security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,258 Commits 47 Branches 0 Tags
604f7cd730c9a90dd77d10c277fbfbc797f1c4e5
Commit Graph

1258 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CircleCI Atomic Red Team doc generator 604f7cd730 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-28 14:53:16 +00:00
weev3 6e65bbd146 Add T1196(Control Panel Item) (#521) 
* Add test for T1196 that pops calc.exe

* calc.cpl

* Rename T1196.md to T1196.yaml

* Create calc.cpp
 2019-08-28 08:53:05 -06:00
Carrie Roberts ac0546a494 Specify TTP as string, no need to call Get-AtomicTechnique first. Optionally specify individual attacks by atomic test # or name. (#525) 2019-08-27 20:32:00 -06:00
CircleCI Atomic Red Team doc generator 86486588cf Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-27 15:43:54 +00:00
zinint fa19b6b075 Add files via upload (#528) 2019-08-27 09:43:39 -06:00
CircleCI Atomic Red Team doc generator 3206a83186 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-27 15:40:20 +00:00
Makenzie Schwartz 3523ec7a1c T1097 - Move PTT atomic test to appropriate technique (#524) 
* Move Mimikatz PTT atomic from T1075 to T1097

* Update docs
 2019-08-27 09:40:03 -06:00
CircleCI Atomic Red Team doc generator 5898dab7e4 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-27 15:35:27 +00:00
Carrie Roberts 5f846ced08 Add test to T1089 that uninstalls sysmon (#529) 2019-08-27 09:35:15 -06:00
Michael Haag 26c8eae322 Install Atomic - Fixed Paths (#517) 
I reverted https://github.com/redcanaryco/atomic-red-team/issues/478 for the moment. @caseysmithrc and I will update the script to remove the `atomic-red-team-master` path. This will at least get you up and running today.

Issue #516
 2019-08-14 10:36:16 -06:00
Michael Haag c11d9e847d T1112 bracket fix (#523) 
* Fixed bracket

Fixed bracket causing error.

* Generate docs from job=validate_atomics_generate_docs branch=T1112-bracket-fix
 2019-08-14 10:33:55 -06:00
CircleCI Atomic Red Team doc generator 041777beb9 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-09 14:30:20 +00:00
Trevor Steen 4e979c26ed update formatting (#519) 2019-08-09 08:29:41 -06:00
CircleCI Atomic Red Team doc generator 4e1d01f56d Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-09 14:25:01 +00:00
Trevor Steen e82b207b66 updated code formatting (#520) 2019-08-09 08:24:44 -06:00
CircleCI Atomic Red Team doc generator 421b5c56a3 Generate docs from job=validate_atomics_generate_docs branch=master 2019-08-09 14:22:16 +00:00
Makenzie Schwartz fe943551bd Supply Invoke-AppPathBypass with Payload as argument (#522) 2019-08-09 08:21:58 -06:00
caseysmithrc 5f6ad32db2 Fix t1138path (#513) 
* Updating the path and description

* Generate docs from job=validate_atomics_generate_docs branch=fix-t1138path
 2019-06-14 14:06:29 -06:00
CircleCI Atomic Red Team doc generator 587dbb39e5 Generate docs from job=validate_atomics_generate_docs branch=master 2019-06-14 14:55:42 +00:00
caseysmithrc cd32b7cf92 Updated T1118 Path and Code (#510) 
* Update T1118.yaml

* Update T1118.cs
 2019-06-14 08:55:21 -06:00
CircleCI Atomic Red Team doc generator 6988597182 Generate docs from job=validate_atomics_generate_docs branch=master 2019-06-14 12:47:58 +00:00
Alain Homewood 11bbe35ab2 Added T1071 atomics for DNS C2 (#511) 2019-06-14 06:47:35 -06:00
CircleCI Atomic Red Team doc generator f6c457593a Generate docs from job=validate_atomics_generate_docs branch=master 2019-06-14 12:41:14 +00:00
Tony M Lambert 1620029675 Tests for Data Destruction and Resource Hijacking (#512) 2019-06-14 06:41:02 -06:00
Tony M Lambert 7be30f44e7 Chain Reaction - Qbot Infection (#508) 
* Reaction and payloads

* Prepare for primetime merge into master

* upload better source

* right folder

* Modify to .NET payload
 2019-05-31 09:01:25 -06:00
CircleCI Atomic Red Team doc generator 6ff5afc97a Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-31 12:13:54 +00:00
Tony M Lambert b5f1159c4c T1105 Remote File Copy BITSAdmin (#507) 2019-05-31 06:13:40 -06:00
Keith McCammon 12d80f435d Fix a typo 2019-05-29 14:14:05 -06:00
CircleCI Atomic Red Team doc generator 7b2ff64340 Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-21 12:11:03 +00:00
swelcher 249ccacbe9 [FIX] T1087 (#502) 2019-05-21 06:10:47 -06:00
CircleCI Atomic Red Team doc generator 2a40652162 Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-21 12:09:28 +00:00
swelcher e4318e90f5 [FIX] Duplicate YAML Keys (#503) 2019-05-21 06:09:14 -06:00
caseysmithrc fe2bfa6268 msbuild expects the csproj file in the same path (#501) 2019-05-13 14:23:23 -06:00
CircleCI Atomic Red Team doc generator 1310d86685 Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-13 15:28:31 +00:00
Tony M Lambert f674d37d9c T1501 Systemd reorg and add variables (#491) 
* Update ATT&CK json for technique creation

* Reorg systemd test and add variables
 2019-05-13 09:28:20 -06:00
Tony M Lambert b5dc3e17a8 ATT&CK Navigator Layer Generation via Ruby (#500) 
* initial commit

* modified output style

* final url changes

* Update rocke-and-roll-stage-01.sh

* Added code to generate Navigator layer

* Add ATT&CK Navigator layer to readme
 2019-05-11 19:23:48 -10:00
CircleCI Atomic Red Team doc generator 6abfe94684 Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-10 19:57:12 +00:00
Tony M Lambert 5897b9aef1 T1482 Domain Trust Discovery (#495) 
* Update ATT&CK json for technique creation

* T1482 - Domain Trust Discovery
 2019-05-10 13:56:56 -06:00
Michael Haag a29708a7a3 install-atomicredteam Updates (#498) 
* Updated URL location

* fixed url

again

* Updated InstallPath

Updated install path for issue #478
 2019-05-10 13:38:02 -06:00
CircleCI Atomic Red Team doc generator 988f97eb63 Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-10 19:35:24 +00:00
Tony M Lambert 9a8acbed1f T1490 Inhibit System Recovery (#493) 
* Update ATT&CK json for technique creation

* T1490 Inhibit System Recovery
 2019-05-10 09:35:09 -10:00
CircleCI Atomic Red Team doc generator 6f88a3ecac Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-07 14:31:34 +00:00
Tony M Lambert 5d0bf18098 T1485 Data Destruction Tests (#492) 
* Update ATT&CK json for technique creation

* T1485 - Data Destruction Tests
 2019-05-07 08:31:25 -06:00
CircleCI Atomic Red Team doc generator af95800d81 Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-07 14:30:13 +00:00
Tony M Lambert e180e513f7 T1201 Windows & macOS PW policy enum (#490) 2019-05-07 08:29:53 -06:00
CircleCI Atomic Red Team doc generator 9c8c2edcd8 Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-06 16:23:27 +00:00
Tony M Lambert 1585dccdfa T1489 Service Stop (#494) 
* Update ATT&CK json for technique creation

* T1489 - Service Stop
 2019-05-06 10:23:02 -06:00
CircleCI Atomic Red Team doc generator e049f7dc4b Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-06 16:17:00 +00:00
Tony M Lambert 76085a09b8 T1003 Add dumping of NTDS with VSC (#489) 2019-05-06 10:16:43 -06:00
CircleCI Atomic Red Team doc generator 29da400700 Generate docs from job=validate_atomics_generate_docs branch=master 2019-05-06 16:15:35 +00:00