmarks for MacOS. This test locates any Safari bookmarks files and outputs the file paths to a text document.
 2022-03-02 13:36:51 -07:00
CircleCI Atomic Red Team doc generator 021449e282 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-28 19:20:26 +00:00
Carrie Roberts a1f4a9b8e2 move uacme.zip into RC repo (#1790) 
* move uacme.zip into RC repo

* set outfile
 2022-02-28 12:19:52 -07:00
dependabot[bot] e6dcefa095 Bump nokogiri from 1.12.5 to 1.13.3 (#1791) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.5...v1.13.3)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-26 14:58:50 -06:00
CircleCI Atomic Red Team doc generator 74bdf86845 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-24 21:32:47 +00:00
CircleCI Atomic Red Team GUID generator 3ebf9c41ff Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-24 21:32:42 +00:00
Leo Verlod c01fece41f Adding T1090.003 Test 4 - Tor Proxy Usage on MacOS (#1789) 
This test is designed to launch the Tor proxy service on MacOS.
 2022-02-24 14:32:16 -07:00
CircleCI Atomic Red Team doc generator 1693f83068 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-22 23:58:21 +00:00
CircleCI Atomic Red Team GUID generator 66ecac79c7 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-22 23:58:16 +00:00
BigPint 285db746a7 Initial creation of BlackByte Ransomware Registry Changes atomic (#1787) 
* Initial creation of BlackByte Ransomware Registry Changes atomic

* Updated T1112 Yaml

Added line at the end
Removed auto guid
added -cmd to test name

Co-authored-by: Wilson <SWilson@nti.local>
 2022-02-22 17:57:54 -06:00
CircleCI Atomic Red Team doc generator 021fe46502 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-22 15:39:03 +00:00
CircleCI Atomic Red Team GUID generator 319908bbc5 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-22 15:38:58 +00:00
Leo Verlod a50772cdf6 Adding T1090.003 Test 3 - Tor Usage on Debian/Ubuntu (#1786) 2022-02-22 08:38:30 -07:00
CircleCI Atomic Red Team doc generator 6bacc32286 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-21 17:35:33 +00:00
CircleCI Atomic Red Team GUID generator 79ff4f08bc Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-21 17:35:27 +00:00
frack113 771a4fba70 Sigma sysmon_susp_mic_cam_access (#1785) 2022-02-21 10:34:57 -07:00
CircleCI Atomic Red Team doc generator 2f802d60e7 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-18 18:00:32 +00:00
Bhavin Patel 2a1fa2498c Merge pull request #1784 from clr2of8/giturl 
github perm url
 2022-02-18 09:59:58 -08:00