security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,538 Commits 47 Branches 0 Tags
python_conversion
Commit Graph

6538 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
JoustingZebra 3ce7e7909a Create .gitignore 2021-10-29 16:51:23 -04:00
CircleCI Atomic Red Team doc generator 3c8cc63c7c Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-29 01:13:24 +00:00
tlor89 da09158d35 T1087.001-update (#1658) 
Co-authored-by: Toua Lor <tlor@nti.local>
 2021-10-28 19:12:47 -06:00
Arun 29824b76d5 T1124 - Get system date time in macOS using shell 2021-10-28 19:24:28 +05:30
CircleCI Atomic Red Team doc generator 776224b7d3 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-25 20:55:47 +00:00
CircleCI Atomic Red Team GUID generator d5265e52f5 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-25 20:55:42 +00:00
Rimsha3108 69c06b9086 Adding ConfigSecurityPolicy Exfil (#1656) 2021-10-25 14:55:19 -06:00
CircleCI Atomic Red Team doc generator 1bd61011ca Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-21 20:42:25 +00:00
CircleCI Atomic Red Team GUID generator 008a484545 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-21 20:42:20 +00:00
Michael Haag 5906bbec70 T1105 - Curl for Windows (#1653) 
* T1105 - Curl for Windows

* Update T1105.yaml

* ignore cleanup errors

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-21 14:41:48 -06:00
CircleCI Atomic Red Team doc generator e01633ef52 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-18 19:57:23 +00:00
Antoine Cauchois 05cc3b2ba0 Fix T1110.003 quote usage in PowerShell (#1651) 
In PowerShell, special characters are interpreted in double quotes. By using a single quote, the password won't change.
 2021-10-18 13:56:48 -06:00
CircleCI Atomic Red Team doc generator a99296a770 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-18 17:07:32 +00:00
CircleCI Atomic Red Team GUID generator b9b6e708c3 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-18 17:07:27 +00:00
Michael Haag 055f2b03e4 ServicePrincipleName Gathering T1558.003 (#1648) 
* ServicePrincipleName Gathering

* Fixes

* Update T1558.003.yaml

* Update T1558.003.yaml
 2021-10-18 11:07:06 -06:00
CircleCI Atomic Red Team doc generator 21bffa7a69 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-18 14:55:17 +00:00
Clément Notin 067187c3ba T1569.002: fix spelling (#1650) 2021-10-18 08:54:54 -06:00
CircleCI Atomic Red Team doc generator 61901c7089 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-15 23:15:04 +00:00
Jose Enrique Hernandez 5ca0cd8717 rebuilt T1027.yml (#1649) 
* just added dasta

* adding yaml

* fixing yaml

* maintain desc spacing

* keep original spacing

* spacing

* spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-15 17:14:30 -06:00
Carrie Roberts b8460f5d6a Merge branch 'master' into pr-domain-trust-modif 2021-10-15 14:14:32 -06:00
Vincent N cc313367cd Add missing quotes in wmic forgotten in fdf942f (#1645) 
Quoting wmic node option prevents the command from failing when the destination node dns name contains a hyphen

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-15 14:11:17 -06:00
CircleCI Atomic Red Team GUID generator e0add88f40 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-15 15:15:27 +00:00
devapriya16 80ac90e341 T1021.001_Update (#1647) 
Co-authored-by: Priya <dpriya@NTI.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-15 09:14:57 -06:00
CircleCI Atomic Red Team GUID generator d130f2d97e Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-15 15:13:17 +00:00
Wietze 9282894485 T1027: Add generic Command-Line Obfuscation (#1646) 
* T1027: Add generic command-line obfuscation

* remove guid so a new one will be auto-assigned

Co-authored-by: Wietze <wietze.beukema@pwc.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-15 09:12:44 -06:00
CircleCI Atomic Red Team doc generator 54ce1cb32b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 15:29:42 +00:00
forensictdev a563f57e9a Add spanish support to test (#1644) 
* Add spanish support to test

* Add quotes to localgroup name

Co-authored-by: gabofcg <gabelo005@gmail.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-08 09:29:00 -06:00
CircleCI Atomic Red Team doc generator 47bfc55de6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 15:27:30 +00:00
CircleCI Atomic Red Team GUID generator 814fe5c75d Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 15:27:25 +00:00
Vincent N 5798ea786a T1003.003 Add remote Shadow Copy creation over wmi (#1640) 
* Add remote Shadow Copy creation over wmi

* Add quotes for wmic node

Quoting wmic node option prevents the command from failing when the destination node dns name contains a hyphen

* Adjust default wmic parameters to run locally
 2021-10-08 09:26:53 -06:00
CircleCI Atomic Red Team doc generator 985f0a446a Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 02:02:54 +00:00
JoustingZebra e3b1ecdae4 Fixed missing dependency (msxsl.exe) (#1642) 
Added missing dependency (msxsl.exe)

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-07 20:02:28 -06:00
CircleCI Atomic Red Team doc generator e5de126fd6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 01:58:39 +00:00
CircleCI Atomic Red Team GUID generator 311de56693 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 01:58:34 +00:00
devapriya16 dc251e8ee5 RDP on Non Standdard Port (#1643) 
Co-authored-by: Priya <dpriya@NTI.local>
 2021-10-07 19:58:04 -06:00
CircleCI Atomic Red Team doc generator 57bf589ab7 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-01 14:37:22 +00:00
Vincent N fed35e3c21 T1003.003 wmic atomic bugfix (#1638) 
* Add missing trailing backslash causing the wmic command to fail with the default drive_letter string

* Fix typos

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-01 08:36:46 -06:00
CircleCI Atomic Red Team doc generator 69c0e80bce Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-01 14:33:29 +00:00
CircleCI Atomic Red Team GUID generator 68dd3dbf48 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-01 14:33:24 +00:00
zedutchmann 6d358b996c Updated T1548.002.yaml file (#1636) 
* Update T1548.002.yaml

Added (11) tests from UACMe project

* Update T1548.002.yaml

Added permalink for .zip file and changed descriptions

* Update T1548.002.yaml

* removed nonworking methods 37,58,65

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-01 08:33:02 -06:00
dependabot[bot] 114fe09474 Bump nokogiri from 1.11.4 to 1.12.5 (#1634) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.4 to 1.12.5.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.11.4...v1.12.5)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-09-29 09:50:08 -06:00
CircleCI Atomic Red Team doc generator ae39dcfe39 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-23 21:43:13 +00:00
CircleCI Atomic Red Team GUID generator a612eaebb9 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-23 21:43:08 +00:00
lucasRiley 16bd391f53 Wevtutil Event log Disable (#1633) 
* wevtutil sets the log and then disables it

* update input arg desc

Co-authored-by: Riley <lriley@NTI.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-09-23 15:42:33 -06:00
CircleCI Atomic Red Team doc generator 29fe641593 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-23 21:25:46 +00:00
CircleCI Atomic Red Team GUID generator c2d50e980f Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-23 21:25:41 +00:00
lucasRiley 32c8874944 Dns exfiltrator (#1631) 
* DNSExfiltrator

* DNSExfiltrator DoH

* updated input arg descriptions

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-09-23 15:25:08 -06:00
CircleCI Atomic Red Team doc generator 3c80fa064e Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-20 18:48:06 +00:00
CaptainMoss b8ba7470ca Update T1056.001.yaml (#1632) 
Why executor name is command prompt ? It should be 'sh' for linux platforms right ?
 2021-09-20 12:47:43 -06:00
CircleCI Atomic Red Team doc generator a0edb02b80 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-15 16:50:17 +00:00