security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,615 Commits 47 Branches 0 Tags
remove_ruby
Commit Graph

93 Commits

Author SHA1 Message Date
philhagen-rc 113f30c97c Attack v19 migration (#3329) 2026-05-01 23:10:14 -04:00
Atomic Red Team doc generator 962983c3ac Generated docs from job=generate-docs branch=master [ci skip] 2026-03-18 05:07:16 +00:00
Vladan Sekulic f2268cc35e Enhance T1027/T1027.013 obfuscation tests: character array & password-protected ZIP (#3279) 
Co-authored-by: Bhavin Patel <bhavin.j.patel91@gmail.com>
 2026-03-18 10:36:21 +05:30
Atomic Red Team doc generator 9f6a1eab36 Generated docs from job=generate-docs branch=master [ci skip] 2026-02-18 16:55:45 +00:00
Atomic Red Team doc generator 376bf2a64d Generated docs from job=generate-docs branch=master [ci skip] 2026-02-18 16:46:29 +00:00
Atomic Red Team doc generator 5ede8f21e4 Generated docs from job=generate-docs branch=master [ci skip] 2025-02-13 22:03:40 +00:00
Atomic Red Team doc generator c3dc8abb84 Generated docs from job=generate-docs branch=master [ci skip] 2023-11-13 21:46:56 +00:00
Hare Sudhan 7dfdc97d79 FreeBSD Cleanup (#2603) 
* FreeBSD Cleanup

* cleanup

* fix t1016

* reducing multiline if else to single line

* fix t1037.003

* ignore T1003.007

* fix t1003.007

* more fixes
 2023-11-13 16:45:43 -05:00
Atomic Red Team doc generator ad2d7c8f13 Generated docs from job=generate-docs branch=master [ci skip] 2023-11-06 22:42:54 +00:00
Hare Sudhan 62a85c12b5 FreeBSD changes (#2585) 
* freebsd changes

* renaming freebsd to linux
 2023-11-06 17:41:43 -05:00
Atomic Red Team doc generator 4d6c4e8e23 Generated docs from job=generate-docs branch=master [ci skip] 2023-11-02 00:56:51 +00:00
Atomic Red Team GUID generator 16b5287208 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-11-02 00:56:30 +00:00
Jose Enrique Hernandez 2c1db3e4dd Merge branch 'master' into master 2023-11-01 19:10:13 -04:00
five-three c95ca8a5af Improve the getprereqs command 2023-10-27 11:45:01 +08:00
Atomic Red Team doc generator 04e487c182 Generated docs from job=generate-docs branch=master [ci skip] 2023-10-07 19:26:58 +00:00
Carrie Roberts 62f83972c5 use external payloads directory (#2554) 
Co-authored-by: Hare Sudhan <code@0x6c.dev>
 2023-10-07 15:25:51 -04:00
Atomic Red Team doc generator a007c274f6 Generated docs from job=generate-docs branch=master [ci skip] 2023-10-03 17:39:50 +00:00
Carrie Roberts d667fffea2 correct url (#2552) 
* correct url

* Update T1027.yaml
 2023-10-03 11:38:37 -06:00
Atomic Red Team doc generator ccdf46f389 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-29 14:41:30 +00:00
Antonio Piazza f68822b349 Added ExternalPayloads directory (#2545) 
* Added ExternalPayloads dir creation

* Created ExternaPayloads Dir

Created ExternaPayloads Directory using powershell command

* Added External Payloads Dir

Added External Payloads Directory using a powershell command for all Procedures.

* Fixed ExternalPayload directory creation

Fixed ExternalPayload directory creation.  Got rid of the Split path

* Created External Payloads directory

Created External Payloads directory for procedure 14d55ca0-920e-4b44-8425-37eedd72b173

* Update T1003.002.yaml

Added ExternalPayloads directory creation PowerShell command for procedure 804f28fc-68fc-40da-b5a2-e9d0bce5c193

* Update T1110.004.yaml

Added Powershell Command to creat ExternalPayloads dir for the second prereq for procedure 4852c630-87a9-409b-bb5e-5dc12c9ebcde.

* Update T1110.001.yaml

Added ExrernalPayload directory creation PowerShell command for procedure 59dbeb1a-79a7-4c2a-baf4-46d0f4c761c4
prereq 2

* Added ExternalPayloads Dir

Added Powershell command to create new ExternalPayloads dir for procedure fad04df1-5229-4185-b016-fb6010cd87ac

* Add ExternalPayloads Dir

Added PowerShell Command to create new ExternalPayloads directory for procedure c6f25ec3-6475-47a9-b75d-09ac593c5ecb

* Added prereq download directories

Added powershell command to create prereq download directories for procedure 6f2c5c87-a4d5-4898-9bd1-47a55ecaf1dd

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-09-29 08:40:27 -06:00
Atomic Red Team doc generator a228ee8656 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-22 19:15:21 +00:00
Carrie Roberts d4709021fb Handle spaces in file paths (#2535) 
* updating atomics count in README.md [ci skip]

* wip

* handle spaces in path

* update readme

* fix typo

---------

Co-authored-by: publish bot <opensource@redcanary.com>
 2023-09-22 10:47:25 -06:00
Atomic Red Team doc generator cef46e4479 Generated docs from job=generate-docs branch=master [ci skip] 2023-06-15 16:17:12 +00:00
Carrie Roberts 068d32b1ea use ExternalPayloads directory (#2460) 
* use ExternalPayloads directory

* use ExternalPayloads directory

* use ExternalPayloads directory
 2023-06-15 10:16:12 -06:00
Alonso Cárdenas 3b8d0af302 Remove auto_generated_guid lines from new entries 
Some other tiny modifications
 2023-06-09 09:11:41 -05:00
Alonso Cárdenas 86913f3573 Merge branch 'master' of https://github.com/alonsobsd/atomic-red-team 2023-06-01 22:03:39 -05:00
Atomic Red Team doc generator a95bc62be4 Generated docs from job=generate-docs branch=master [ci skip] 2023-05-31 20:57:54 +00:00
Atomic Red Team GUID generator d7191cd8b1 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-05-31 20:57:30 +00:00
KillrBunn3 f19429af8c New test under T1027: Executing zipped JavaScript using WScript (#2447) 
* Update T1027.yaml

This test is intended to closely emulate Gootloader's patterns of execution - launching a js file through wscript after being unpacked from a .zip.

* leave prereq files in place

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-05-31 15:56:36 -05:00
Atomic Red Team doc generator a59de488ff Generated docs from job=generate-docs branch=master [ci skip] 2023-05-31 20:51:23 +00:00
KillrBunn3 65294196d0 Spelling adjustments (#2448) 
Looking over the YAMLs mostly, only changes for readability or accuracy
 2023-05-31 15:50:22 -05:00
Atomic Red Team doc generator b1f3c968f2 Generated docs from job=generate-docs branch=master [ci skip] 2023-05-19 17:06:33 +00:00
Atomic Red Team GUID generator 2a51677203 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-05-11 20:40:32 +00:00
Michael Haag 1ebcb346f6 Snake Malware Atomic Tests 2023-05-11 12:40:31 -06:00
Alonso Cárdenas f1c5a9be03 Add FreeBSD support 2023-05-08 11:06:08 -05:00
Atomic Red Team doc generator 16594d72c5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 23:11:19 +00:00
Josh Rickard a5dd0813cd fix: Updating atomics YAML file structure to align with the new JSON schema definition (#2323) 
* fix: Updating atomics YAML file structure to align with the new JSON schema definition.

This also fixes some white space issues and general line formatting across all impacted atomics.

* fix: One additional change needed

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 16:10:37 -07:00
Atomic Red Team doc generator 71bedf4947 Generated docs from job=generate-docs branch=master [ci skip] 2022-06-26 00:11:09 +00:00
Brendan Malone 1497723728 Updated T1027 i0 with cleanup and non-builtin command 
We were having a hard time detecting this one because echo is a built-in command. In addition, this test has no cleanup. Added both cleanup and a bash/sh command
 2022-06-23 14:10:17 -05:00
Adam Mashinchi 2ad7e31f5b Update T1027.yaml (#1733) 
Remove nested `executor` found by community member!
 2022-01-19 15:57:11 -07:00
CircleCI Atomic Red Team doc generator 82eb639321 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-01-18 14:13:44 +00:00
Carrie Roberts 40b9704888 making test manual to avoid execution errors (#1727) 
* making test manual to avoid execution errors

* Update T1027.yaml

* Update T1027.yaml
 2022-01-18 07:13:23 -07:00
CircleCI Atomic Red Team doc generator 61901c7089 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-15 23:15:04 +00:00
Jose Enrique Hernandez 5ca0cd8717 rebuilt T1027.yml (#1649) 
* just added dasta

* adding yaml

* fixing yaml

* maintain desc spacing

* keep original spacing

* spacing

* spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-15 17:14:30 -06:00
CircleCI Atomic Red Team GUID generator d130f2d97e Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-15 15:13:17 +00:00
Wietze 9282894485 T1027: Add generic Command-Line Obfuscation (#1646) 
* T1027: Add generic command-line obfuscation

* remove guid so a new one will be auto-assigned

Co-authored-by: Wietze <wietze.beukema@pwc.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-15 09:12:44 -06:00
CircleCI Atomic Red Team doc generator bc21f59ff0 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-04 00:21:31 +00:00
Josh Rickard 1513717eb2 Updating atomics to conform to standard (#1619) 
* Updated format of input_argument types for Url

* Updated type for input_arguments to Url (missed)

* Updating Path type for input_arguments

* Updated String type for input_arguments

* Missed a few Strings and Url types

* Updated default values for input_arguments to align with their types

* Updated Integer type for input_arguments

* Updated formatting and spacing of atomics
 2021-09-03 18:20:46 -06:00
CircleCI Atomic Red Team doc generator 60fab6394a Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-07-27 14:49:54 +00:00
Adam Mashinchi 189ae94750 Update T1027.yaml 
Added additional obfuscated PowerShell example.
 2021-07-26 12:46:41 -07:00