security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,763 Commits 47 Branches 0 Tags
5ec79bd8edce5b2048bcfe5ff806478b93ee68a0
Commit Graph

1763 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CircleCI Atomic Red Team doc generator 5ec79bd8ed Generate docs from job=validate_atomics_generate_docs branch=master 2020-03-09 15:50:11 +00:00
Carrie Roberts 34f36da8f3 make verifyhash function available to prereq (#859) 2020-03-09 09:48:56 -06:00
CircleCI Atomic Red Team doc generator 063103ab79 Generate docs from job=validate_atomics_generate_docs branch=master 2020-03-07 23:04:14 +00:00
tlor89 4ddb393a9b T1095-2_Update (#863) 
* T1095_Update

* T1095-2_update

* T1095-2_Update

Co-authored-by: Toua Lor <tlor@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-03-07 16:03:55 -07:00
CircleCI Atomic Red Team doc generator 31f946622d Generate docs from job=validate_atomics_generate_docs branch=master 2020-03-07 22:20:30 +00:00
Mr B0b 291346e52b Add test 2 prereqs for T1003 that performs Credential Dumping (#861) 
* Add test 2 prereqs for T1003 that performs Credential Dumping

* add import from web

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-03-07 15:20:14 -07:00
Carrie Roberts cac20abd54 Remove old invoke (#858) 
* move emond test into correct T#

* only show cleanup with inputs if there are inputs

* remove old invoke

Co-authored-by: Tony M Lambert <ForensicITGuy@users.noreply.github.com>
Co-authored-by: Michael Haag <mike@redcanary.com>
Co-authored-by: Keith McCammon <keith@redcanary.com>
 2020-03-06 15:25:27 -07:00
CircleCI Atomic Red Team doc generator c54ebaea98 Generate docs from job=validate_atomics_generate_docs branch=master 2020-03-06 19:59:43 +00:00
tlor89 421e21675a t-1028_Update (#857) 
Co-authored-by: Toua Lor <tlor@nti.local>
 2020-03-06 12:59:20 -07:00
CircleCI Atomic Red Team doc generator 799b63f3c8 Generate docs from job=validate_atomics_generate_docs branch=master 2020-03-06 03:49:25 +00:00
mikesiegel c04e6c16b9 Modifying T1214 to include TrickBot PuTTY Session enumeration (#856) 
* Add new T1214 technique PuTTY session enumeration as perfomred by Trickbot

* Add new T1214 technique PuTTY session enumeration as perfomred by Trickbot

* Add new T1214 technique PuTTY session enumeration as perfomred by Trickbot

* Add new T1214 technique PuTTY session enumeration as perfomred by Trickbot

* Add new T1214 technique PuTTY session enumeration as perfomred by Trickbot
 2020-03-05 20:48:52 -07:00
CircleCI Atomic Red Team doc generator f89552e246 Generate docs from job=validate_atomics_generate_docs branch=master 2020-03-04 21:35:00 +00:00
Carrie Roberts 75149a7ac0 T1071-IP (#855) 
* T1071-IP

* T1071-IP-fixed

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-03-04 14:34:40 -07:00
CircleCI Atomic Red Team doc generator 434c79f099 Generate docs from job=validate_atomics_generate_docs branch=master 2020-03-04 21:32:29 +00:00
Carrie Roberts 6d4863aea6 Disable Office Security Settings, Delete Windows Defender Definition Files (#854) 
* Disable Office Security Settings

* fixes

* Add test to delete windows defender files
 2020-03-04 14:32:08 -07:00
CircleCI Atomic Red Team doc generator 877da0ba7d Generate docs from job=validate_atomics_generate_docs branch=master 2020-03-02 20:31:47 +00:00
dwhite9 aae45a1937 fixed RunOnce cleanup command by adding extra input argument for reg (#852) 
key.

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-03-02 13:31:26 -07:00
CircleCI Atomic Red Team doc generator ed32225707 Generate docs from job=validate_atomics_generate_docs branch=master 2020-03-02 20:30:10 +00:00
Andras32 6b6f7f1a48 Cast to string, strip (#853) 2020-03-02 13:29:48 -07:00
CircleCI Atomic Red Team doc generator 08034b7971 Generate docs from job=validate_atomics_generate_docs branch=master 2020-03-01 04:11:52 +00:00
tlor89 5ab6e75302 T1024 ostap js version (#851) 
* merged test 2

* Fixed Cleanup double execution error

* cleaned up description wording
 2020-02-29 21:11:35 -07:00
CircleCI Atomic Red Team doc generator ab2c18b19d Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-29 21:59:49 +00:00
Andras32 6fb77ba8aa T1071-8 OSTap Payload Download (#849) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-02-29 14:59:35 -07:00
CircleCI Atomic Red Team doc generator 6e8971bc79 Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-29 21:47:05 +00:00
Andras32 6cef46c6fc added t1204-2 (#850) 2020-02-29 14:46:51 -07:00
CircleCI Atomic Red Team doc generator 59e7d3322b Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-28 21:57:52 +00:00
Andras32 080bac8e1a markdown file take 2 (#847) 2020-02-28 14:57:29 -07:00
CircleCI Atomic Red Team doc generator a9baff5251 Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-28 20:40:45 +00:00
tlor89 833caefbd0 T1153-T1531_CleanupErrors (#846) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-02-28 13:40:26 -07:00
CircleCI Atomic Red Team doc generator 9dc3636e3f Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-28 20:04:31 +00:00
Andras32 a32b50028b fixed md file parsing issue (#845) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-02-28 13:04:03 -07:00
CircleCI Atomic Red Team doc generator 9d8ffda86d Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-28 19:48:08 +00:00
tlor89 52b99cd654 T1056_T1090_CleanupErrors (#844) 2020-02-28 12:47:42 -07:00
CircleCI Atomic Red Team doc generator 5e8e3e0851 Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-28 18:03:51 +00:00
tlor89 ce43569dcf T1096-T1138_CleanupErrors (#842) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-02-28 11:03:31 -07:00
CircleCI Atomic Red Team doc generator d1546cbb19 Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-28 16:42:36 +00:00
Andras32 fc0b4c23ad T1204-OSTap Style Macro Delivery (#843) 
* MalDoc Cradle and T1204 Test

* reduced unnecessary code

* IEX install Invoke-Maldoc

* Delete Invoke-MalDoc.ps1
 2020-02-28 09:42:10 -07:00
CircleCI Atomic Red Team doc generator fbc458a342 Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-27 18:04:44 +00:00
Luminous-InfiniTom 381ba9d449 Create T1219.yaml (#838) 
* Create T1219.yaml

Added first atomic for T1219

* spacing corrections

* spacing corrections

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-02-27 11:04:14 -07:00
CircleCI Atomic Red Team doc generator ec50c4b064 Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-26 22:00:47 +00:00
ezr 9e350d5290 Fix docs template carriage return issue (#840) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-02-26 15:00:19 -07:00
CircleCI Atomic Red Team doc generator a5df006dd6 Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-26 21:59:04 +00:00
ezr 661e2beb3d Correct markdown formatting for test #3 (#835) 
* Correct markdown formatting for test #3

* Move XML data into its own file rather than try to display inline

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-02-26 14:58:45 -07:00
dependabot[bot] 5005e1d6fd Bump nokogiri from 1.10.4 to 1.10.8 (#839) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.4 to 1.10.8.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.4...v1.10.8)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-02-25 15:35:09 -07:00
CircleCI Atomic Red Team doc generator 723426c15d Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-24 19:30:29 +00:00
blackburnjrb 8762f3f929 Added Test for OSTAP Worming Activity to T1105 (#836) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2020-02-24 12:29:51 -07:00
CircleCI Atomic Red Team doc generator 0bcf0d5c50 Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-24 18:09:40 +00:00
Andrew Beers 4cf7a7f8c5 add flag (#834) 2020-02-24 11:09:24 -07:00
CircleCI Atomic Red Team doc generator 6ae0409e73 Generate docs from job=validate_atomics_generate_docs branch=master 2020-02-18 01:00:46 +00:00
dwhite9 84120795f5 Adjusted the default domain from example.com to 127.0.0.1.xip.io to (#832) 
allow the "Resolve-DnsName" commandlet to work as expected. Should
prevent runtime issues associated with NXDOMAIN.
 2020-02-17 18:00:21 -07:00