344dea9fbd
Generate GUIDs from job=generate-docs branch=master [skip ci]
2024-02-26 19:51:04 +00:00
29e3c6eb8f
Update RustDesk T1219.yaml ( #2706 )
...
* Update RustDesk T1219.yaml
Update RustDesk T1219
* Update T1219.yaml
* Update T1219.yaml
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-26 13:50:20 -06:00
e9b9f2ed7b
Generated docs from job=generate-docs branch=master [ci skip]
2024-02-26 15:24:49 +00:00
c09d2a3748
Generate GUIDs from job=generate-docs branch=master [skip ci]
2024-02-26 15:24:32 +00:00
b166507614
Update T1030.yaml Network-Based Data Transfer in Small Chunks ( #2658 )
...
* Update T1030.yaml Network-Based Data Transfer in Small Chunks
# Atomic Test # - T1030 - Data Transfer Size Limits: Network-Based Data Transfer in Small Chunks
## Objective
Simulate the technique of transferring data over a network in small chunks to evade size-based detection mechanisms.
## Description
This test involves transferring data over a network (either to a controlled external endpoint like `example.com`) in small, segmented sizes. This simulates an adversary's behavior in conducting stealthy data exfiltration.
* Update T1030.yaml
* Update T1030.yaml
removed clean up commands and detection
* Update T1030.yaml
* Update T1030.yaml
updated guid
* Update T1030.yaml
* Update T1030.yaml
updated intendents
* Update T1030.yaml
---------
Co-authored-by: Hare Sudhan <code@0x6c.dev >
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-26 09:23:55 -06:00
edea906548
Implementation of venv into Windows Python atomics ( #2703 )
...
* Improve pip handling (#1 )
* virtual env added to T1018, tested and confirmed working
* virtual env added to T1003.001, tested and confirmed working
* virtual env added to T1555.003, tested and confirmed working
* Removing pip-autoremove installation as not required
* updating atomics count in README.md [ci skip]
---------
Co-authored-by: Hare Sudhan <code@0x6c.dev >
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
Co-authored-by: publish bot <opensource@redcanary.com >
2024-02-26 09:19:26 -06:00
5aef5da247
Generated docs from job=generate-docs branch=master [ci skip]
2024-02-26 15:17:23 +00:00
05fc04f419
Generate GUIDs from job=generate-docs branch=master [skip ci]
2024-02-26 15:17:09 +00:00
a09cebd1a3
Adding new test for T1654 for Enumerate Windows Security Log ( #2704 )
...
* Adding new test for T1654 for Enumerate Windows Security Log via WevtUtil
Adding new test for T1654 for Enumerate Windows Security Log via WevtUtil
* Update T1654.yaml
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-26 09:16:32 -06:00
d7cdd5d68a
updating atomics count in README.md [ci skip]
2024-02-26 15:08:34 +00:00
61733d1e90
Bump actions/checkout from 3 to 4 ( #2705 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-26 09:07:37 -06:00
8daf92f314
updating atomics count in README.md [ci skip]
2024-02-25 01:30:51 +00:00
664af47cb0
Bump actions/github-script from 6 to 7 ( #2698 )
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hare Sudhan <code@0x6c.dev >
2024-02-24 20:30:07 -05:00
29baf7d62e
updating atomics count in README.md [ci skip]
2024-02-25 01:28:47 +00:00
7125b098c8
Bump hashicorp/setup-terraform from 2 to 3 ( #2699 )
...
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform ) from 2 to 3.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases )
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/setup-terraform/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hare Sudhan <code@0x6c.dev >
2024-02-24 20:28:09 -05:00
db7e361b03
updating atomics count in README.md [ci skip]
2024-02-25 01:24:52 +00:00
6bb1f1db7c
Bump actions/upload-artifact from 3 to 4 ( #2700 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hare Sudhan <code@0x6c.dev >
2024-02-24 20:24:11 -05:00
d1551ed88f
updating atomics count in README.md [ci skip]
2024-02-25 01:22:42 +00:00
c821a8f785
Bump actions/stale from 7 to 9 ( #2701 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 7 to 9.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v7...v9 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-24 18:22:06 -07:00
7ef6a1ae5b
updating atomics count in README.md [ci skip]
2024-02-25 01:20:54 +00:00
76a970dd84
Bump actions/setup-python from 4 to 5 ( #2702 )
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4 to 5.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-24 18:20:10 -07:00
097661445e
Dependabot update ( #2697 )
...
* dependabot update
* updating atomics count in README.md [ci skip]
---------
Co-authored-by: publish bot <opensource@redcanary.com >
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-24 20:17:21 -05:00
ae87c3e185
Generated docs from job=generate-docs branch=master [ci skip]
2024-02-25 01:15:48 +00:00
21401622e4
Generate GUIDs from job=generate-docs branch=master [skip ci]
2024-02-25 01:15:31 +00:00
bf630ecb29
fix guid error ( #2696 )
2024-02-24 18:14:49 -07:00
2207b5435e
updating atomics count in README.md [ci skip]
2024-02-22 21:29:45 +00:00
1202d62c59
New test: T1218.011 Gamarue tradecraft commandline with rundll32 execution ( #2678 )
...
* New test: T1218.011 Gamarue tradecraft commandline with rundll32 execution
* Update T1218.011.yaml
* Update T1218.011.yaml
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-22 15:29:05 -06:00
b96b30d394
updating atomics count in README.md [ci skip]
2024-02-22 20:56:39 +00:00
0bd9b1acc1
New Test T1137.001 - 'Office Application Startup: Office Template Macros.' ( #2694 )
...
* Create T1137.001.yml
Created new Directory and new test for T1137.001
* Rename T1137.001.yml to T1137.001.yaml
* Update T1137.001.yaml
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-22 14:56:04 -06:00
9628658dba
updating atomics count in README.md [ci skip]
2024-02-22 20:07:05 +00:00
df24b972a9
New test: T1003.003 - Create Volume Shadow Copy with diskshadow ( #2690 )
...
* New test - Create Volume Shadow Copy with diskshadow
* Fix typos
* fix indentation
* Update T1003.003.yaml
* Update T1003.003.yaml
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-22 14:06:29 -06:00
1eed144a1e
updating atomics count in README.md [ci skip]
2024-02-22 19:49:03 +00:00
eba0f8ea61
Esxi atomic tests batch 2 ( #2650 )
...
* initial esxi commit
* second commit esxi
* use ExternalPayloads folder
* use ExternalPayloads folder
---------
Co-authored-by: clr2of8 <clr2of8@gmail.com >
2024-02-22 13:48:23 -06:00
11400be951
updating atomics count in README.md [ci skip]
2024-02-22 17:44:08 +00:00
e1d81a1412
remove open source index badge ( #2692 )
2024-02-22 12:43:27 -05:00
77a44aea50
Generated docs from job=generate-docs branch=master [ci skip]
2024-02-22 17:37:16 +00:00
ed31f26ba9
Generate GUIDs from job=generate-docs branch=master [skip ci]
2024-02-22 17:37:00 +00:00
8f71cf4d53
SOAPHound ( #2689 )
...
* SOAPHound
* Updates
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-22 11:36:17 -06:00
a840cf6245
Generated docs from job=generate-docs branch=master [ci skip]
2024-02-21 16:26:59 +00:00
af13a59177
remove atomic w/broken bitly link ( #2693 )
2024-02-21 11:25:36 -05:00
29f5edda49
updating atomics count in README.md [ci skip]
2024-02-12 20:36:28 +00:00
322d908af6
Bump ruamel-yaml from 0.18.5 to 0.18.6 ( #2685 )
...
Bumps [ruamel-yaml]() from 0.18.5 to 0.18.6.
---
updated-dependencies:
- dependency-name: ruamel-yaml
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-12 14:35:36 -06:00
86c88bc4d1
Generated docs from job=generate-docs branch=master [ci skip]
2024-02-09 14:59:36 +00:00
15e983365f
Generate GUIDs from job=generate-docs branch=master [skip ci]
2024-02-09 14:59:20 +00:00
50512fcc95
Adding ASR rules deletion ( #2683 )
...
* adding ASR rules deletion
* adding ASR rules deletion
* adding ASR rules deletion
* adding ASR rules deletion
* adding ASR rules deletion
* adding ASR rules deletion
---------
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-09 08:58:45 -06:00
98f9300887
Generated docs from job=generate-docs branch=master [ci skip]
2024-02-08 21:39:53 +00:00
ded6414060
Generate GUIDs from job=generate-docs branch=master [skip ci]
2024-02-08 21:39:40 +00:00
f92569597a
Add new atomic test T1055 custom uuid process injection in C, a stealthier implementation compares to the original one introduced by NCC group ( #2674 )
...
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2024-02-08 15:39:08 -06:00
dea1cd7641
Generated docs from job=generate-docs branch=master [ci skip]
2024-02-08 21:36:56 +00:00
a9326f2654
Generate GUIDs from job=generate-docs branch=master [skip ci]
2024-02-08 21:36:40 +00:00
Atomic Red Team GUID generator