security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,840 Commits 47 Branches 0 Tags
7d311f19f1394de014e2e504a5052128e63351b1
Commit Graph

66 Commits

Author SHA1 Message Date
Atomic Red Team doc generator ef76a8b32c Generated docs from job=generate-docs branch=master [ci skip] 2024-02-26 19:51:20 +00:00
Atomic Red Team GUID generator 344dea9fbd Generate GUIDs from job=generate-docs branch=master [skip ci] 2024-02-26 19:51:04 +00:00
swathinator 29e3c6eb8f Update RustDesk T1219.yaml (#2706) 
* Update RustDesk T1219.yaml

Update RustDesk T1219

* Update T1219.yaml

* Update T1219.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2024-02-26 13:50:20 -06:00
Atomic Red Team doc generator 157de65031 Generated docs from job=generate-docs branch=master [ci skip] 2023-11-07 00:28:51 +00:00
Atomic Red Team doc generator a228ee8656 Generated docs from job=generate-docs branch=master [ci skip] 2023-09-22 19:15:21 +00:00
Carrie Roberts d4709021fb Handle spaces in file paths (#2535) 
* updating atomics count in README.md [ci skip]

* wip

* handle spaces in path

* update readme

* fix typo

---------

Co-authored-by: publish bot <opensource@redcanary.com>
 2023-09-22 10:47:25 -06:00
Atomic Red Team doc generator cef46e4479 Generated docs from job=generate-docs branch=master [ci skip] 2023-06-15 16:17:12 +00:00
Carrie Roberts 068d32b1ea use ExternalPayloads directory (#2460) 
* use ExternalPayloads directory

* use ExternalPayloads directory

* use ExternalPayloads directory
 2023-06-15 10:16:12 -06:00
Atomic Red Team doc generator b1f3c968f2 Generated docs from job=generate-docs branch=master [ci skip] 2023-05-19 17:06:33 +00:00
Atomic Red Team GUID generator 8037cadb4d Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-05-17 19:46:06 +00:00
Leo Verlod 7b7097d069 Adding T1219 Test 11 - MSP360 Connect Execution (#2420) 
Thank you Leo!
 2023-05-17 13:45:25 -06:00
Hare Sudhan e563055a69 (enhancement) CI validations (#2419) 
* more validations added

* rename bin

* fnmatch fix
 2023-05-15 09:36:19 -06:00
Jiaxi ® 9a70b81004 fix: T1219 typo (#2417) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-05-11 15:25:07 -06:00
Atomic Red Team doc generator 16594d72c5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 23:11:19 +00:00
Josh Rickard a5dd0813cd fix: Updating atomics YAML file structure to align with the new JSON schema definition (#2323) 
* fix: Updating atomics YAML file structure to align with the new JSON schema definition.

This also fixes some white space issues and general line formatting across all impacted atomics.

* fix: One additional change needed

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 16:10:37 -07:00
Atomic Red Team doc generator 9e5b12c491 Generated docs from job=generate-docs branch=master [ci skip] 2022-09-30 17:12:19 +00:00
Atomic Red Team GUID generator 0186f8aba8 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-09-30 17:12:13 +00:00
Narasimha2218 a0f872e11a UltraVNC Execution -New atomictest (#2169) 
* UltraVNC Execution -New atomictest

 An adversary may attempt to trick the user into downloading UltraVNC for use as a C2 channel.
 Upon successful execution, UltraVNC will be executed

* typo fix

* remove space

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-09-30 11:11:44 -06:00
Atomic Red Team doc generator 9bdd7fceba Generated docs from job=generate-docs branch=master [ci skip] 2022-09-26 17:59:20 +00:00
frack113 5b7eb3fe8b Fix download dependencies (#2165) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-09-26 11:58:46 -06:00
Atomic Red Team doc generator 1e1bad7d76 Generated docs from job=generate-docs branch=master [ci skip] 2022-09-21 12:19:41 +00:00
Carrie Roberts 404fa7fd3f Use IWR instead of bits transfer (#2146) 2022-09-21 06:18:58 -06:00
Atomic Red Team doc generator 50b007142a Generated docs from job=generate-docs branch=master [ci skip] 2022-08-24 20:30:40 +00:00
Atomic Red Team GUID generator 5c6b0650b0 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-08-24 20:30:32 +00:00
Tanner Humphreys 497b2111b8 T1219 update (#2083) 
* Added UltraViewer - RAT Extension

* Added UltraViewer - RAT Extension

* Update T1219.yaml

* Update T1219.yaml

* spaces and prereq fixes

* Update T1219.yaml

Co-authored-by: Tanner Humphreys <thumphreys@nti.local>
Co-authored-by: Tanner Humphreys <Tanner.Humphreys@Walmart.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-08-24 14:29:57 -06:00
Atomic Red Team doc generator 1324d0f434 Generated docs from job=generate-docs branch=master [ci skip] 2022-07-02 02:25:49 +00:00
Atomic Red Team GUID generator 39edfb5296 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-07-02 02:25:44 +00:00
zspadoni28 20b438d4bd Adding T1219-8 | NetSupport - RAT Execution (#2017) 
* Update T1219.yaml with NetSupport RAT Execution

This test is designed to install and execute the NetSupport tool that is capable of RAT execution.

* Update T1219.yaml
 2022-07-01 20:25:13 -06:00
Atomic Red Team doc generator 819934cc3f Generated docs from job=generate-docs branch=master [ci skip] 2022-06-16 22:47:00 +00:00
CircleCI Atomic Red Team doc generator a089e2f7ec Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-04-20 02:40:38 +00:00
CircleCI Atomic Red Team GUID generator 36248625a9 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-04-20 02:40:32 +00:00
Leo Verlod ecf15d4e60 Adding T1219 Test 7 - RemotePC Executable Ran (#1879) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-04-19 20:40:09 -06:00
CircleCI Atomic Red Team doc generator b23d5928a9 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-30 22:20:40 +00:00
CircleCI Atomic Red Team GUID generator d149f3346e Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-30 22:20:34 +00:00
Leo Verlod 952d94c6f7 Adding T1219 Test 6 - Ammyy Admin (#1831) 
* Add ammyy.exe

* Add T1219 Test 6 - Ammyy Admin

* Update prereq link - ammyy admin

* Update T1219 - Ammyy Admin Prereq

* Delete Ammyy.exe

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-30 16:19:58 -06:00
CircleCI Atomic Red Team doc generator 1c252a7cec Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-01-24 15:03:44 +00:00
frack113 400a3a1558 fix errors (#1738) 2022-01-24 08:03:09 -07:00
CircleCI Atomic Red Team doc generator 8985aaf0f0 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-12-09 18:42:48 +00:00
Carrie Roberts 5bb5878e62 Cleaning up the Cleanup commands (#1685) 
* cleanup fixes

* cleanup fixes

* cleanup fixes
 2021-12-09 11:42:14 -07:00
CircleCI Atomic Red Team doc generator f72420bbcc Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-04 00:27:02 +00:00
CircleCI Atomic Red Team GUID generator e4bfc77bf2 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-09-04 00:26:58 +00:00
tlor89 ae0fd36089 Added ScreenConnect application (#1618) 
* Added ScreenConnect application

* update line spacing

* some wording updates and cleanup.

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-09-03 18:26:26 -06:00
CircleCI Atomic Red Team doc generator 8afe7ccfd9 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-07-27 15:31:46 +00:00
CircleCI Atomic Red Team GUID generator a8dc0e3b07 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-07-27 15:31:40 +00:00
tlor89 99335067a3 T1219_Update (#1566) 
Co-authored-by: Toua Lor <tlor@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-07-27 09:31:11 -06:00
CircleCI Atomic Red Team doc generator 36d49de4c8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 17:04:33 +00:00
CircleCI Atomic Red Team doc generator 575b36a8e6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-06-24 15:16:54 +00:00
CircleCI Atomic Red Team doc generator 910a2a764a Generate docs from job=validate_atomics_generate_docs branch=master 2020-09-29 13:53:28 +00:00
Michael Haag 2cc5348312 Fix T1551 to T1070 (#1161) 
* Fix T1551 to T1070

Found that we had T1070 labeled incorrectly as T1551. MITRE pushed a fix for this per https://attack.mitre.org/resources/updates/updates-july-2020/

```
Indicator Removal on Host Was incorrectly re-IDd to T1551, restored to T1070 and its sub-techniques were changed to T1070.001, T1070.002, T1070.003, T1070.004, T1070.005, and T1070.006
```

* Generate MD fix

Attempting to get the MD to generate

* Update enterprise-attack.json

* Generate docs from job=validate_atomics_generate_docs branch=T1070-indicator-removal-fix

Co-authored-by: CircleCI Atomic Red Team doc generator <email>
 2020-08-01 09:46:06 -06:00
CircleCI Atomic Red Team doc generator 7e4580a1e8 Generate docs from job=validate_atomics_generate_docs branch=master 2020-07-08 21:16:22 +00:00