security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,186 Commits 47 Branches 0 Tags
614a715da87f550cedcfd6480a6913971788f81e
Commit Graph

4186 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
gowthamarajr 614a715da8 Update 1562.008.yml 2022-07-30 17:37:06 -04:00
gowthamarajr b33bcb6cd4 Update T1562.008 2022-07-30 17:28:51 -04:00
gowthamarajr 7ac7517321 Update T1562.008 
Update T1562.008 by adding AWS CloudWatch Log Group Deletes & AWS CloudWatch Log Stream Deletes
 2022-07-30 17:18:08 -04:00
Atomic Red Team doc generator 3a5209a4fc Generated docs from job=generate-docs branch=master [ci skip] 2022-07-29 22:32:00 +00:00
Atomic Red Team GUID generator 023e149ac5 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-29 22:31:53 +00:00
lucasRiley e712150c21 T1218.011 Improvement (#2058) 
Co-authored-by: Riley <lriley@NTI.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-29 16:31:23 -06:00
Atomic Red Team doc generator 6f92864b88 Generated docs from job=generate-docs branch=master [ci skip] 2022-07-29 15:14:22 +00:00
Atomic Red Team GUID generator 5849c1516b Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-29 15:14:16 +00:00
tccontre f6b385f860 Update T1529.yaml (#2055) 
* Update T1529.yaml

* add malware example to description

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-29 09:13:53 -06:00
Atomic Red Team doc generator 8d57cd72e5 Generated docs from job=generate-docs branch=master [ci skip] 2022-07-29 15:07:16 +00:00
Atomic Red Team GUID generator 0b80c61208 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-29 15:07:10 +00:00
Jacques Decarie c343036e0c T1546.015 COM hijacking via TreatAs (#2050) 
* adding TreatAs

* removing sct_path

* fixing executor name

* fixing references

* fixing references

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-29 09:06:38 -06:00
tccontre b05d6193da Windows camera info gathering (#2056) 
* Create T1592.001.md

* Create T1592.001.yml
 2022-07-29 09:02:55 -06:00
Atomic Red Team doc generator b13fb3c35e Generated docs from job=generate-docs branch=master [ci skip] 2022-07-28 21:29:24 +00:00
TaintedHorizon a43555eab0 update dependencies (#2053) 
Test does not currently execute remotely because ppid-spoof.ps1 does not get copied remotely.
 2022-07-28 15:28:41 -06:00
Atomic Red Team doc generator 8a226086a6 Generated docs from job=generate-docs branch=master [ci skip] 2022-07-27 20:15:26 +00:00
Atomic Red Team GUID generator 983626faae Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-27 20:15:20 +00:00
Bhavin Patel db6284063a Merge pull request #2048 from Leomon5/patch-5 
Adding T1526 Test 1 - Azure - Dump Subscription Data with MicroBurst
 2022-07-27 13:14:51 -07:00
Bhavin Patel 9601cdbf58 Merge branch 'master' into patch-5 2022-07-27 13:09:33 -07:00
Atomic Red Team doc generator dfebe2e36e Generated docs from job=generate-docs branch=master [ci skip] 2022-07-27 19:45:08 +00:00
Atomic Red Team GUID generator 93d582a214 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-27 19:45:02 +00:00
Bhavin Patel 79286ddee5 Disable CloudTrail Logging Through Event Selectors via Stratus (#2040) 
* detonate via stratus

* desc update

* Update T1562.008.yaml

Co-authored-by: Jose Enrique Hernandez <josehelps@gmail.com>
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2022-07-27 13:44:00 -06:00
Bhavin Patel 21b907e718 Merge branch 'master' into patch-5 2022-07-26 10:48:02 -07:00
Atomic Red Team doc generator e69a037e1c Generated docs from job=generate-docs branch=master [ci skip] 2022-07-26 17:40:11 +00:00
Atomic Red Team GUID generator 158fd1f7a9 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-26 17:40:05 +00:00
Bhavin Patel 974ae50a12 Merge pull request #2046 from Leomon5/patch-4 
Adding T1552.005 Test 1 - Search Azure AD User Attributes for Passwords
 2022-07-26 10:39:38 -07:00
Bhavin Patel 7324595e26 Merge branch 'master' into patch-4 2022-07-26 10:34:56 -07:00
Leo Verlod 7efbda6972 Adding T1526 Test 1 2022-07-26 03:54:34 -05:00
Atomic Red Team doc generator ea2ebf426b Generated docs from job=generate-docs branch=master [ci skip] 2022-07-25 20:57:48 +00:00
Atomic Red Team GUID generator c13f88d9b7 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-25 20:57:41 +00:00
masonharrell f42dc76aba T1574.008 (#2038) 
Co-authored-by: Mason Harrell <mharrell@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-25 14:57:13 -06:00
Atomic Red Team doc generator c42913486b Generated docs from job=generate-docs branch=master [ci skip] 2022-07-25 20:56:32 +00:00
Dan cf612cdfa9 Update T1552.004.yaml, Linux tests (#2042) 
redirect find errors

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-25 14:56:04 -06:00
Atomic Red Team doc generator 5ec9b7c317 Generated docs from job=generate-docs branch=master [ci skip] 2022-07-25 20:54:13 +00:00
Atomic Red Team GUID generator e935cc7fe5 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-25 20:54:06 +00:00
dwhite9 e4945a7c50 T1569.002 - Added Atomic to emulate BlackCat malware using embedded PsExec binary (#2043) 
* Added Atomic to emulate BlackCat malware using embedded PsExec binary
(placed in /bin dir)

* add blog links

Co-authored-by: Daniel White <d0w019h@homeoffice.wal-mart.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-25 14:53:35 -06:00
Atomic Red Team doc generator d63433c2c7 Generated docs from job=generate-docs branch=master [ci skip] 2022-07-25 20:45:40 +00:00
Atomic Red Team GUID generator 7cfc9b3bef Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-25 20:45:34 +00:00
Panos Moullotos 2e852f836a Updated T1105.yaml with new certreq test (#2044) 
Inspired by https://lolbas-project.github.io/lolbas/Binaries/Certreq/

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-25 14:45:05 -06:00
alireza 27482c6076 fix: broken urls for embedded files and test script (#2045) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-07-25 14:02:10 -06:00
Atomic Red Team doc generator bad4792e43 Generated docs from job=generate-docs branch=master [ci skip] 2022-07-25 19:59:44 +00:00
Felipe Bueno 0aac37a7b9 Update T1647.yaml (#2047) 
Attack_technique name is incorrect in the T1647 archive
 2022-07-25 13:59:02 -06:00
Leo Verlod 5f1b224bfd Update T1552.005.yaml 2022-07-24 22:34:44 -05:00
Leo Verlod ac356d82ea Create T1552.005.yaml 2022-07-24 22:04:39 -05:00
Atomic Red Team doc generator a500e57f94 Generated docs from job=generate-docs branch=master [ci skip] 2022-07-21 21:26:05 +00:00
Atomic Red Team GUID generator 3e0522595a Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-21 21:25:58 +00:00
Bhavin Patel 52f2ebf1f6 Merge pull request #2039 from redcanaryco/mofcomp 
Adding MOFComp to T1546.003
 2022-07-21 14:25:18 -07:00
Bhavin Patel 2e87e75909 Merge branch 'master' into mofcomp 2022-07-21 14:21:12 -07:00
Atomic Red Team doc generator 03c1726b43 Generated docs from job=generate-docs branch=master [ci skip] 2022-07-21 13:28:25 +00:00
Atomic Red Team GUID generator 2dae5d65cc Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-21 13:28:18 +00:00