security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,615 Commits 47 Branches 0 Tags
remove_ruby
Commit Graph

6615 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jacques Decarie 49b1dec3c6 attempt to stop service first, in case its already running (#2001) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-06-16 15:43:38 -06:00
Carrie Roberts 17c9a64fee recovered sct file from github history (#2000) 
* Create T1218.003.sct

* Update T1218.003.inf
 2022-06-16 14:41:09 -06:00
Brendan Malone c27fe5e0ec Merge branch 'master' into 1056.001 2022-06-16 14:52:46 -05:00
Atomic Red Team doc generator add51411df Generated docs from job=generate-docs branch=master [ci skip] 2022-06-16 19:24:52 +00:00
Michael Haag 174e18402f Update T1218.007.yaml (#1999) 2022-06-16 13:24:18 -06:00
Brendan Malone 97049fe2fc Made requested changed 2022-06-16 10:38:03 -05:00
Jose Enrique Hernandez 509e672bf4 Merge branch 'master' into patch-1 2022-06-15 20:55:35 -04:00
Jose Enrique Hernandez 176bc88abf Merge branch 'master' into 1056.001 2022-06-15 20:49:46 -04:00
Carrie Roberts 165c26be6a updates based mitre v11 2022-06-15 17:25:38 -06:00
Atomic Red Team doc generator 5a14d96c37 Generated docs from job=generate-docs branch=master [ci skip] 2022-06-15 21:35:21 +00:00
Jose Enrique Hernandez 0d09ff0234 Merge pull request #1998 from clr2of8/no02 
moving atomics to correct T#
 2022-06-15 17:34:47 -04:00
Carrie Roberts 03e37456cd moving atomics to correct T# 2022-06-15 15:30:42 -06:00
Atomic Red Team GUID generator 1d1ae02aa3 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-15 17:24:10 +00:00
Jacques Decarie d0a80fb9b4 adding t1547.003 (#1996) 
* adding t1547.003

* fixing cleanup commands
 2022-06-15 11:23:41 -06:00
Leo Verlod 307665de3b Create T1530.yaml 2022-06-14 02:23:52 -05:00
Atomic Red Team GUID generator 9c3785a4ca Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-13 21:04:24 +00:00
Leo Verlod 148a5a235d Adding T1546.015 Test 3 - COM Hijacking with RunDLL32 (Local Server Switch) (#1992) 
* Update T1546.015.yaml

* Add files via upload

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-06-13 15:03:51 -06:00
ruyek-git a29128960f Update T1059.006.yaml 2022-06-13 11:29:48 -05:00
ruyek-git 3097dadca7 Update T1059.006.yaml 2022-06-13 11:26:40 -05:00
ruyek-git ee95f0c629 Update T1059.006 yaml - Python pty module and spawn function used to spawn sh or bash 
-Zero-Day Exploitation of Atlassian Confluence [CVE-2022-26134] Unauthenticated RCE vulnerability - Critical severity
As per Volexity, bash shells were launched by the Confluence web application process. It had spawned a bash process which spawned a Python process that in turn spawned a bash shell.
Reference: https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
 2022-06-10 23:45:35 -05:00
Brendan Malone c8b80f6fce Add files via upload 2022-06-09 10:19:55 -05:00
Brendan Malone 9982660ef4 Delete MacOSKeylogger.swift 2022-06-09 10:19:39 -05:00
Brendan Malone 62525bc507 Changed swift script 2022-06-09 09:59:48 -05:00
Brendan Malone 1bfc4dc6e3 Updated descriptions 2022-06-09 09:48:27 -05:00
Brendan Malone 58656a3f53 Merge branch 'redcanaryco:master' into 1056.001 2022-06-09 09:46:40 -05:00
Atomic Red Team GUID generator 25299b1e40 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-08 22:51:10 +00:00
Jose Enrique Hernandez 84232bc50c Merge pull request #1989 from RoundBunny/master 
Added T1574.006 MacOS Dylib Injection
 2022-06-08 18:50:39 -04:00
Brendan Malone d2cf4f16bb Uploaded swift keylogging script 2022-06-08 10:13:51 -05:00
Brendan Malone 749c30e4b6 Added MacOS Test for T1056.001 2022-06-08 10:13:11 -05:00
Brendan Malone 40917c1a65 Moved c script 2022-06-07 10:36:26 -05:00
Jose Enrique Hernandez 89c697c951 Merge branch 'master' into master 2022-06-04 23:05:22 -04:00
Atomic Red Team GUID generator d8f1820ef6 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-04 00:04:19 +00:00
tccontre a768529778 Creates Schedule task with hidden attribute settings (#1986) 
* Update T1112.yaml

* Update T1112.yaml

* typos

* Update T1087.002.yaml

* Update T1087.002.yaml

* Update T1087.002.yaml

* Add files via upload

* Update T1053_05_SCTASK_HIDDEN_ATTRIB.xml

* Update T1053.005.yaml

* Update T1053.005.yaml

* Update T1087.002.yaml

* Update T1087.002.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-06-03 18:03:49 -06:00
Atomic Red Team GUID generator 3d378b3924 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-03 22:48:12 +00:00
Ján Trenčanský 3ccb32ec78 WMI Persistence using ActiveScriptEventConsumer (#1987) 2022-06-03 16:47:47 -06:00
Brendan Malone df67a8aa4d Fixed not compiling 2022-06-03 10:23:25 -05:00
Brendan Malone 3e36aa671f MacOS Dylib injection for T1574.006 
reference: https://cedowens.medium.com/taking-esf-for-a-nother-spin-6e1e6acd1b74
 2022-06-02 14:57:35 -05:00
Brendan Malone 7748526bd4 C file for opening calc 2022-06-02 14:56:00 -05:00
Atomic Red Team GUID generator 5b1111f223 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-01 20:32:51 +00:00
Bhavin Patel a42be924d6 Merge pull request #1983 from javery-sysdig/patch-2 
Create T1611.002.yaml "Escape to Host"
 2022-06-01 13:32:12 -07:00
Bhavin Patel fa3a182989 Merge branch 'master' into patch-2 2022-06-01 13:30:54 -07:00
Atomic Red Team doc generator 3b83031d25 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-31 17:14:18 +00:00
Atomic Red Team GUID generator cc5498aee5 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-31 17:14:13 +00:00
Bhavin Patel 5c7c272b82 Merge pull request #1981 from Leomon5/patch-14 
Adding T1110.003 Test 7 - Password Spray with MSOLSpray
 2022-05-31 10:13:40 -07:00
Bhavin Patel 0d57af5887 Merge branch 'master' into patch-14 2022-05-31 10:12:43 -07:00
Atomic Red Team doc generator a111959d19 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-25 04:21:58 +00:00
Atomic Red Team GUID generator d9b7195f86 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-25 04:21:53 +00:00
IT-Native c02ec5c36e Changes file extension of Test 1195 so that the file is detected and … (#1982) 
* Changes file extension of Test 1195 so that the file is detected and there is no error anymore

* Update T1195.yaml

Co-authored-by: Georg Schlagholz <georg.schlagholz@it-native.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-24 22:21:26 -06:00
Atomic Red Team doc generator a888e0e7c9 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-25 04:12:17 +00:00
Atomic Red Team GUID generator a8f00eb241 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-25 04:12:12 +00:00