security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
324 Commits 47 Branches 0 Tags
5f848fe2c19d948c3ef18f2becedf335fdff3c8e
Commit Graph

19 Commits

Author SHA1 Message Date
Michael Haag 0bfdcfa480 Lateral Movement 
+ PtH
+ RDP
 2018-04-06 08:21:28 -04:00
Michael Haag 8ba1dc8a19 Technique Adds 
Private Keys
- Find them

DDE
- Reference: https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/

Data Staged
 2018-03-08 14:26:18 -06:00
Michael Haag a6134b19c0 Techniques and Readme 
Technique: Hidden Files and Directories

Technique: Logon Scripts
- Source: https://github.com/NextronSystems/APTSimulator/blob/1c9048e834f0adabd18c8871d587fda42315575b/test-sets/persistence/userinit-mpr-logonscript.bat

Readme updates
 2018-03-08 08:11:24 -06:00
caseysmithrc d58a87f670 Merge pull request #91 from danbourke/browser_extension 
Browser extension
 2018-02-26 08:23:51 -07:00
Dan Bourke f5c852b834 add windows browser extension docs and payload 2018-02-26 13:14:07 +11:00
rahmatnurfauzi 31a7a268f1 Update README.md 2018-02-25 17:04:36 +07:00
Dan Bourke d1eaf4454d resolves #72 2018-02-13 14:46:47 +11:00
Michael Haag 5e9b720ecf Windows Matrix 
Added bitsadmin and cleanup
 2018-01-16 11:51:16 -07:00
Michael Haag a5d7e40120 Mshta Add 2018-01-16 10:22:36 -07:00
Michael Haag 382d6313a3 Windows Matrix Update 
Windows Matrix update
+ also fixed Dir names/paths
 2018-01-16 10:10:52 -07:00
Michael Haag 1499c4be3f Fixes 
Updated and fixed some mistakes over time.
 2018-01-11 11:00:46 -07:00
Michael Haag 33d6b91220 Windows ReadMe 
Fixed link
 2017-12-13 10:26:48 -08:00
Michael Haag aee2840fd5 New Persistence 
+ Office Application Startup
-- Added DDEAUTO and Dragon's Tail link
+ Registry Run Keys and Start Folder
-- Added a couple of items to make this interesting.
+Updated Windows Readme
 2017-12-12 15:35:09 -08:00
Michael Haag 53694dc7d4 Windows ReadMe Fixes 
+ Updated all Discovery files in previous PR.
+ Fixed Windows.md to match new files. All good now
 2017-12-01 15:06:10 -08:00
Michael Haag bf35e2895e Update README.md 2017-11-20 11:37:27 -08:00
Michael Haag 8f42ea3fc4 Account Manipulation + Chain Reactions Names 
Changed CR names
+ Fixed .md for Account manipulation
 2017-11-20 11:34:34 -08:00
Yohann Lepage 2e675d73f8 Add T1050: Windows - Persistence - Service Installation 2017-11-16 23:27:14 +01:00
Michael Haag ae5c62cb51 Timestomp 
Added Timestomp to Windows Matrix
 2017-11-15 10:43:55 -08:00
Brian Beyer 3b03b3e9b8 Rename Windows.md to README.md 2017-11-04 15:36:03 -04:00