security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,615 Commits 47 Branches 0 Tags
remove_ruby
Commit Graph

6615 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hare Sudhan 460135314e Github Codespace added (#2644) 
* Create devcontainer.json

* devcontainers added

* devcontainers added

* add setup files

* Update README.md
 2023-12-22 15:43:02 -06:00
Atomic Red Team doc generator b998ba7370 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-20 03:35:19 +00:00
Tessa Georgen c30ed0fe85 Remove improper extra field from T1562.010.yaml (#2642) 2023-12-19 20:34:27 -07:00
Atomic Red Team doc generator a79c9e0e82 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-14 15:28:03 +00:00
Atomic Red Team GUID generator 7f3f0be18b Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-14 15:27:50 +00:00
BlueTeamOps 9ba4043595 ESXi ART Tests Batch 1 (#2635) 
* ESXi Tests Batch 1

* remove duplicate key

* Update T1082.yaml

Updated the binary location to ExternalPayloads folder and also added the folder creation in GetPreReqs

* Update T1083.yaml

Added External Payloads and included folder creation in GetPreReqs

* Update T1129.yaml

Added ExternalPayloads refence. 
Added folder creation in GetPreReqs
Move the reference of the vib to src

* Update T1529.yaml

Added External Payloads folder and added folder creation step to GetPreReqs

* Update T1529.yaml

987c9b4d-a637-42db-b1cb-e9e242c3991b - added external payloads

* Update T1562.010.yaml

Added External Payloads reference and folder creation to GetPreReqs

* Moved the vib to src

* Delete atomics/T1129/bin directory

* Delete atomics/T1082/bin directory

* Delete atomics/T1083/bin directory

* Delete atomics/T1562.010/bin directory

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-14 08:27:13 -07:00
Atomic Red Team doc generator 2dcdc27df7 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-14 04:47:22 +00:00
AJ King 8bca554bc8 Update T1555.003.yaml - typo fix (#2637) 2023-12-13 21:46:31 -07:00
咸鱼型233 b37aaabcd5 fixed path error (#2629) 
* fixed path error

* add cleanup commands

* updating atomics count in README.md [ci skip]

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: publish bot <opensource@redcanary.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-13 15:26:00 -06:00
Atomic Red Team doc generator 810de6cc88 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-13 20:51:58 +00:00
Théo Letailleur fff607c240 [FIX] T1047 - fix tightvnc path (#2636) 2023-12-13 14:50:54 -06:00
Atomic Red Team doc generator d7c45a052d Generated docs from job=generate-docs branch=master [ci skip] 2023-12-07 02:56:57 +00:00
Atomic Red Team GUID generator 8d8fdce249 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-07 02:56:42 +00:00
tccontre de8f541aaa T1112 - DarkGate Registry Modification (#2633) 
* T1112 - DarkGate Registry Modification

* Update T1112.yaml

* Update T1112.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-06 21:56:04 -05:00
Atomic Red Team doc generator 866d5adfa4 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-07 02:50:35 +00:00
Tessa Georgen da79b028aa fix misc formatting errors/extra fields (#2634) 2023-12-06 21:49:46 -05:00
Atomic Red Team doc generator b2bc904f4c Generated docs from job=generate-docs branch=master [ci skip] 2023-12-04 18:56:01 +00:00
Atomic Red Team GUID generator cc6a655d63 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-04 18:55:44 +00:00
PhyoPaingHtun ChiLai bb601df2f8 Update T1112.yaml (Scarab Ransomware Defense Evasion Activities & Me… (#2625) 
* Update T1112.yaml (Scarab Ransomware Defense Evasion Activities  & Merdoor Backdoor Persistence Activities)

Scarab Ransomware Defense Evasion Activities 
Merdoor Backdoor Persistence Activities

* Update T1112.yaml (Update Merdoor Backdoor article)

* Update T1112.yaml (Update Syntax Error)

* Update T1112.yaml (Update Syntax Error)

* Update T1112.yaml

---------

Co-authored-by: PhyoPaingHtun ChiLai <83696447+PhyoPaing777@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-04 12:55:07 -06:00
Atomic Red Team doc generator 6607ee34b6 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-04 18:35:28 +00:00
Atomic Red Team GUID generator 966bf4b50d Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-04 18:35:11 +00:00
Leo Verlod b9ff7d2f85 Adding T1555.003 Test - Dump Chrome Login Data with esentutl (#2628) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-04 12:34:29 -06:00
Atomic Red Team doc generator e6fb2beca0 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-04 18:31:49 +00:00
Atomic Red Team GUID generator d46b0d874e Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-04 18:31:36 +00:00
PhyoPaingHtun ChiLai 0e7356bccb Update T1112.yaml (Update Disable FIDO Authentication) (#2626) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-04 12:30:59 -06:00
Atomic Red Team doc generator d8b3cefbdb Generated docs from job=generate-docs branch=master [ci skip] 2023-12-01 21:29:03 +00:00
Atomic Red Team GUID generator 5c63f2082e Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-01 21:28:45 +00:00
navsec 6879f4e317 Add tests for various shellcode running techniques using Go (#2627) 
* Adding shellcode running techniques using Go

* Removing auto-generated guid before PR

---------

Co-authored-by: navsec <navsec@navsec.net>
 2023-12-01 15:27:51 -06:00
Atomic Red Team doc generator 23aa1d2ded Generated docs from job=generate-docs branch=master [ci skip] 2023-11-30 02:06:58 +00:00
Atomic Red Team GUID generator a2e6f91c86 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-11-30 02:06:45 +00:00
Leo Verlod 160674855f Adding T1087.002 Test - Ldapdomaindump on Linux (#2605) 
* Update T1087.002.yaml

* Update T1087.002.yaml

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
 2023-11-29 21:06:11 -05:00
Atomic Red Team doc generator b16ca202be Generated docs from job=generate-docs branch=master [ci skip] 2023-11-28 16:24:17 +00:00
Atomic Red Team GUID generator f132339bf6 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-11-28 16:24:01 +00:00
PhyoPaingHtun ChiLai 8d981c0488 Update T1112.yaml (Activities To Disable Secondary Authentication Detected) (#2619) 
* Update T1112.yaml 

Disable Secondary Authentication Detected

* Update T1112.yaml

Added reference link in description

---------

Co-authored-by: PhyoPaingHtun ChiLai <83696447+PhyoPaing777@users.noreply.github.com>
Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-11-28 10:23:25 -06:00
Atomic Red Team doc generator d39bc9e09b Generated docs from job=generate-docs branch=master [ci skip] 2023-11-28 16:18:43 +00:00
Atomic Red Team GUID generator b915978256 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-11-28 16:18:27 +00:00
Matt af453f3fcd Reorganization (#2621) 
Reordered so that a standard keychain dump is the first test because it seems to best fit the ATT&CK framework description. Then, separated previous list of certificate commands into 2 tests for clarity and easier use. Removed help command (security -h) and reorganized comments for clarity.

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-11-28 10:17:42 -06:00
Atomic Red Team doc generator 25b10a93d3 Generated docs from job=generate-docs branch=master [ci skip] 2023-11-28 16:02:31 +00:00
Hare Sudhan 3bd3ceb8a2 Update attack_api.rb (#2624) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-11-28 10:01:37 -06:00
publish bot 3a9bc49be3 updating atomics count in README.md [ci skip] 2023-11-28 15:58:51 +00:00
Hare Sudhan 201ad3b17f Validator changes (#2622) 2023-11-28 09:58:02 -06:00
Atomic Red Team doc generator 7ae80c53e8 Generated docs from job=generate-docs branch=master [ci skip] 2023-11-27 21:56:43 +00:00
Atomic Red Team GUID generator 3d383ee5f9 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-11-27 21:56:24 +00:00
Matt 352f85ee32 Add test for keychain dump (#2620) 
* Add test for keychain dump

* remove empty keys

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-11-27 15:55:44 -06:00
publish bot 9defc5c7ba updating atomics count in README.md [ci skip] 2023-11-23 23:09:41 +00:00
devasmith4 278f7da632 remove duplicate key (#2617) 2023-11-23 17:09:04 -06:00
publish bot 73a8730d95 updating atomics count in README.md [ci skip] 2023-11-23 17:39:59 +00:00
devasmith4 d70cc3fe9f remove duplicate "elevation required" element (#2616) 2023-11-23 11:39:21 -06:00
dependabot[bot] 7a5aedfb09 Bump jsonschema from 4.19.2 to 4.20.0 (#2612) 
* Bump jsonschema from 4.19.2 to 4.20.0

Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.19.2 to 4.20.0.
- [Release notes](https://github.com/python-jsonschema/jsonschema/releases)
- [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.19.2...v4.20.0)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* updating atomics count in README.md [ci skip]

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: publish bot <opensource@redcanary.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-11-22 17:48:09 -05:00
Atomic Red Team doc generator 60480bf6df Generated docs from job=generate-docs branch=master [ci skip] 2023-11-22 22:46:18 +00:00