security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
324 Commits 47 Branches 0 Tags
5f848fe2c19d948c3ef18f2becedf335fdff3c8e
Commit Graph

109 Commits

Author SHA1 Message Date
Lee Holmes 9ddffd1b17 Adding starter implementation of Atomic Red Team Automation Framework, as well as Atomic Red Team testing framework 2018-04-15 17:54:49 -07:00
Rahmat Nurfauzi ec5af82e6e Update Disabling_Security_Tools.md 2018-04-13 20:29:22 +07:00
caseysmithrc 165607d242 Merge pull request #113 from redcanaryco/03082018 
How to Contrib and Lateral Movement
 2018-04-10 12:39:03 -06:00
Michael Haag 0bfdcfa480 Lateral Movement 
+ PtH
+ RDP
 2018-04-06 08:21:28 -04:00
caseysmithrc eced20df46 Merge pull request #108 from llandeilocymro/patch-1 
Create psexec
 2018-03-26 08:39:57 -06:00
llandeilocymro 5fd733a3ed psexec for lateral movement 2018-03-26 14:44:21 +01:00
Michael Haag e10be818ef Update Credential_Dumping.md 2018-03-21 14:13:10 -04:00
llandeilocymro c3bda067e2 cred dumping using the registry 2018-03-16 14:24:17 +00:00
llandeilocymro 1b3361896f Create psexec 2018-03-16 14:00:33 +00:00
caseysmithrc c5ed6a89f9 Update AtomicRedTeam.sct 2018-03-13 14:11:24 -06:00
Michael Haag 27cb5a75c6 Fix 
updated
 2018-03-08 14:28:13 -06:00
Michael Haag 8ba1dc8a19 Technique Adds 
Private Keys
- Find them

DDE
- Reference: https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/

Data Staged
 2018-03-08 14:26:18 -06:00
Michael Haag a6134b19c0 Techniques and Readme 
Technique: Hidden Files and Directories

Technique: Logon Scripts
- Source: https://github.com/NextronSystems/APTSimulator/blob/1c9048e834f0adabd18c8871d587fda42315575b/test-sets/persistence/userinit-mpr-logonscript.bat

Readme updates
 2018-03-08 08:11:24 -06:00
caseysmithrc d58a87f670 Merge pull request #91 from danbourke/browser_extension 
Browser extension
 2018-02-26 08:23:51 -07:00
caseysmithrc c3d8a53edf Merge pull request #90 from infosecn1nja/patch-6 
Update README.md
 2018-02-26 08:20:56 -07:00
Dan Bourke 3e4ba89cf4 adding actually published extension details 2018-02-26 16:26:56 +11:00
Dan Bourke 24412945ce add instructions for Firefox 2018-02-26 15:16:12 +11:00
Dan Bourke f5c852b834 add windows browser extension docs and payload 2018-02-26 13:14:07 +11:00
rahmatnurfauzi 31a7a268f1 Update README.md 2018-02-25 17:04:36 +07:00
rahmatnurfauzi 82f4f6078b Create Disabling_Security_Tools.md 2018-02-25 17:01:31 +07:00
Dan Bourke d1eaf4454d resolves #72 2018-02-13 14:46:47 +11:00
caseysmithrc af7be36230 Update Payload 2018-02-11 21:19:46 -07:00
Matthew Green ece7cf1537 Add_remote_task 
Couple of additional inputs for testing remote task creation
 2018-02-06 16:05:23 +11:00
Michael Haag 5e9b720ecf Windows Matrix 
Added bitsadmin and cleanup
 2018-01-16 11:51:16 -07:00
Michael Haag a5d7e40120 Mshta Add 2018-01-16 10:22:36 -07:00
Michael Haag 94f729c684 Merge branch 'master' into Haag 2018-01-16 10:22:25 -07:00
caseysmithrc 4c01f9eca6 mshta T1170 2018-01-16 10:19:15 -07:00
Michael Haag 382d6313a3 Windows Matrix Update 
Windows Matrix update
+ also fixed Dir names/paths
 2018-01-16 10:10:52 -07:00
Michael Haag 1cf1cdd279 Reactor Chain Reaction 
Chain Reaction - Reactor
 2018-01-16 08:59:22 -07:00
caseysmithrc 3ac9834f38 mshta 2018-01-16 08:56:26 -07:00
caseysmithrc 1b087c7e2a Update Program.cs 2018-01-13 12:28:33 -07:00
atmathis 89513673d7 Linux Discovery 
* Added several Linux Discovery tactics and updated grid
 2018-01-11 16:56:58 -05:00
atmathis 4cd236a438 Adding tree command to File and Directory Discovery 
Added the “tree” command, which is useful at showing a “graphical”
hierarchy of files and folders on a drive.
 2018-01-11 15:33:27 -05:00
Michael Haag 1499c4be3f Fixes 
Updated and fixed some mistakes over time.
 2018-01-11 11:00:46 -07:00
rahmatnurfauzi 9c8137a56a Update File_and_Directory_Discovery.md 
Adding more commands taken from Waterbug/Turla
 2018-01-11 17:12:09 +07:00
Michael Haag 29cf36761a Mac Discovery 
Added many techniques to Discovery for Mac
 2018-01-09 14:53:47 -07:00
Michael Haag 976b27a683 Merge branch 'master' into Haag 2018-01-02 14:54:44 -07:00
Michael Haag 6dea66bdec Defense Evastion 
+ Added method to stop event logs
 2018-01-02 14:54:21 -07:00
atmathis dce29fd24d Add/Change Mac and All the Things cleanup 
Created Mac/Credential_Access/Input_Prompt
Added AppleScript password prompt to Credential Access/Input Prompt
Cleanup Mac/Execution/AppleScript
Updated Mac Grid
Updated formatting on AllTheThings test.bat
 2017-12-29 12:12:54 -05:00
caseysmithrc d266915612 Update All The Things 2017-12-20 15:39:07 -07:00
Michael Haag 33d6b91220 Windows ReadMe 
Fixed link
 2017-12-13 10:26:48 -08:00
Michael Haag aee2840fd5 New Persistence 
+ Office Application Startup
-- Added DDEAUTO and Dragon's Tail link
+ Registry Run Keys and Start Folder
-- Added a couple of items to make this interesting.
+Updated Windows Readme
 2017-12-12 15:35:09 -08:00
caseysmithrc 8f95d8b119 Fix Typo 2017-12-07 09:21:59 -07:00
caseysmithrc 1d57ef77e0 Fix Shim References 2017-12-07 09:03:07 -07:00
Michael Haag fbce4cfb2d Merge pull request #42 from redcanaryco/Protoss-Dev 
Context For Shims
 2017-12-06 14:41:33 -08:00
caseysmithrc 67613f4a44 Context For Shims 2017-12-06 15:40:21 -07:00
caseysmithrc 4326601868 Merge pull request #41 from redcanaryco/Argonaut 
Argonaut Chain Reaction + Updates to windows.md
 2017-12-06 15:27:35 -07:00
caseysmithrc 809e2cb4b8 Fix Typo 2017-12-06 15:12:35 -07:00
caseysmithrc 7bec20d991 App Compat ReadMe 2017-12-06 15:11:56 -07:00
caseysmithrc 44611b8f3b Fix Instructions 2017-12-06 15:05:18 -07:00