security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,615 Commits 47 Branches 0 Tags
remove_ruby
Commit Graph

80 Commits

Author SHA1 Message Date
Atomic Red Team doc generator 9f6a1eab36 Generated docs from job=generate-docs branch=master [ci skip] 2026-02-18 16:55:45 +00:00
Atomic Red Team doc generator 376bf2a64d Generated docs from job=generate-docs branch=master [ci skip] 2026-02-18 16:46:29 +00:00
Atomic Red Team doc generator 5ede8f21e4 Generated docs from job=generate-docs branch=master [ci skip] 2025-02-13 22:03:40 +00:00
za 6cb8a46876 Fix typo on T1098.md (#2993) 2024-12-11 11:34:41 -07:00
Atomic Red Team doc generator f64434da24 Generated docs from job=generate-docs branch=master [ci skip] 2024-04-27 17:50:49 +00:00
Atomic Red Team doc generator 157de65031 Generated docs from job=generate-docs branch=master [ci skip] 2023-11-07 00:28:51 +00:00
Atomic Red Team doc generator a228ee8656 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-22 19:15:21 +00:00
Carrie Roberts d4709021fb Handle spaces in file paths (#2535) 
* updating atomics count in README.md [ci skip]

* wip

* handle spaces in path

* update readme

* fix typo

---------

Co-authored-by: publish bot <opensource@redcanary.com>
 2023-09-22 10:47:25 -06:00
Atomic Red Team doc generator 3d463e9be0 Generated docs from job=generate-docs branch=master [ci skip] 2023-06-23 22:43:43 +00:00
Atomic Red Team GUID generator a5741ecb8f Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-06-23 22:43:25 +00:00
Hare Sudhan f10b65a2ea add terraform files for T1098-17 2023-06-22 21:21:40 -04:00
Hare Sudhan 63a994cf86 fix terraform; move gcloud login to deps 2023-06-22 20:34:28 -04:00
Paul 3c8f4a40f0 Add GCP Atomics 
Created 4 GCP-based atomics
 2023-06-09 09:43:12 -07:00
Atomic Red Team doc generator 417ee7ba17 Generated docs from job=generate-docs branch=master [ci skip] 2023-05-28 02:35:16 +00:00
Carrie Roberts 0665611356 elevation not required for password changes 2023-05-26 19:04:02 -06:00
Atomic Red Team doc generator 35fa10287e Generated docs from job=generate-docs branch=master [ci skip] 2023-05-26 20:46:19 +00:00
Atomic Red Team GUID generator bafcc36958 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-05-26 20:46:01 +00:00
Carrie Roberts a62d04d488 fix double quotes 2023-05-26 14:37:52 -06:00
clr2of8 be43e3cc29 password policy checks 2023-05-25 17:53:13 -06:00
clr2of8 6a45233b2a password policy checks 2023-05-25 17:45:35 -06:00
clr2of8 652d372f4d password policy checks 2023-05-25 17:42:04 -06:00
Atomic Red Team doc generator c3438e27b7 Generated docs from job=generate-docs branch=master [ci skip] 2023-05-23 14:13:38 +00:00
clr2of8 0f2d35484f fix regex issue 2023-05-22 11:56:05 -06:00
Atomic Red Team doc generator 27770715fb Generated docs from job=generate-docs branch=master [ci skip] 2023-03-17 19:20:24 +00:00
Clément Notin efd6dbb465 T098: accept UserPrincipalName for the "user_principal_name" argument 
In Azure AD a "user principal name" can be interpreted as the "name of a principal of type user"
or as the "UserPrincipalName (UPN)" user attribute!
But most people will expect the second meaning. Which is confusing since this test actually expects to see
the user display name in this attribute.

I think there was a confusion with the sibling test which is for "service principal",
so for which the argument to designate it by name is "service_principal_name".

With this change, there is no regression while being compatible with people passing a UPN to this argument.
 2023-03-15 18:25:11 +01:00
Atomic Red Team doc generator 7b652dddfe Generated docs from job=generate-docs branch=master [ci skip] 2023-02-23 21:15:30 +00:00
Clément Notin c14d680bce Improvements to "Azure AD - adding permission to application" 
- Make it clearer that this test will create an app, instead of using an existing one
- If the user ignored this, a second app with the same name as the one they wanted to use will be created. So when using the -Cleanup feature it cannot know which one to delete. Shows a warning then (instead of crashing)
- Some minor English fixes
 2023-02-23 18:39:40 +01:00
Atomic Red Team doc generator 32ff3497db Generated docs from job=generate-docs branch=master [ci skip] 2023-02-23 17:16:43 +00:00
Bhavin Patel c3edd4c1ca Merge branch 'master' into pr-use-aad-filter 2023-02-23 09:08:56 -08:00
Atomic Red Team doc generator 833a7d910b Generated docs from job=generate-docs branch=master [ci skip] 2023-02-22 02:02:55 +00:00
Clément Notin 4babecb60e Minor English fixes (#2339) 2023-02-21 19:02:06 -07:00
Clément Notin fc5a75efd1 Use -Filter instead of Where-Object to improve perf and avoid missed items 
-Filter is the recommended way to filter objects because it filters them at the source (AAD)
instead of fetching everything and filtering on the client. So the perf are better.
Moreover, by default the cmdlets returns a limited number of items so it can miss stuff
(except if using -All like it was done in some cases)
 2023-02-21 14:33:47 +01:00
Atomic Red Team doc generator 16594d72c5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 23:11:19 +00:00
Josh Rickard a5dd0813cd fix: Updating atomics YAML file structure to align with the new JSON schema definition (#2323) 
* fix: Updating atomics YAML file structure to align with the new JSON schema definition.

This also fixes some white space issues and general line formatting across all impacted atomics.

* fix: One additional change needed

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 16:10:37 -07:00
Atomic Red Team doc generator 819934cc3f Generated docs from job=generate-docs branch=master [ci skip] 2022-06-16 22:47:00 +00:00
Atomic Red Team doc generator dd97f407ad Generated docs from job=generate-docs branch=master [ci skip] 2022-04-28 01:22:28 +00:00
Atomic Red Team GUID generator 292fcfab98 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-04-28 01:22:24 +00:00
Rich5 53d54747ec Added Password Change on Directory Service Restore Mode (DSRM) Account (#1899) 
* Added Password Change on Directory Service Restore Mode (DSRM) Account

* remove guid so unique one can be auto-assigned

Co-authored-by: Richard Kelley <richard.kelley@qomplx.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-04-27 19:21:55 -06:00
CircleCI Atomic Red Team doc generator 3906be5325 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-16 19:30:30 +00:00
CircleCI Atomic Red Team GUID generator 1fd5dc6a51 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-16 19:30:25 +00:00
WojciechLesicki 30af70bef9 Removing md file 2022-03-11 23:59:46 +01:00
WojciechLesicki 8578fc3308 Correct description 2022-03-11 23:52:07 +01:00
Carrie Roberts 9186e32eb2 Merge branch 'master' into master 2022-03-07 11:35:13 -06:00
WojciechLesicki 54f98b9930 Added one more newline :) 2022-03-06 19:15:00 +01:00
WojciechLesicki eb50e5b1e0 Adding new lines 2022-03-06 18:59:52 +01:00
WojciechLesicki 2be981e92d I added another atomic related to adding permission to the application in AzureAD. 2022-03-06 18:54:11 +01:00
CircleCI Atomic Red Team doc generator 6835dffd2e Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-03 17:54:53 +00:00
CircleCI Atomic Red Team GUID generator a870578ef4 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-03 17:54:46 +00:00
WojciechLesicki 901633f873 Removing auto_generated_guid 2022-01-31 00:54:57 +01:00
WojciechLesicki bb9e9f3796 again...correcting list 2022-01-30 23:21:19 +01:00