security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,206 Commits 47 Branches 0 Tags
40ceeff8d9d953cdc41e9c924e0ec00a20609a47
Commit Graph

4206 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Travis Lowe 48390130cb more K8s things 2021-05-19 12:29:37 -05:00
Travis Lowe 3256279d28 kubernetes-token 2021-05-19 11:48:39 -05:00
Carl 94bfa95d65 Merge branch 'master' into T1135_test1_split 2021-05-19 09:42:04 -06:00
Brian Thacker 5a39c2c7f6 Update T1562.001.yaml 
Added prereq commands to test 1
 2021-05-19 08:31:29 -05:00
Brian Thacker 6aba5d3ef8 Update T1562.001.yaml 
Test 1: changed commands to be executed via input arguments to account for different flavors of Linux. Added cleanup commands based on the same principle.
 2021-05-18 15:10:05 -05:00
Brian Thacker 201459202f Update T1562.004.yaml 
Test 1 edits: Simplified name, put commands into input variables to make test more versatile and not just for CentOS. Added cleanup commands using same method.
 2021-05-18 13:40:29 -05:00
CircleCI Atomic Red Team doc generator e1989f2bec Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-18 15:24:18 +00:00
CircleCI Atomic Red Team GUID generator da2dd2b06b Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-18 15:24:12 +00:00
Alex Flores bba82c0d5e adds additional lsass dump test (#1467) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-05-18 09:23:39 -06:00
CircleCI Atomic Red Team doc generator 6a570c2a46 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-18 14:52:23 +00:00
tjgeorgen 7d494dcbce Fix file path for PowerDump Import (#1466) 
seemed to download the module to $Env:Temp then run from .\, so I changed both to $Env:Temp
 2021-05-18 08:51:47 -06:00
Brian Thacker b473355eaa Merge branch 'master' into T1135_test1_split 2021-05-16 16:22:13 -05:00
CircleCI Atomic Red Team doc generator 65510577ca Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-14 11:34:42 +00:00
CircleCI Atomic Red Team GUID generator 4578cb3549 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-14 11:34:35 +00:00
Wesley Cesar d4c78db8c4 Update T1082.yaml (#1435) 2021-05-14 05:34:01 -06:00
CircleCI Atomic Red Team doc generator 1186af54a7 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-13 20:44:17 +00:00
CircleCI Atomic Red Team GUID generator 5f57e740fb Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-13 20:44:10 +00:00
Ján Trenčanský a7a1e69bda WMI create process using indirect Win32_Process call (#1461) 
* Win32_Process obfuscate

* T1047-8 cleanup command

* T1047-8 add process_to_execute argument

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-05-13 14:43:37 -06:00
Geoff Galitz ce9f8f63ba Fix minor typo Specigy -> Specify (#1462) 
Co-authored-by: woodyhacker <cesarholz497@gmail.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-05-13 14:42:06 -06:00
Brook Riggio e062b5296d Update atomic_test_template.yaml (#1463) 2021-05-13 14:38:26 -06:00
Brian Thacker a0a56474ae Update T1135.yaml 
Split test 1 into two tests one for macos and one for Linux. Linux test added prereq commands and used a different tool.
 2021-05-09 17:43:33 -05:00
CircleCI Atomic Red Team doc generator 03ee9ef29b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-08 18:03:02 +00:00
CircleCI Atomic Red Team GUID generator ef116ab4e0 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-08 18:02:55 +00:00
inc0gnit0 c6d8941307 Added T1560.002, T1486, T1059.006 - Blackbot Inc. (#1438) 
* Added T1486

* Added T1560.002

* Added T1059.006

Co-authored-by: ryang <ryang@blackbot.io>
Co-authored-by: SpookySec <anonymousbot100110@gmail.com>
 2021-05-08 12:02:28 -06:00
tlor89 cf2250b19c T1046_Update (#1460) 
Co-authored-by: Toua Lor <tlor@nti.local>
 2021-05-07 09:26:27 -06:00
dependabot[bot] a4c57bdae3 Bump rexml from 3.2.4 to 3.2.5 (#1455) 
Bumps [rexml](https://github.com/ruby/rexml) from 3.2.4 to 3.2.5.
- [Release notes](https://github.com/ruby/rexml/releases)
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)
- [Commits](https://github.com/ruby/rexml/compare/v3.2.4...v3.2.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-05-03 16:59:59 -06:00
CircleCI Atomic Red Team doc generator 1b7cc49d63 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-05-03 22:58:57 +00:00
Brian Thacker ef179339ab Update T1562.001 Test 3 (#1456) 
Added cleanup commands. Added elevation required
 2021-05-03 16:58:37 -06:00
CircleCI Atomic Red Team doc generator 5fc22afd72 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-30 20:56:30 +00:00
monoors b43b7a6f07 Update T1056.004.yaml (#1453) 
This parameter is required on systems where no internet explorer is installed, otherwise a parsing error will occur:

curl : The response content cannot be parsed because the Internet Explorer engine is not available, or Internet Explorer's first-launch
configuration is not complete. Specify the UseBasicParsing parameter and try again.
At line:2 char:1
+ curl https://www.example.com}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotImplemented: (:) [Invoke-WebRequest], NotSupportedException
    + FullyQualifiedErrorId : WebCmdletIEDomNotSupportedException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-04-30 14:55:54 -06:00
CircleCI Atomic Red Team doc generator 6bd8fc68e7 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-30 20:53:20 +00:00
tlor89 6b724298f1 T1562.002_Update (#1451) 
Co-authored-by: Toua Lor <tlor@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-04-30 14:53:00 -06:00
CircleCI Atomic Red Team doc generator 5dd066ec61 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-30 20:50:27 +00:00
CircleCI Atomic Red Team GUID generator 50f1ea7a06 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-30 20:50:22 +00:00
Ján Trenčanský 731a7c9ed6 T1053.005 create SchduledTask using WMI class (#1434) 
* ScheduledTask via WMI

* Fix typos and XML load

* Fix wrong cmdlet name in test name

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-04-30 14:49:42 -06:00
CircleCI Atomic Red Team doc generator 513b2f7cc9 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-30 20:42:42 +00:00
Michael Boman 0379f23997 Take 2 on making psexec a configurable dependency. (#1450) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-04-30 14:41:57 -06:00
CircleCI Atomic Red Team doc generator f9d21d9a0e Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-29 22:44:57 +00:00
MrOrOneEquals1 7cdea9c925 fix for install and check (#1452) 2021-04-29 16:44:35 -06:00
CircleCI Atomic Red Team doc generator 9129ed61a3 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-27 22:21:24 +00:00
CircleCI Atomic Red Team GUID generator e909621a57 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-27 22:21:19 +00:00
Wesley Cesar 6954425558 Update T1046.yaml (#1436) 
* Update T1046.yaml

* Create T1046.py

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-04-27 16:20:51 -06:00
CircleCI Atomic Red Team doc generator b47fde5ba6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-27 22:17:12 +00:00
Rodney f0dc61911a changed calc to notepad for T1055.012 (#1437) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-04-27 16:16:42 -06:00
CircleCI Atomic Red Team doc generator 650a5b6c27 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-27 21:59:00 +00:00
tlor89 6806b2ccc1 T-1562.004_Test6_Update (#1448) 
* T-1562.004_Test6_Update

* add force to the copy command

Co-authored-by: Toua Lor <tlor@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-04-27 15:58:37 -06:00
CircleCI Atomic Red Team doc generator dcd84948b0 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-27 21:51:10 +00:00
Michael Boman dac15a5494 Fix #1443 (#1445) 
* Fixes #1443 with updated URL to wireshark.

* Added npcap dependency

* Whitespace *sigh*

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-04-27 15:50:49 -06:00
CircleCI Atomic Red Team doc generator f32bcc822c Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-27 21:44:44 +00:00
Michael Boman 86b0d22094 T1078.001 make guest account configurable (#1447) 
* Autocommit of generated test

* Fixed dependecy for psexec so the tool can be automatically downloaded.

* Delete T1036.002.yaml

* Fix #1446

* Delete T1021.002.yaml

Shouldn't appear in this branch...
 2021-04-27 15:44:21 -06:00