security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,206 Commits 47 Branches 0 Tags
40ceeff8d9d953cdc41e9c924e0ec00a20609a47
Commit Graph

87 Commits

Author SHA1 Message Date
Atomic Red Team doc generator b06de49267 Generated docs from job=generate-docs branch=master [ci skip] 2022-07-11 21:03:17 +00:00
tccontre 0757ad31d3 Update T1112.yaml (#2029) 
* Update T1112.yaml

* Update T1112.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-11 15:02:32 -06:00
Atomic Red Team doc generator 266cafe4ae Generated docs from job=generate-docs branch=master [ci skip] 2022-07-02 02:37:34 +00:00
Atomic Red Team GUID generator 21dc92261d Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-02 02:37:28 +00:00
frack113 857e9eaf75 Add simple test (#2015) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-01 20:37:00 -06:00
Atomic Red Team doc generator 0d352c3c8e Generated docs from job=generate-docs branch=master [ci skip] 2022-06-23 19:46:46 +00:00
tccontre 26dda89f12 disabling several Windows Notifications and Allow RDP remote assistance Features (#2011) 
* Update T1112.yaml

* Update T1112.yaml

* typos

* Update T1087.002.yaml

* Update T1087.002.yaml

* Update T1087.002.yaml

* Add files via upload

* Update T1053_05_SCTASK_HIDDEN_ATTRIB.xml

* Update T1053.005.yaml

* Update T1053.005.yaml

* Update T1087.002.yaml

* Update T1087.002.yaml

* Update T1112.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-06-23 13:46:11 -06:00
CircleCI Atomic Red Team doc generator 14f6ec8047 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-04-04 12:42:03 +00:00
frack113 750f0ae00c Fix test 33-34 (#1844) 2022-04-04 06:41:33 -06:00
CircleCI Atomic Red Team doc generator bbe0da2d8a Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-04-03 01:03:02 +00:00
MrOrOneEquals1 f8a2984634 do a little cleanup immediately to avoid execution issues with later tests (#1841) 2022-04-02 19:02:27 -06:00
CircleCI Atomic Red Team doc generator 0c9460f719 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-30 22:27:26 +00:00
CircleCI Atomic Red Team GUID generator 63bad3b06c Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-30 22:27:19 +00:00
Michael Haag 869b893247 Simple Safe Mode Registry Mod (#1832) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-30 16:26:39 -06:00
CircleCI Atomic Red Team doc generator 3259795ba5 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-21 22:57:34 +00:00
frack113 e929fa518f Fix test 10 (#1823) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-21 16:56:59 -06:00
CircleCI Atomic Red Team doc generator b4893d15ad Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-18 20:07:16 +00:00
Sittikorn S 0b336ae498 Update T1112.yaml (#1821) 
Modified Windows Powershell registry to disable Logging module.

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-18 14:06:40 -06:00
CircleCI Atomic Red Team doc generator de5e865929 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-18 20:03:18 +00:00
frack113 c761e68ca0 NoTrayContextMenu fix (#1820) 2022-03-18 14:02:44 -06:00
CircleCI Atomic Red Team doc generator 7845416d3d Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-17 16:27:17 +00:00
tccontre da6f4250f3 Modify show compress color and tips in registry (#1819) 
* Update T1112.yaml

* Update T1112.yaml

* typos

* Update T1112.yaml

* Update T1112.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-17 10:26:37 -06:00
CircleCI Atomic Red Team doc generator 1b6204cc23 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-17 16:18:52 +00:00
frack113 3e65326cb9 Fix reg cleanup T1112 Test 9 (#1815) 
* Fix reg cleanup

* ignore errors

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-17 10:18:06 -06:00
CircleCI Atomic Red Team doc generator 924cb2491c Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-16 00:45:11 +00:00
tccontre 1cb8a5395b Disable Windows Notification And Some Group Policy Features. (#1813) 
* Update T1112.yaml

* Update T1112.yaml

* typos

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-15 18:44:39 -06:00
CircleCI Atomic Red Team doc generator 052cae4391 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-14 18:01:13 +00:00
tccontre d83aada893 Disable Windows Features (#1811) 
* Update T1112.yaml

* Update T1112.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-14 12:00:25 -06:00
CircleCI Atomic Red Team doc generator de8ceae8a6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-14 17:44:57 +00:00
tccontre 7a4e2abcdb Update T1112.yaml (#1810) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-14 11:44:14 -06:00
CircleCI Atomic Red Team doc generator 6052b5118a Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-08 01:33:09 +00:00
SecWilson 42dd141032 Fixing Blackbyte Cleanup Commands (#1802) 
Co-authored-by: Wilson <SWilson@nti.local>
 2022-03-07 18:32:31 -07:00
CircleCI Atomic Red Team doc generator 682d8d732b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-07 17:34:07 +00:00
CircleCI Atomic Red Team GUID generator 03c3400af9 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-07 17:34:02 +00:00
SecWilson 43fa5fb8a0 Blackbyte privilege escalation via Powershell (#1796) 
Co-authored-by: Wilson <SWilson@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-07 10:33:31 -07:00
CircleCI Atomic Red Team doc generator 1693f83068 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-22 23:58:21 +00:00
CircleCI Atomic Red Team GUID generator 66ecac79c7 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-22 23:58:16 +00:00
BigPint 285db746a7 Initial creation of BlackByte Ransomware Registry Changes atomic (#1787) 
* Initial creation of BlackByte Ransomware Registry Changes atomic

* Updated T1112 Yaml

Added line at the end
Removed auto guid
added -cmd to test name

Co-authored-by: Wilson <SWilson@nti.local>
 2022-02-22 17:57:54 -06:00
CircleCI Atomic Red Team doc generator 8985aaf0f0 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-12-09 18:42:48 +00:00
Carrie Roberts 5bb5878e62 Cleaning up the Cleanup commands (#1685) 
* cleanup fixes

* cleanup fixes

* cleanup fixes
 2021-12-09 11:42:14 -07:00
CircleCI Atomic Red Team doc generator bc21f59ff0 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-04 00:21:31 +00:00
Josh Rickard 1513717eb2 Updating atomics to conform to standard (#1619) 
* Updated format of input_argument types for Url

* Updated type for input_arguments to Url (missed)

* Updating Path type for input_arguments

* Updated String type for input_arguments

* Missed a few Strings and Url types

* Updated default values for input_arguments to align with their types

* Updated Integer type for input_arguments

* Updated formatting and spacing of atomics
 2021-09-03 18:20:46 -06:00
CircleCI Atomic Red Team doc generator 36d49de4c8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 17:04:33 +00:00
CircleCI Atomic Red Team doc generator 575b36a8e6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 15:16:54 +00:00
CircleCI Atomic Red Team doc generator 0ff4aada24 Generate docs from job=validate_atomics_generate_docs branch=ATHPowerShellCommandLineParamter 2020-11-09 16:41:52 +00:00
P4T12ICK 61e9bb8e87 new atomic T1112 (#1281) 
* new atomic T1112

* typo fix

Co-authored-by: P4T12ICK <pbareib@splunk.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-11-06 13:04:35 -07:00
CircleCI Atomic Red Team doc generator 910a2a764a Generate docs from job=validate_atomics_generate_docs branch=master 2020-09-29 13:53:28 +00:00
CircleCI Atomic Red Team doc generator 8a82e9b66a Generate docs from job=validate_atomics_generate_docs branch=master 2020-06-18 01:57:35 +00:00
Carrie Roberts 24549e3866 Convert to Mitre ATT&CK sub-technique schema (#1056) 
* Initial transfer of atomics to MITRE subtechniques

* Add GUIDs back in, attack_technique to string (#1019)

* technique to string and add guids back in

* technique to string and add guids back in

* technique to string and add guids back in

* technique to string and add guids back in

* Subtechnique transfer T1220-T1546.005 (#1020)

* Create T1222.001.yaml

* Create T1222.002.yaml

* Create T1505.002.yaml

* Update T1543.003.yaml

* Update AtomicService.cs

* Update T1546.005.yaml

* Delete T1222.yaml

* Update T1482.yaml

* Update T1485.yaml

* Update T1220.yaml

* Update T1489.yaml

* Update T1490.yaml

* Update T1496.yaml

* Update T1505.003.yaml

* Update T1505.yaml

* Update T1518.001.yaml

* Update T1518.yaml

* Update T1529.yaml

* Update T1543.004.yaml

* Update T1546.001.yaml

* Update T1546.002.yaml

* Update T1546.002.yaml

* Update T1546.001.yaml

* Update T1543.004.yaml

* Update T1543.002.yaml

* Update T1543.001.yaml

* Update T1518.001.yaml

* Update T1546.004.yaml

* Update T1546.003.yaml

* Update T1531.yaml

* Update T1222.001.yaml

* Update T1222.002.yaml

* Update T1505.002.yaml

* Update T1505.003.yaml

* Update T1518.001.yaml

* Update T1543.001.yaml

* Update T1546.005.yaml

* Update T1546.004.yaml

* Update T1546.003.yaml

* Update T1546.002.yaml

* Update T1546.001.yaml

* Update T1543.004.yaml

* Update T1543.003.yaml

* Update T1543.002.yaml

* added auto_generated_guid 1220

* added T1222.001 auto_generated_guid

* Update T1222.002.yaml

added   auto_generated_guid entries

* Update T1482.yaml

  auto_generated_guid added

* Update T1485.yaml

added   auto_generated_guids

* Update T1489.yaml

added   auto_generated_guids

* Update T1490.yaml

added   auto_generated_guids

* Update T1496.yaml

added   auto_generated_guid

* Update T1505.002.yaml

added   auto_generated_guid from old T1505 same atomic

* Update T1505.003.yaml

added  auto_generated_guid from previous atomic 1100

* Delete T1505.yaml

no longer needed, moved to 1505.002

* Update T1518.yaml

added  auto_generated_guids

* Update T1529.yaml

added   auto_generated_guids

* Update T1531.yaml

added   auto_generated_guids

* Update T1543.001.yaml

added   auto_generated_guid

* Update T1543.002.yaml

added   auto_generated_guid

* Update T1543.004.yaml

added   auto_generated_guid

* Update T1546.001.yaml

added   auto_generated_guid

* Update T1546.002.yaml

added   auto_generated_guid

* Update T1546.003.yaml

* Update T1546.004.yaml

added  auto_generated_guid

* Update T1546.005.yaml

added  auto_generated_guid

* add guids back in

* fix spacing issue

* fix spacing

* fix spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>

* Sub-techniques T1053-T1113 - Updates (#1022)

* Sub-techniques T1053-T1113 - Updates

Updated techniques for sub-techniques.

* minor fixes

format fixing

* Added GUIDs

- Added GUIDs back
- Fixed typo (T1054)
- Fixed attack_technique from an array to a string

* Sub-technique updates T1546.008 through T1574.011 (#1024)

* sub technique updates

* sub technique updates

* sub technique updates

* Carrie updates (#1017)

* updated T1110,12,13

* updated T1114

* updated T1114

* updated T1115

* updated T1119

* updated T1123,24

* updated T1127

* updated T1114

* updated T1127

* updated T1132

* T1134.004

* T1134.004

* updated T1135

* updated T1136

* updated T1137

* updated T1140

* remove depracted T1153

* updated T1176

* updated T1197

* updated T1201

* updated T1202

* updated T1204

* updated T1207

* updated T1216

* updated T1204

* updated T1217

* updated T1218

* updated T1218

* updated T1219

* updated T1218

* attack_technique to string

* Subtechnique transfer (#1025)

* T1003 review

* T1005 manual review changes

* T1027.002 sub-technique review

* T1027.004 sub-technique review

* T1036 sub-technique review

* T1037 sub-technique review

* T1048 sub-technique review

* YAML bugfixes

* Adding auto-generated GUIDs back to tests

* merging with Mike's PR

* Merging with Carrie's PR

* fix spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>

* Subtechnique fix (#1026)

* add atomic_tests: element

* add atomic_tests: element

* more fixes

* more fixes

* more fixes

* sub technique minor fixes 1 (#1027)

* fixes

* fixes

* more fixes

* more fixes

* display name fix (#1028)

* remove some deprecated stuff. reorganize a little (#1031)

* Gendocs fix (#1033)

* gendocs updates for subtechniques

* add folders

* ignore auto generated markdown files

* remove tmp files

* add tmp files

* Generate docs from job=validate_atomics_generate_docs branch=subtechnique_transfer

* navigator layer v3.0

* Generate docs from job=validate_atomics_generate_docs branch=subtechnique_transfer

Co-authored-by: Matt Graeber <60448025+mgraeber-rc@users.noreply.github.com>
Co-authored-by: Tsora-Pop <35981510+Tsora-Pop@users.noreply.github.com>
Co-authored-by: Michael Haag <mike@redcanary.com>
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-06-17 12:55:46 -06:00
CircleCI Atomic Red Team doc generator 35c42f2c61 Generate docs from job=validate_atomics_generate_docs branch=master 2020-05-15 17:19:25 +00:00