security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,615 Commits 47 Branches 0 Tags
remove_ruby
Commit Graph

6615 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CircleCI Atomic Red Team GUID generator d130f2d97e Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-15 15:13:17 +00:00
Wietze 9282894485 T1027: Add generic Command-Line Obfuscation (#1646) 
* T1027: Add generic command-line obfuscation

* remove guid so a new one will be auto-assigned

Co-authored-by: Wietze <wietze.beukema@pwc.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-15 09:12:44 -06:00
CircleCI Atomic Red Team doc generator 54ce1cb32b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 15:29:42 +00:00
forensictdev a563f57e9a Add spanish support to test (#1644) 
* Add spanish support to test

* Add quotes to localgroup name

Co-authored-by: gabofcg <gabelo005@gmail.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-08 09:29:00 -06:00
CircleCI Atomic Red Team doc generator 47bfc55de6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 15:27:30 +00:00
CircleCI Atomic Red Team GUID generator 814fe5c75d Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 15:27:25 +00:00
Vincent N 5798ea786a T1003.003 Add remote Shadow Copy creation over wmi (#1640) 
* Add remote Shadow Copy creation over wmi

* Add quotes for wmic node

Quoting wmic node option prevents the command from failing when the destination node dns name contains a hyphen

* Adjust default wmic parameters to run locally
 2021-10-08 09:26:53 -06:00
CircleCI Atomic Red Team doc generator 985f0a446a Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 02:02:54 +00:00
JoustingZebra e3b1ecdae4 Fixed missing dependency (msxsl.exe) (#1642) 
Added missing dependency (msxsl.exe)

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-07 20:02:28 -06:00
CircleCI Atomic Red Team doc generator e5de126fd6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 01:58:39 +00:00
CircleCI Atomic Red Team GUID generator 311de56693 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-08 01:58:34 +00:00
devapriya16 dc251e8ee5 RDP on Non Standdard Port (#1643) 
Co-authored-by: Priya <dpriya@NTI.local>
 2021-10-07 19:58:04 -06:00
CircleCI Atomic Red Team doc generator 57bf589ab7 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-01 14:37:22 +00:00
Vincent N fed35e3c21 T1003.003 wmic atomic bugfix (#1638) 
* Add missing trailing backslash causing the wmic command to fail with the default drive_letter string

* Fix typos

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-01 08:36:46 -06:00
CircleCI Atomic Red Team doc generator 69c0e80bce Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-01 14:33:29 +00:00
CircleCI Atomic Red Team GUID generator 68dd3dbf48 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-10-01 14:33:24 +00:00
zedutchmann 6d358b996c Updated T1548.002.yaml file (#1636) 
* Update T1548.002.yaml

Added (11) tests from UACMe project

* Update T1548.002.yaml

Added permalink for .zip file and changed descriptions

* Update T1548.002.yaml

* removed nonworking methods 37,58,65

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-10-01 08:33:02 -06:00
dependabot[bot] 114fe09474 Bump nokogiri from 1.11.4 to 1.12.5 (#1634) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.4 to 1.12.5.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.11.4...v1.12.5)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-09-29 09:50:08 -06:00
CircleCI Atomic Red Team doc generator ae39dcfe39 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-23 21:43:13 +00:00
CircleCI Atomic Red Team GUID generator a612eaebb9 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-23 21:43:08 +00:00
lucasRiley 16bd391f53 Wevtutil Event log Disable (#1633) 
* wevtutil sets the log and then disables it

* update input arg desc

Co-authored-by: Riley <lriley@NTI.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-09-23 15:42:33 -06:00
CircleCI Atomic Red Team doc generator 29fe641593 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-23 21:25:46 +00:00
CircleCI Atomic Red Team GUID generator c2d50e980f Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-23 21:25:41 +00:00
lucasRiley 32c8874944 Dns exfiltrator (#1631) 
* DNSExfiltrator

* DNSExfiltrator DoH

* updated input arg descriptions

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-09-23 15:25:08 -06:00
CircleCI Atomic Red Team doc generator 3c80fa064e Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-20 18:48:06 +00:00
CaptainMoss b8ba7470ca Update T1056.001.yaml (#1632) 
Why executor name is command prompt ? It should be 'sh' for linux platforms right ?
 2021-09-20 12:47:43 -06:00
CircleCI Atomic Red Team doc generator a0edb02b80 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-15 16:50:17 +00:00
Carrie Roberts ad77c4245c update description, correct link (#1630) 
* update description, correct link

* Update T1082.yaml

updated a word

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-09-15 10:49:48 -06:00
CircleCI Atomic Red Team doc generator 2d3f3c6ba4 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-15 14:13:57 +00:00
Carrie Roberts e695715b47 using github permanent URL (#1628) 2021-09-15 08:13:16 -06:00
CircleCI Atomic Red Team doc generator e0b6ebd6c7 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-15 14:07:26 +00:00
CircleCI Atomic Red Team GUID generator fd9667ae0c Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-15 14:07:20 +00:00
Carrie Roberts f891465d8d Add PowerUp Invoke-AllChecks (#1629) 2021-09-15 08:06:46 -06:00
CircleCI Atomic Red Team doc generator 2a6a82f945 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-15 02:11:02 +00:00
CircleCI Atomic Red Team GUID generator 358124ee2d Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-15 02:10:57 +00:00
tlor89 ef9870b4a0 T1555.003_Update (#1626) 
* T1555.003_Update

* Update T1555.003.yaml

Made the recommend changes

* description update

Co-authored-by: Toua Lor <tlor@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-09-14 20:10:23 -06:00
CircleCI Atomic Red Team doc generator 1173a5f1f3 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-15 01:29:34 +00:00
CircleCI Atomic Red Team GUID generator f7404e80e8 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-15 01:29:29 +00:00
Michael Haag f2201c7d4d Update T1069.001.yaml (#1627) 2021-09-14 19:29:06 -06:00
CircleCI Atomic Red Team doc generator 12ca65b029 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-10 15:56:41 +00:00
CircleCI Atomic Red Team GUID generator f6849b45b8 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-10 15:56:35 +00:00
Corellios c8aebb9a41 Add SharpHound LocalAdmin attack (#1625) 2021-09-10 09:56:00 -06:00
CircleCI Atomic Red Team doc generator 895016b6bd Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-10 15:47:32 +00:00
CircleCI Atomic Red Team GUID generator 76420cb24e Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-10 15:47:27 +00:00
Corellios adb2b53f0f T1187: PetitPotam coerce authentication attack (#1620) 
* Add PetitPotam coerce authentication attack

* Change executable URL to a permalink

* Fix cleaning

Co-authored-by: Clément Notin <cnotin@tenable.com>
 2021-09-10 09:47:00 -06:00
CircleCI Atomic Red Team doc generator a7e6de503a Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-09 21:10:42 +00:00
Raislin d5c9c01e4f Update T1047.yaml (#1624) 2021-09-09 15:10:08 -06:00
CircleCI Atomic Red Team doc generator b66dfc7001 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-09 20:59:14 +00:00
CircleCI Atomic Red Team GUID generator acd77c68cb Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-09 20:59:10 +00:00
Raislin 167fb3c2f6 T1047_update (#1623) 
* T1047_update

* T1047_update

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-09-09 14:58:43 -06:00