02d7519ea3
fix: suggestions from comments added
2023-05-20 00:54:42 +02:00
8044a8342d
Merge branch 'master' into patch-2
2023-05-19 18:07:54 -04:00
ebdec5d757
Merge pull request #2430 from cyberbuff/auto-assign-labels
...
(enhancement) Auto assign labels and reviewers
2023-05-19 17:37:40 -04:00
b498741fa4
added auto assign code
2023-05-19 17:35:09 -04:00
b07f1125cf
added auto assign code
2023-05-19 17:35:05 -04:00
21509faf59
Generated docs from job=generate-docs branch=master [ci skip]
2023-05-19 17:13:28 +00:00
64f9f08766
Generate GUIDs from job=generate-docs branch=master [skip ci]
2023-05-19 17:13:07 +00:00
528c540e94
added T1505.005 technique ( #2426 )
...
* added T1505.005 technique
* include full technique name
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2023-05-19 11:12:19 -06:00
b1f3c968f2
Generated docs from job=generate-docs branch=master [ci skip]
2023-05-19 17:06:33 +00:00
7955fa8daa
update nav version and attack data ( #2429 )
2023-05-19 11:05:25 -06:00
61f59e7541
Adding a new atomic test to T1560.001.yaml
2023-05-19 14:54:47 +02:00
9bccf321f6
Add new atomic test to T1140.yaml
...
Adding new atomic test to T1140.
2023-05-19 14:43:45 +02:00
89b9c9c526
Generate GUIDs from job=generate-docs branch=master [skip ci]
2023-05-17 20:10:50 +00:00
80da053126
added T1070.008 to trigger alerts on file changes to the mail box ( #2421 )
...
* added T1070.008 to trigger alerts on file changes to the mail box
* updated command to use schtasks instead of the deprecated at.exe
* Update T1053.002.yaml
* Update T1053.002.yaml
* Update T1053.002.yaml
* Update T1053.002.yaml
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2023-05-17 14:10:00 -06:00
8037cadb4d
Generate GUIDs from job=generate-docs branch=master [skip ci]
2023-05-17 19:46:06 +00:00
7b7097d069
Adding T1219 Test 11 - MSP360 Connect Execution ( #2420 )
...
Thank you Leo!
2023-05-17 13:45:25 -06:00
a3ff1d8d40
validation fix ( #2425 )
2023-05-17 13:38:27 -06:00
e563055a69
(enhancement) CI validations ( #2419 )
...
* more validations added
* rename bin
* fnmatch fix
2023-05-15 09:36:19 -06:00
284886292b
Atomic Red Team - JSON Schema Validation CI ( #2303 )
...
* feat: Adding atomic-red-team JSON Schema defintions
* feat: Adding validate.py script to validate all atomics against the defined schema
* feat: Adding validate-schema GitHub Workflow action to validate on every push to the repo
* ci: Updated the validate-schema workflow to support and use Ruby instead of python
* fix: Updated schema to remove schema draft version (not necessarily needed) and update to remove elevation_required as a required defined property
* fix: Removed the yaml schema version
* docs: Adding start of README
* fix: Adding an updated/better version of the python validation but may ultimately be removed
* feat: Adding Ruby version of validate.rb script
* fix: Removing files not needed since we are changing to github action and using the new validation code
* fix: Adding the yaml schema file back and removed the json version
* docs: Updated README with documentation
* fix: Updating schema to use new format validator
* fix: Updated validate.rb to verify that the Technique IDs are in the correct format.
* fix: Upating validate.rb to raise execptions so that failures flow up to the GitHub Action workflow
* fix: Updated all tests that have input_arguments not conformaing to schema defintion for type value of path
* fix: Updating the Validaton README for typos
* fixL: Minor updates to the schema
* minor schema changes
* github actions fix
* schema changes
---------
Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com >
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
Co-authored-by: Hare Sudhan <code@0x6c.dev >
2023-05-12 15:33:47 -06:00
9a70b81004
fix: T1219 typo ( #2417 )
...
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2023-05-11 15:25:07 -06:00
2a51677203
Generate GUIDs from job=generate-docs branch=master [skip ci]
2023-05-11 20:40:32 +00:00
dd810e48ca
Merge pull request #2418 from redcanaryco/snake-malware
...
Snake Malware Atomic Tests
2023-05-11 16:39:50 -04:00
1ebcb346f6
Snake Malware Atomic Tests
2023-05-11 12:40:31 -06:00
4177d016ad
Generate GUIDs from job=generate-docs branch=master [skip ci]
2023-05-09 19:38:56 +00:00
7b2ba6e0ac
modify BootExecute ( #2412 )
...
* modify BootExecute
* Update T1547.001.yaml
* Update T1547.001.yaml
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2023-05-09 13:38:16 -06:00
baf012d844
Fix conflicts
2023-05-09 13:00:05 -05:00
896859a15f
Fix conflicts
2023-05-09 12:57:04 -05:00
8b8a25368c
- Fix conflicts
2023-05-09 12:55:50 -05:00
aad4f9e1fb
- Fix conflicts
2023-05-09 12:46:06 -05:00
9da60cf675
Update T1555.003.yaml ( #2414 )
...
Update the version of LaZagne to 2.4.5
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2023-05-09 10:30:06 -06:00
e6390f6417
minor cleanup to dependencies and exit codes ( #2415 )
2023-05-09 10:26:45 -06:00
059870373c
Make sh friendly
2023-05-09 01:13:59 -05:00
f1c5a9be03
Add FreeBSD support
2023-05-08 11:06:08 -05:00
22303c5ef2
Merge branch 'master' into D4rkCiph3r-T1486
2023-05-04 14:06:04 -07:00
5cec783687
Generate GUIDs from job=generate-docs branch=master [skip ci]
2023-05-04 21:05:04 +00:00
9f46b9ff0a
Merge pull request #2388 from D4rkCiph3r/T1531
...
Added 3 new tests - macOS & Linux T1531
2023-05-04 14:04:29 -07:00
137a0bea8f
Updated atomics after testing locally
...
The atomic seems to run, tested by running commands locaally!
2023-05-04 14:02:01 -07:00
25ce5eaf94
Merge branch 'master' into T1531
2023-05-04 13:44:06 -07:00
1909b10c4d
Generate GUIDs from job=generate-docs branch=master [skip ci]
2023-04-27 16:10:20 +00:00
e2e6032f81
Tccontre redline defense evasion through registry ( #2408 )
...
* Update T1112.yaml
* Update T1112.yaml
* Update T1112.yaml
* Update T1112.yaml
* Update T1112.yaml
* Update T1112.yaml
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2023-04-27 11:09:51 -05:00
887833f899
kill notepad after sleep ( #2406 )
...
see issue #2385
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com >
2023-04-27 09:15:17 -06:00
a568b296ee
add -UseBasicParsing ( #2405 )
...
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com >
2023-04-27 09:14:01 -06:00
43f9dfd812
Generate GUIDs from job=generate-docs branch=master [skip ci]
2023-04-27 14:23:24 +00:00
0061d9fd8c
T1204.003 ( #2410 )
...
Co-authored-by: Shankar <mshank@NTI.local >
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2023-04-27 09:22:56 -05:00
7b710ceab5
correct registry value, see issue #2362 ( #2404 )
2023-04-27 08:01:33 -06:00
60a4735f82
add check for McAffee related processes ( #2401 )
...
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2023-04-24 19:37:55 -05:00
cc4b9f2f61
Generate GUIDs from job=generate-docs branch=master [skip ci]
2023-04-25 00:36:23 +00:00
4759bb96c7
T1649 Test ( #2400 )
...
* t1649
* Update T1649.yaml
* simplification and create directories
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2023-04-24 19:35:54 -05:00
7e99092a1c
Generated docs from job=generate-docs branch=master [ci skip]
2023-04-24 22:14:38 +00:00
e3d0e671bc
adding missing DLL for T1547.010, fixing typos ( #2403 )
2023-04-24 17:12:57 -05:00
Matheus Aranha