atomic-red-team

Author	SHA1	Message	Date
Jimmy Astle	22d7cdcec8	Echo white space into bach history	2018-01-02 15:45:53 -05:00
Jimmy Astle	7dd644c77b	Adding in dev/null bash history symlink	2018-01-02 15:36:15 -05:00
Michael Haag	68e5c6c5ab	Merge pull request #47 from atmathis Add/Change Mac Techniques Cleanup AllTheThings Payload	2018-01-02 07:55:00 -07:00
Michael Haag	1cb5f30dc0	Update Input_Prompt.md	2018-01-02 07:52:43 -07:00
atmathis	3ef9e7a62c	Mac Defense Evasion/Launchctl * Added Mac Defense Evasion/Launchctl and updated Matrix	2018-01-01 17:18:54 -05:00
atmathis	5802bb2df8	Mac Indicator Removal on Host * Added Mac Defense Evasion / Indicator Removal on Host and updated Matrix	2018-01-01 17:07:42 -05:00
atmathis	a9b36650cd	Mac Hidden Users * Added Defense Evasion/Hidden Users and updated Matrix	2018-01-01 16:38:43 -05:00
atmathis	9b9bd358ed	Update HISTCONTROL * Added route to setting permanently in .bash_profile	2018-01-01 16:17:10 -05:00
atmathis	0ddc31b336	Mac/Linux HISTCONTROL * Added HISTCONTROL for Mac and Linux, and updated Matrices * Corrected Gatekeeper Bypass title	2018-01-01 16:02:52 -05:00
atmathis	232d5eea29	Add Mac Defense Evasion/Disabling Security Tools * Added Disabling_Security_Tools under Mac Defense Evasion and added to Matrix * Added existing GateKeeper Bypass page to Matrix	2018-01-01 15:10:44 -05:00
atmathis	cac4566d2c	Revert "Revert "Linux/Mac Command Clear"" This reverts commit `6439416b26`.	2018-01-01 14:30:45 -05:00
atmathis	6439416b26	Revert "Linux/Mac Command Clear" This reverts commit `a0c6b2953c`.	2018-01-01 14:29:48 -05:00
atmathis	a0c6b2953c	Linux/Mac Command Clear * Updated title on Clear Command History * Replicated Clear Command History from Mac to Linux * Added links to both matrices	2018-01-01 14:27:09 -05:00
atmathis	dce29fd24d	Add/Change Mac and All the Things cleanup Created Mac/Credential_Access/Input_Prompt Added AppleScript password prompt to Credential Access/Input Prompt Cleanup Mac/Execution/AppleScript Updated Mac Grid Updated formatting on AllTheThings test.bat	2017-12-29 12:12:54 -05:00
caseysmithrc	568edb7654	Merge pull request #46 from redcanaryco/Protoss-Dev Update All The Things	2017-12-20 15:39:52 -07:00
caseysmithrc	d266915612	Update All The Things	2017-12-20 15:39:07 -07:00
caseysmithrc	54181ad230	Merge pull request #45 from redcanaryco/persistence Persistence & Updates	2017-12-13 15:20:34 -07:00
Michael Haag	33d6b91220	Windows ReadMe Fixed link	2017-12-13 10:26:48 -08:00
Michael Haag	aee2840fd5	New Persistence + Office Application Startup -- Added DDEAUTO and Dragon's Tail link + Registry Run Keys and Start Folder -- Added a couple of items to make this interesting. +Updated Windows Readme	2017-12-12 15:35:09 -08:00
Michael Haag	a53d8d91cd	Merge pull request #44 from redcanaryco/Protoss-Dev Fix Typo	2017-12-07 08:24:18 -08:00
caseysmithrc	8f95d8b119	Fix Typo	2017-12-07 09:21:59 -07:00
Michael Haag	16eb9d5f62	Merge pull request #43 from redcanaryco/Protoss-Dev Fix Shim References	2017-12-07 08:05:38 -08:00
caseysmithrc	1d57ef77e0	Fix Shim References	2017-12-07 09:03:07 -07:00
Michael Haag	fbce4cfb2d	Merge pull request #42 from redcanaryco/Protoss-Dev Context For Shims	2017-12-06 14:41:33 -08:00
caseysmithrc	67613f4a44	Context For Shims	2017-12-06 15:40:21 -07:00
caseysmithrc	4326601868	Merge pull request #41 from redcanaryco/Argonaut Argonaut Chain Reaction + Updates to windows.md	2017-12-06 15:27:35 -07:00
Michael Haag	5449cc27f0	Argonaut Argonaut was built with the idea of assisting organizations with identifying the use of Invoke-WebRequest aliases - Wget and Curl. Within your detection tools, how does it look? Do you have detection for Wget and curl on Windows?	2017-12-06 14:22:21 -08:00
Michael Haag	cf124cd5d4	Merge pull request #40 from redcanaryco/Protoss-Dev Protoss dev	2017-12-06 14:13:47 -08:00
caseysmithrc	809e2cb4b8	Fix Typo	2017-12-06 15:12:35 -07:00
caseysmithrc	7bec20d991	App Compat ReadMe	2017-12-06 15:11:56 -07:00
Michael Haag	b93b2b1978	Merge pull request #39 from redcanaryco/Protoss-Dev Fix Instructions	2017-12-06 14:07:21 -08:00
caseysmithrc	44611b8f3b	Fix Instructions	2017-12-06 15:05:18 -07:00
Michael Haag	5971f8d1ce	Merge pull request #38 from redcanaryco/Protoss-Dev Shim Test Files. Confirmed operational on Win8 and Win10	2017-12-06 14:04:42 -08:00
caseysmithrc	14f2a68a96	Shim Test Files	2017-12-06 14:52:06 -07:00
caseysmithrc	8cba9e39ec	Update DragonsTail.vba	2017-12-06 14:01:43 -07:00
Michael Haag	53694dc7d4	Windows ReadMe Fixes + Updated all Discovery files in previous PR. + Fixed Windows.md to match new files. All good now	2017-12-01 15:06:10 -08:00
caseysmithrc	892fd74539	Merge pull request #37 from redcanaryco/Protoss-Dev Fix Casing	2017-12-01 13:05:31 -07:00
caseysmithrc	b8cd61afb4	Fix Casing	2017-12-01 13:04:29 -07:00
Michael Haag	847159d808	Merge pull request #36 from redcanaryco/Protoss-Dev Updated All the Things + Binaries and Tests Cyclotron	2017-11-30 09:00:48 -07:00
caseysmithrc	1804b97780	Updated All the Things	2017-11-30 08:54:10 -07:00
Michael Haag	f47d9be70a	Merge pull request #35 from redcanaryco/Protoss-Dev Updated AllTheThings	2017-11-30 08:36:08 -07:00
caseysmithrc	e4e892da8b	Updated All The Things	2017-11-30 06:25:37 -07:00
caseysmithrc	5375477446	Updated AllTheThings Example	2017-11-30 06:08:27 -07:00
Michael Haag	b54dad8890	Merge pull request #33 from redcanaryco/Protoss-Dev Fix Dragon's Tail References	2017-11-29 11:38:17 -07:00
caseysmithrc	b4deda9aae	Fix Dragon's Tali References	2017-11-29 11:36:40 -07:00
Michael Haag	0685e5ab8c	Merge pull request #32 from redcanaryco/Protoss-Dev Fix Dragon's Tail .bat	2017-11-29 11:23:17 -07:00
caseysmithrc	2da4ce1e9b	Fix Dragon's Tail .bat	2017-11-29 11:21:48 -07:00
Michael Haag	ebedfe3192	Merge pull request #31 from redcanaryco/Protoss-Dev Update Dragon's Tail	2017-11-29 10:23:54 -07:00
caseysmithrc	ab69bd75a6	Update Draon's Tail	2017-11-29 10:11:47 -07:00
caseysmithrc	58426cd424	Merge pull request #29 from redcanaryco/dev-mh Updated Formatting + System Service Discovery	2017-11-27 13:09:31 -07:00

1 2 3

144 Commits