security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,756 Commits 47 Branches 0 Tags
474cbdff8ab533ee28654c4f1fd3ca8a8a5e71ae
Commit Graph

5756 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
sai prashanth pulisetti 474cbdff8a Update T1580.yaml 2024-01-21 09:52:49 +05:30
sai prashanth pulisetti d50ce7648b Update T1580.yaml 
removed notes and clean up command
 2024-01-21 09:50:36 +05:30
Hare Sudhan fa66c9cd44 Merge branch 'master' into patch-7 2024-01-20 15:48:17 -05:00
publish bot 8a1987a42a updating atomics count in README.md [ci skip] 2024-01-20 20:48:12 +00:00
Mohana Shankar D 11c442180e Update T1486.yaml (#2665) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-20 14:47:36 -06:00
Hare Sudhan 4381e0ba8c Merge branch 'master' into patch-7 2024-01-20 15:45:26 -05:00
Atomic Red Team doc generator 6a3a2ede32 Generated docs from job=generate-docs branch=master [ci skip] 2024-01-20 20:45:01 +00:00
Hare Sudhan e742bcb626 Fix schema validation (#2666) 2024-01-20 14:44:16 -06:00
Hare Sudhan 312df03de5 Merge branch 'master' into patch-7 2024-01-19 23:41:29 -05:00
Atomic Red Team doc generator f6fc008a05 Generated docs from job=generate-docs branch=master [ci skip] 2024-01-20 04:21:06 +00:00
Atomic Red Team GUID generator e9ab27efff Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-01-20 04:20:53 +00:00
sai prashanth pulisetti b6fa8857a5 Atomic Test #7 - System Owner/User Discovery Using Command Prompt (#2657) 
* Atomic Test #7 - System Owner/User Discovery Using Command Prompt

Identify the system owner or current user using native Windows command prompt utilities.

* Update T1033.yaml

adjusted - "del %output_path%\\user_info_*.tmp"

* Update T1033.yaml

adjusted output_path with Temp

* Update T1033.yaml

* Update T1033.yaml

* Update T1033.yaml

* Update T1033.yaml

* Update T1033.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-19 22:20:19 -06:00
Zeta 871b418282 Update T1218.yaml (#2646) 
* Update T1218.yaml

add new test "Atbroker.exe (AT) Executes Arbitrary Command via Registry Key"

* Update T1218.yaml

Move to T1546.008

* Update T1546.008.yaml Details: Add new test - Atbroker.exe (AT) Executes Arbitrary Command via Registry Key

Add new test "Atbroker.exe (AT) Executes Arbitrary Command via Registry Key"

* updating atomics count in README.md [ci skip]

---------

Co-authored-by: publish bot <opensource@redcanary.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-19 22:14:16 -06:00
sai prashanth pulisetti dd9242465d Merge branch 'master' into patch-7 2024-01-19 19:00:01 +05:30
Atomic Red Team doc generator 65348695f9 Generated docs from job=generate-docs branch=master [ci skip] 2024-01-18 21:57:17 +00:00
Atomic Red Team GUID generator 9141822411 Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-01-18 21:57:04 +00:00
Bhavin Patel 640330c513 Updated PR 2461 2463 into a new one (#2655) 
* updating ttp

* updating atomics from PR and adding new

* update command

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-18 15:56:30 -06:00
Atomic Red Team doc generator 5c828eca90 Generated docs from job=generate-docs branch=master [ci skip] 2024-01-18 21:54:06 +00:00
Atomic Red Team GUID generator 4fb5bddaff Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-01-18 21:53:49 +00:00
sai prashanth pulisetti b28f61b5e1 Update T1020.yaml -Add New Atomic Test for T1020 - Exfiltration via Encrypted FTP (#2656) 
* Update T1020.yaml

Atomic Test #2 - Exfiltration via Encrypted FTP
Simulates encrypted file transfer to an FTP server, representing stealthy data exfiltration methods.

* Update T1020.yaml

updated notes

* Update T1020.yaml

updated line 50

* move notes to description, remove empty tags

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-18 15:52:59 -06:00
sai prashanth pulisetti d626e7ed29 Update T1580.yaml 2024-01-19 00:27:12 +05:30
sai prashanth pulisetti 5348c67b51 Update T1580.yaml 
removed un supported formats
 2024-01-19 00:12:24 +05:30
sai prashanth pulisetti 13da08ba97 Update T1580.yaml 
updated with 
dependencies:
  - description: AWS CLI installed and configured with the necessary access rights.
    prereq_command: type aws || aws --version
    get_prereq_command: |
      if [ "$(uname)" = "Darwin" ] || [ "$(expr substr $(uname) 1 5)" = "Linux" ]; then
        curl "https://aws.amazon.com/cli/" -o "Install-AWSCLI.sh" && sh Install-AWSCLI.sh
      elif [ "$(expr substr $(uname) 1 5)" = "MINGW" ]; then
        Invoke-WebRequest -Uri "https://aws.amazon.com/cli/" -OutFile "Install-AWSCLI.ps1"; .\Install-AWSCLI.ps1
      fi
 2024-01-18 14:37:01 +05:30
sai prashanth pulisetti 73b75c2db7 Update T1580.yaml 2024-01-18 14:32:39 +05:30
sai prashanth pulisetti 6796db1ee1 Update T1580.yaml 2024-01-18 14:31:00 +05:30
sai prashanth pulisetti 1ba98b5f23 Update T1580.yaml 
updated :

supported_platforms:
  - windows
  - macos
  - linux
  - iaas:aws
 2024-01-18 14:29:17 +05:30
sai prashanth pulisetti 8ec468e6e2 Update T1580.yaml 
updated supported_platforms:
iass:aws
 2024-01-18 14:27:31 +05:30
sai prashanth pulisetti b80b06ad72 Update T1580.yaml AWS - EC2 Security Group Enumeration 
Simulate an attacker's action to enumerate EC2 Security Groups in a compromised AWS environment.
 2024-01-18 14:21:45 +05:30
Atomic Red Team doc generator 32d9b8c9f5 Generated docs from job=generate-docs branch=master [ci skip] 2024-01-17 21:46:45 +00:00
Atomic Red Team GUID generator 7b0ba0b341 Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-01-17 21:46:21 +00:00
Leo Verlod b8e521c714 Adding T1543.006 Test 6 - Modify Service to Run Arbitrary Binary (Powershell) (#2653) 
* Adding T1543.006 Test 6

* Update T1543.003.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-17 15:44:54 -06:00
publish bot 2723c2f750 updating atomics count in README.md [ci skip] 2024-01-03 22:23:55 +00:00
Ikko Eltociear Ashimine 71a478e525 Update README.md (#2649) 
Github -> GitHub

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-03 16:23:17 -06:00
Atomic Red Team doc generator 49f738b461 Generated docs from job=generate-docs branch=master [ci skip] 2024-01-03 22:12:30 +00:00
Atomic Red Team GUID generator cb9433117b Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-01-03 22:12:17 +00:00
rosan091 f1c38b0670 Msedge proxy execution (#2647) 
Co-authored-by: unknown <administrator@ADAWS.COM>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-01-03 16:11:43 -06:00
Atomic Red Team doc generator bd7e635b21 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-28 15:35:40 +00:00
Hare Sudhan 00c9f11bbe Update T1221.yaml (#2648) 2023-12-28 09:34:49 -06:00
Atomic Red Team doc generator e1164d3054 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-27 17:58:55 +00:00
dwhite9 06ebf05785 Added the "-c" option to adfind commands. (#2645) 
* Added the "-c" option to adfind commands. This will cause it to print a
count of the returned objects instead of the actual objects. This is
very useful for large environments and allows it run quicker without
actually exposing any sensitive information.

* Adding the code to allow specifying optional arguments at runtime instead of hardcoding the -c to allow more flexibility per this request:
https://github.com/redcanaryco/atomic-red-team/pull/2645#pullrequestreview-1795339526

---------

Co-authored-by: dwhite <n/a>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Co-authored-by: dwhite9 <n@a>
 2023-12-27 11:58:02 -06:00
publish bot de637b370b updating atomics count in README.md [ci skip] 2023-12-22 21:43:36 +00:00
Hare Sudhan 460135314e Github Codespace added (#2644) 
* Create devcontainer.json

* devcontainers added

* devcontainers added

* add setup files

* Update README.md
 2023-12-22 15:43:02 -06:00
Atomic Red Team doc generator b998ba7370 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-20 03:35:19 +00:00
Tessa Georgen c30ed0fe85 Remove improper extra field from T1562.010.yaml (#2642) 2023-12-19 20:34:27 -07:00
Atomic Red Team doc generator a79c9e0e82 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-14 15:28:03 +00:00
Atomic Red Team GUID generator 7f3f0be18b Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-12-14 15:27:50 +00:00
BlueTeamOps 9ba4043595 ESXi ART Tests Batch 1 (#2635) 
* ESXi Tests Batch 1

* remove duplicate key

* Update T1082.yaml

Updated the binary location to ExternalPayloads folder and also added the folder creation in GetPreReqs

* Update T1083.yaml

Added External Payloads and included folder creation in GetPreReqs

* Update T1129.yaml

Added ExternalPayloads refence. 
Added folder creation in GetPreReqs
Move the reference of the vib to src

* Update T1529.yaml

Added External Payloads folder and added folder creation step to GetPreReqs

* Update T1529.yaml

987c9b4d-a637-42db-b1cb-e9e242c3991b - added external payloads

* Update T1562.010.yaml

Added External Payloads reference and folder creation to GetPreReqs

* Moved the vib to src

* Delete atomics/T1129/bin directory

* Delete atomics/T1082/bin directory

* Delete atomics/T1083/bin directory

* Delete atomics/T1562.010/bin directory

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-14 08:27:13 -07:00
Atomic Red Team doc generator 2dcdc27df7 Generated docs from job=generate-docs branch=master [ci skip] 2023-12-14 04:47:22 +00:00
AJ King 8bca554bc8 Update T1555.003.yaml - typo fix (#2637) 2023-12-13 21:46:31 -07:00
咸鱼型233 b37aaabcd5 fixed path error (#2629) 
* fixed path error

* add cleanup commands

* updating atomics count in README.md [ci skip]

---------

Co-authored-by: Hare Sudhan <code@0x6c.dev>
Co-authored-by: publish bot <opensource@redcanary.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-12-13 15:26:00 -06:00