security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,095 Commits 47 Branches 0 Tags
2d3c1652a4e1bae20ced93efc42e08ce3a502eb2
Commit Graph

6095 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Atomic Red Team doc generator 2d3c1652a4 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-24 02:17:35 +00:00
abhijose09 3bc01cabb5 3 new tests added (#2863) 
3 new Tests added :
Abusing MyComputer Disk Backup Path for Persistence
Abusing MyComputer Disk Cleanup Path for Persistence
Abusing MyComputer Disk Fragmentation Path for Persistence

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-23 21:16:20 -05:00
Atomic Red Team doc generator 162921f9e7 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-23 22:08:10 +00:00
abhijose09 d4aa5c432e New Test - Modify RDP-Tcp Initial Program Registry Entry (#2861) 
* Update T1112.yaml

Modify RDP-Tcp Initial Program Registry Entry

* Update T1112.yaml

added cleanup commands

* Update T1112.yaml

* Update T1112.yaml

* Update T1112.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-23 17:06:54 -05:00
Atomic Red Team doc generator 229af9deb5 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-23 21:39:39 +00:00
Badoodish 0a8ad64ee8 Added new test to T1614.001 "Discover System Language by Windows API … (#2857) 
* Added new test to T1614.001 "Discover System Language by Windows API Query"

* Fixed indentation on line 139. Added input arguments

* Fixed indentation on line 126

* Added markdown formatting.

* Added C# source code as requested

* Removed input arguments because not arguments are supported.

* Updated exe output

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-23 16:38:25 -05:00
Atomic Red Team doc generator 2a37d1cae8 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-19 04:22:39 +00:00
Alphonsa George 9e39c9d5b3 T1048.002 (#2851) 
* Added input argument #{host} to T1059.004 test name - Create and Execute Bash Shell Script

* Added Input argument to T1048.002 2 tests

* modified input args

---------

Co-authored-by: alphonsa-01 <NA>
Co-authored-by: Hare Sudhan <code@0x6c.dev>
 2024-07-19 00:21:31 -04:00
Atomic Red Team doc generator 7512f4a78b Generated docs from job=generate-docs branch=master [ci skip] 2024-07-17 02:56:47 +00:00
abhijose09 ef6b0358f9 Update T1112.yaml (#2862) 
New Test : Abusing Windows TelemetryController Registry Key for Persistence

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-16 21:55:36 -05:00
Atomic Red Team doc generator 9915e4a4a6 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-17 02:53:43 +00:00
abhijose09 b0c87f11fc Update T1556.002.yaml (#2860) 
New Test Install Additional Authentication Packages

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-16 21:52:30 -05:00
Atomic Red Team doc generator 12c1fabcf5 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-16 22:37:48 +00:00
abhijose09 6b16e95579 Update T1547.001.yaml (#2856) 
* Update T1547.001.yaml

Allowing custom application to execute during new RDP logon session

* Update T1547.001.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-16 17:36:37 -05:00
Atomic Red Team doc generator 6b5334bfe5 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-16 18:21:49 +00:00
Hare Sudhan 3183811486 Fix ESXi tests (#2853) 
* fix esxi tests

* fix macos tests

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-16 13:20:36 -05:00
Atomic Red Team doc generator c126089a0d Generated docs from job=generate-docs branch=master [ci skip] 2024-07-16 18:15:15 +00:00
abhijose09 1b800b29ca Update T1547.001.yaml (#2854) 
* Update T1547.001.yaml

Creating Boot Verification Program Key for application execution during successful boot

* Update T1547.001.yaml

updated few changes

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-16 13:14:02 -05:00
Atomic Red Team doc generator ff1bf9b32f Generated docs from job=generate-docs branch=master [ci skip] 2024-07-16 18:08:01 +00:00
Hare Sudhan 81b987e1a6 fix atomics (#2852) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-16 13:06:56 -05:00
dependabot[bot] f1dfe9b8ef Bump jsonschema from 4.22.0 to 4.23.0 (#2858) 2024-07-16 02:10:18 -05:00
dependabot[bot] a16d34fa30 Bump hypothesis from 6.105.1 to 6.108.2 (#2859) 2024-07-16 02:05:53 -05:00
Atomic Red Team doc generator 3c045e1822 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-14 09:30:23 +00:00
nish221b-bs 6b724e37d0 Update T1059.004.yaml (#2840) 2024-07-14 04:29:08 -05:00
Atomic Red Team doc generator 3efa6f8917 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-13 00:11:15 +00:00
liorf c0ce2c7a82 Update T1070.002.yaml (#2847) 
Co-authored-by: Hare Sudhan <code@0x6c.dev>
 2024-07-12 20:10:01 -04:00
Atomic Red Team doc generator 19d0a3589c Generated docs from job=generate-docs branch=master [ci skip] 2024-07-13 00:08:06 +00:00
liorf b63ac9bbbd Fix System log file deletion via find utility scenario in T1070.002 (#2846) 
* Fix System log file deletion via find utility scenario in T1070.002

* Update T1070.002.yaml

* Update T1070.002.md

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
 2024-07-12 20:06:44 -04:00
Atomic Red Team doc generator fd2d2a148d Generated docs from job=generate-docs branch=master [ci skip] 2024-07-12 14:59:56 +00:00
abhijose09 7c51b76bcd Update T1552.001.yaml (#2842) 
* Update T1552.001.yaml

New Test Added : List Credential Files via PowerShell

* Update T1552.001.yaml

Added Test List Credential Files via PowerShell , List Credential Files via Command Prompt

* Updated command lines

Updated command lines
 2024-07-12 09:58:48 -05:00
Atomic Red Team doc generator 9bf5eb6864 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-10 18:42:34 +00:00
Alphonsa George a5ae5e1771 Added input argument #{host} to T1059.004 test name - Create and Execute Bash Shell Script (#2849) 
Co-authored-by: alphonsa-01 <NA>
Co-authored-by: Hare Sudhan <code@0x6c.dev>
 2024-07-10 13:41:25 -05:00
Atomic Red Team doc generator 6a6f6e9ac5 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-10 15:10:05 +00:00
piotranalyst be29bb4b14 Update T1048.md (#2806) 
* Update T1048.md

This is a grammatically correct change.

* update yaml

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-10 10:08:57 -05:00
Atomic Red Team doc generator f30eae885f Generated docs from job=generate-docs branch=master [ci skip] 2024-07-10 15:06:29 +00:00
Mohana Shankar D 39c0efe2d5 Update T1113.yaml (#2827) 
Detects the enabling of the Windows Recall feature via registry manipulation. Windows Recall can be enabled by deleting the existing "DisableAIDataAnalysis" registry value. Adversaries may enable Windows Recall as part of post-exploitation discovery and collection activities. This rule assumes that Recall is already explicitly disabled on the host, and subsequently enabled by the adversary.

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-10 10:05:09 -05:00
Atomic Red Team doc generator 9e94647f6e Generated docs from job=generate-docs branch=master [ci skip] 2024-07-10 14:13:24 +00:00
abhijose09 df0e93d621 Update T1012.yaml (#2841) 
Added new Test Reg query for AlwaysInstallElevated status

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-10 09:12:16 -05:00
Atomic Red Team doc generator 9cc823410d Generated docs from job=generate-docs branch=master [ci skip] 2024-07-10 13:55:40 +00:00
Hare Sudhan c8a70997da Adding more YAML validations (#2837) 
* Update T1202.yaml

* fix all atomics

* changing to macos to fix pytest issue

* changing to macos to fix pytest issue

* adding gitignore
 2024-07-10 08:54:26 -05:00
dependabot[bot] 74cf7fbbe3 Bump hypothesis from 6.104.2 to 6.105.1 (#2843) 
Bumps [hypothesis](https://github.com/HypothesisWorks/hypothesis) from 6.104.2 to 6.105.1.
- [Release notes](https://github.com/HypothesisWorks/hypothesis/releases)
- [Commits](https://github.com/HypothesisWorks/hypothesis/compare/hypothesis-python-6.104.2...hypothesis-python-6.105.1)

---
updated-dependencies:
- dependency-name: hypothesis
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-08 22:19:17 -04:00
dependabot[bot] 7f1923e8d8 Bump pydantic from 2.7.4 to 2.8.2 (#2844) 
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.7.4 to 2.8.2.
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](https://github.com/pydantic/pydantic/compare/v2.7.4...v2.8.2)

---
updated-dependencies:
- dependency-name: pydantic
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-08 22:14:54 -04:00
dependabot[bot] b4051fc81a Bump certifi from 2024.2.2 to 2024.7.4 (#2836) 
Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.2.2 to 2024.7.4.
- [Commits](https://github.com/certifi/python-certifi/compare/2024.02.02...2024.07.04)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-05 22:11:47 -04:00
Atomic Red Team doc generator 79b9d83734 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-05 17:33:31 +00:00
skandler 4d30f39d6e Update T1003.004.yaml (#2835) 
* Update T1003.004.yaml

dumping kerberos tickets with dumper.ps1 powershell, by dumping the winlogon.exe

* Update T1003.004.yaml

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
 2024-07-05 12:32:19 -05:00
Atomic Red Team doc generator 054798feb3 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-05 16:47:58 +00:00
NeuralGlitch 600767fcca Update T1003.002.yaml (#2826) 
new atomic test added

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-05 11:46:48 -05:00
Atomic Red Team doc generator f839852779 Generated docs from job=generate-docs branch=master [ci skip] 2024-07-05 16:44:42 +00:00
Badoodish 7a4ddc4f7d Added new test to T1614.001.yaml (#2830) 
Added following test: Discover System Language with dism.exe

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-05 11:43:28 -05:00
Hare Sudhan 0e34dd2450 [CI/CD] Update assign-labels.yml (#2832) 
* Update assign-labels.yml

* fix ci/cd

* fix ci/cd

* fix ci/cd

* fix assign-labels

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-07-05 11:30:01 -05:00