security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,875 Commits 47 Branches 0 Tags
691982bbdbe5e1f3285aa13043ac040fbaee0517
Commit Graph

2875 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
lexiechong 691982bbdb T1486-update (#1536) 
Co-authored-by: Chong <lchong@NTI.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-06-28 09:46:45 -06:00
CircleCI Atomic Red Team doc generator 2b4cf3f6a4 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-28 14:57:33 +00:00
Michael Haag f85d4a0d65 Update T1135.yaml (#1533) 
Updated and confirmed operational. #1441

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-06-28 08:56:57 -06:00
Bhavin Patel 6fd2ab5e38 Merge pull request #1534 from redcanaryco/T1218 
Update Infdefaultinstall.inf
 2021-06-24 16:42:14 -05:00
mhaag-spl d6e0adbfff Update Infdefaultinstall.inf 
Updated and good to go! Resolving #1449
 2021-06-24 15:36:34 -06:00
CircleCI Atomic Red Team doc generator 9da2cce734 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 21:05:35 +00:00
Bhavin Patel 96e68a6e42 Merge pull request #1532 from redcanaryco/t1110 
Update T1110.001.yaml
 2021-06-24 16:05:13 -05:00
mhaag-spl 248d2ed9cc Update T1110.001.yaml 
Resolving #1423
 2021-06-24 15:01:42 -06:00
CircleCI Atomic Red Team doc generator ca1e5786ed Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 20:45:11 +00:00
CircleCI Atomic Red Team GUID generator c77595d359 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 20:45:04 +00:00
Bhavin Patel fd47161006 AWS Cloud atomics (#1457) 
* cloud atomics

* adding new platform names

* text and variable updates

* minor

* Update T1136.003.yaml

Co-authored-by: bpatel <bpatel@splunk.com>
Co-authored-by: Jose Enrique Hernandez <josehelps@gmail.com>
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-06-24 14:44:35 -06:00
CircleCI Atomic Red Team doc generator 36d49de4c8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 17:04:33 +00:00
Jose Enrique Hernandez 390bcd3796 Merge pull request #1531 from redcanaryco/clr2of8-patch-6 
move guid under description in MD file and make bold
 2021-06-24 13:03:53 -04:00
Jose Enrique Hernandez f16364ebf5 Merge branch 'master' into clr2of8-patch-6 2021-06-24 13:02:56 -04:00
CircleCI Atomic Red Team doc generator bedaf8bbd5 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 15:32:29 +00:00
Jose Enrique Hernandez d5c5979247 adding url md file for each atomic as a comment (#1530) 2021-06-24 09:31:51 -06:00
Carrie Roberts 157af0ce47 move guid under description in MD file and make bold 2021-06-24 09:24:23 -06:00
CircleCI Atomic Red Team doc generator 575b36a8e6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 15:16:54 +00:00
Jose Enrique Hernandez 221f3a6027 adding auto generated guids to the md files, closes issue 1501 (#1529) 2021-06-24 09:16:09 -06:00
CircleCI Atomic Red Team doc generator 8825813c53 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-23 16:31:41 +00:00
CircleCI Atomic Red Team GUID generator ee20a80a3d Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-23 16:31:35 +00:00
tlor89 262f16a69f T1072 (#1527) 
Co-authored-by: Toua Lor <tlor@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-06-23 10:31:11 -06:00
CircleCI Atomic Red Team doc generator 722cc9a292 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-22 15:46:20 +00:00
Carrie Roberts 5b6f89f30f safer cleanup, correct filename (#1526) 2021-06-22 09:46:01 -06:00
CircleCI Atomic Red Team doc generator a0e012ee09 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-17 13:11:19 +00:00
Carrie Roberts 7a17072dd3 don't disable rdp during cleanup by default (#1523) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-06-17 07:10:51 -06:00
CircleCI Atomic Red Team doc generator e7e5779025 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-17 13:08:27 +00:00
Carrie Roberts 358d58bad5 add note about secure boot (#1524) 2021-06-17 07:07:56 -06:00
CircleCI Atomic Red Team doc generator 7e428d79d0 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-16 21:38:51 +00:00
Carrie Roberts 388f671d93 name update (#1521) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-06-16 15:38:19 -06:00
CircleCI Atomic Red Team doc generator 532f4dc882 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-16 20:28:57 +00:00
adeliktas 2710d10531 T1566.001-1 download bugfixes (#1522) 
* T1566.001-1 download bugfixes

* comment update

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-06-16 14:28:41 -06:00
CircleCI Atomic Red Team doc generator 88ad3fd322 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-16 18:41:22 +00:00
SecurityShrimp 42799b033d added TLS/SSL v1.2 enabling commands to any atomic test utilizing IWR (#1519) 
* Update T1204.002.md

Added lines to each test using IWR for invoke-webrequest to set the acceptable TLS versions for the commands to complete successfully by prepending the tests with 

```[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12```

* Update T1555.yaml

added line to set ssl/tls version

* Update T1134.001.yaml

updated IWR lines to allow ssl/tls version 1.2

* Update T1069.002.yaml

added lines to every IWR instance to set ssl/tls version to 1.2

* Update T1558.003.yaml

added line to allow TLS/SSL 1.2

* Update T1033.yaml

added command to enable SSL/TLS v1.2

* Update T1055.012.yaml

added command to enable TLS/SSL v1.2

* Update T1115.yaml

Added command to enable SSL/TLS v1.2

* Update T1070.001.yaml

added command enabling SSL/TLS v 1.2

* Update T1564.yaml

added commands to enable SSL/TLS v 1.2

* Update T1566.001.yaml

added command to enable SSL/TLS V1.2

* Update T1135.yaml

added command to enable SSL/TLS v1.2

* Update T1055.yaml

added commands to enable TLS/SSL v 1.2

* Update T1110.003.yaml

added command to enable TLS/SSL v1.2

* Update T1003.yaml

Added command to enable TLS/SSL v1.2

* Update T1053.005.yaml

added command to enable TLS/SSL v1.2

* Update T1003.001.yaml

added commands to enable TLS/SSL v1.2 for any command using invoke-webrequest

* Update T1069.002.yaml

syntax correction

* Update T1134.001.yaml

syntax correction

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-06-16 12:41:04 -06:00
adeliktas 7e86e9a781 T1566.001-1 using default Browser via explorer.exe instead of chrome PhishingAttachment.xlsm (#1520) 2021-06-16 12:38:40 -06:00
CircleCI Atomic Red Team doc generator 1219378ebd Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-16 15:08:12 +00:00
CircleCI Atomic Red Team GUID generator 78bb39a82d Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-16 15:08:05 +00:00
Carl ae4cea452f Merge pull request #1510 from rctgardner/t1105_whois 
Added 'whois file download' test to T1105
 2021-06-16 09:07:38 -06:00
Carl d0c0fe03dd Merge branch 'master' into t1105_whois 2021-06-16 09:07:07 -06:00
CircleCI Atomic Red Team doc generator c7125ac307 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-16 04:39:47 +00:00
BaffledJimmy 799ea20a95 Amend regkey path for Macro security level (#1515) 
* Amend regkey path for Macro security level

As shown in this image - https://www.mdsec.co.uk/wp-content/uploads/2020/11/image-2-768x191.png.webp - the correct regkey is \Level\. The existing ```reg add``` syntax will not create a Level value with a DWORD of 4 (disable all).  Also changed the regkey to 1 (enable all macros without notif).

```
4 = Disable all macros without notification
3 = Notifications for digitally signed macros, all other macros disabled
2 = Notifications for all macros
1 = Enable all Macros
```

* Update T1137.yaml

* Update T1137.md
 2021-06-15 22:39:17 -06:00
CircleCI Atomic Red Team doc generator 8a67b64944 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-15 15:50:23 +00:00
CircleCI Atomic Red Team GUID generator 62f0f37fc6 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-15 15:50:17 +00:00
BlueTeamOps 9f397c259c Added Disabling Firewall via Registry (#1516) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-06-15 09:49:55 -06:00
CircleCI Atomic Red Team doc generator a78c0ae822 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-15 15:46:52 +00:00
SecurityShrimp 7a73723a7b Update T1059.005.yaml (#1518) 
added lines to enable TLS v 1.2

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-06-15 09:46:01 -06:00
CircleCI Atomic Red Team doc generator 84f9f9ffdd Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-15 15:45:23 +00:00
Jil Larner 871a3584b8 Fixed bug in script path (#1517) 
The path was referring to T1595.002 instead of T1082, where the script resides. Due to the moved requested in #1320 and missed.
 2021-06-15 09:44:48 -06:00
rctgardner 1531e9d3f0 fix t1105 indent 2021-06-11 15:26:30 -06:00
CircleCI Atomic Red Team doc generator ecc7d70057 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-11 20:04:40 +00:00