 Michael Haag
|
5f65f954be
|
Done
YAML'd all the linux
|
2018-05-25 14:16:50 -04:00 |
|
|
Michael Haag
|
c5d664d5f0
|
Linux Execution and Exfiltration
DONE for YAM
|
2018-05-25 14:08:12 -04:00 |
|
|
Michael Haag
|
36b28e97da
|
Linux Discovery yaml conversions
|
2018-05-25 13:52:46 -04:00 |
|
|
caseysmithrc
|
bd3170421e
|
Merge pull request #135 from redcanaryco/yaml-spec
Proposed YAML spec and validation script
|
2018-05-09 18:29:49 -04:00 |
|
|
Brian Beyer
|
55d9b37b22
|
start yamlizing a bunch of techniques
|
2018-04-17 00:13:12 -07:00 |
|
|
Ye Yint @ Rolan
|
71b51d6c47
|
update link based on Mitre April update
|
2018-04-16 18:07:57 +08:00 |
|
|
Ye Yint @ Rolan
|
dd494582f6
|
updated based on Mitre April update
|
2018-04-16 18:02:46 +08:00 |
|
|
Ye Yint @ Rolan
|
3404c8b616
|
update based on Mitre April update
|
2018-04-16 18:01:06 +08:00 |
|
|
ForensicITGuy
|
e9f7a6c9ed
|
Added test to exfil data over HTTP
|
2018-03-15 17:03:14 -05:00 |
|
|
caseysmithrc
|
fdde68b5e7
|
Merge pull request #104 from ForensicITGuy/linux-root-ca
Added test to generate and trust root CA on Linux. Updated README.
|
2018-03-14 21:47:32 -06:00 |
|
|
Tony M Lambert
|
376512f6e2
|
Added File Deletion, Data Compression/Encryption, Data splitting tests
|
2018-03-12 01:32:55 -05:00 |
|
|
Tony M Lambert
|
779f2c71cc
|
Added test to generate and trust root CA on Linux. Updated README.
|
2018-03-10 01:27:49 -06:00 |
|
|
Tony M Lambert
|
8346a7a1f5
|
Added tests for disable of firewall, syslog, Cb daemon, SELinux
|
2018-03-09 22:25:46 -06:00 |
|
|
Tony M Lambert
|
4f65330559
|
Added Remote File Copy tests on Linux and relevant README
|
2018-03-09 21:54:34 -06:00 |
|
|
Tony M Lambert
|
80a9487da3
|
Added test for timestomping on Linux with relevant README changes.
|
2018-03-09 19:51:46 -06:00 |
|
|
Tony M Lambert
|
8b8d6059ee
|
Added Hidden Files and Directories checks for Linux
|
2018-03-08 23:52:30 -06:00 |
|
|
caseysmithrc
|
ed1dd3cea0
|
Merge pull request #93 from JeremyNGalloway/master
added a Linux Defense Evasion entry for Rootkits
|
2018-02-27 13:21:49 -07:00 |
|
|
JeremyNGalloway
|
7ff3fb1ee1
|
Update README.md
|
2018-02-27 11:14:56 -06:00 |
|
|
JeremyNGalloway
|
56ed971cdd
|
Update README.md
|
2018-02-27 11:14:29 -06:00 |
|
|
JeremyNGalloway
|
ee8b642728
|
updated README with links to Rootkits
|
2018-02-27 11:13:15 -06:00 |
|
|
JeremyNGalloway
|
08de1f2ead
|
Initial upload
|
2018-02-27 11:07:04 -06:00 |
|
|
Dan Bourke
|
3e4ba89cf4
|
adding actually published extension details
|
2018-02-26 16:26:56 +11:00 |
|
|
Dan Bourke
|
24412945ce
|
add instructions for Firefox
|
2018-02-26 15:16:12 +11:00 |
|
|
Dan Bourke
|
5dc3e36666
|
typo in README.md
|
2018-02-26 13:16:16 +11:00 |
|
|
Dan Bourke
|
e4b8cdb9c2
|
add linux browser extension docs and payload
|
2018-02-26 13:13:39 +11:00 |
|
|
ForensicITGuy
|
b86511e2a9
|
Added Linux Execution CLI Test CURL/WGET to bash
|
2018-02-22 00:45:59 -06:00 |
|
|
Dan Bourke
|
258d7c83d5
|
fix formatting issue
|
2018-02-19 14:32:10 +11:00 |
|
|
Dan Bourke
|
1ad74772b7
|
mac and linux example setuid binary
|
2018-02-19 14:29:52 +11:00 |
|
|
Tony M Lambert
|
cba719ea81
|
Merge pull request #2 from ForensicITGuy/linux-goodness
Linux goodness
|
2018-02-13 15:14:54 -06:00 |
|
|
Tony M Lambert
|
03bcfd5c04
|
Delete Discovery.sh
|
2018-02-13 15:13:32 -06:00 |
|
|
Tony M Lambert
|
bb5a0181f2
|
Adding Persistence and Execution tests for Trap
|
2018-02-13 15:10:47 -06:00 |
|
|
Tony M Lambert
|
80bdcf5f10
|
Work in progress Linux discovery payload
|
2018-02-08 17:31:39 -06:00 |
|
|
Michael Haag
|
7dbbb68677
|
Update Exfiltration_Over_Alternative_Protocol.md
|
2018-02-08 06:52:43 -06:00 |
|
|
Dan Bourke
|
b047c5575f
|
update readme, update linux example path
|
2018-02-08 17:05:23 +11:00 |
|
|
Dan Bourke
|
809b85b2a2
|
add first pass at SSH exfiltration
|
2018-02-08 17:01:34 +11:00 |
|
|
Michael Haag
|
58c0b63bc6
|
Updated Linux Matrix
Updated Matrix
|
2018-01-16 11:47:24 -07:00 |
|
|
atmathis
|
89513673d7
|
Linux Discovery
* Added several Linux Discovery tactics and updated grid
|
2018-01-11 16:56:58 -05:00 |
|
|
atmathis
|
d0cf8c4542
|
Update Process Discovery
* Made a change to Process Discovery (added saving the output for exfil)
* Added Process Discovery to Linux and updated grid
|
2018-01-11 16:09:12 -05:00 |
|
|
atmathis
|
0e877849ef
|
Fixing .bash_profile
* Removed commands not related to this technique, and replaced them
with legitimate ones.
* Added .bash_profile page to Mac
|
2018-01-11 15:54:20 -05:00 |
|
|
caseysmithrc
|
f4fe0d67d6
|
Merge pull request #53 from infosecn1nja/patch-1
Persistence .bashrc / .bash_profile
|
2018-01-09 09:26:41 -07:00 |
|
|
Michael Haag
|
c9d674bf80
|
Merge pull request #49 from JimmyAstle/Discover/Files_folders_Linux
Discover/files_folders_Linux
|
2018-01-08 14:55:40 -07:00 |
|
|
Rahmat Nurfauzi
|
4842ffb05d
|
Persistence .bashrc / .bash_profile
|
2018-01-07 05:55:19 +07:00 |
|
|
Jimmy Astle
|
f5c1d7af56
|
Adding in some Linux System OS discovery one liners
|
2018-01-03 17:34:12 -05:00 |
|
|
JimmyAstle
|
d0d71177e1
|
Merge branch 'master' into Discover/Files_folders_Linux
|
2018-01-03 10:34:10 -05:00 |
|
|
Michael Haag
|
9a4b06e89d
|
Merge pull request #50 from JimmyAstle/Defense_Evasion/Clear_history
Defense evasion/clear_history
|
2018-01-03 07:30:49 -07:00 |
|
|
Jimmy Astle
|
e36a8e3377
|
Removing the groups command as that should live in a seperate spot
|
2018-01-02 17:20:28 -05:00 |
|
|
Jimmy Astle
|
7f78ad5ace
|
Adding in missing table link for Account Discovery
|
2018-01-02 17:16:27 -05:00 |
|
|
Jimmy Astle
|
219534d464
|
Updating Table to link to file and folder discovery
|
2018-01-02 16:11:04 -05:00 |
|
|
Jimmy Astle
|
919993d886
|
Couple of fun searching techniques
|
2018-01-02 16:07:07 -05:00 |
|
|
Jimmy Astle
|
e7d731615e
|
Adding in a few more account discovery techniques
|
2018-01-02 16:03:14 -05:00 |
|