atomic-red-team

Author	SHA1	Message	Date
Jose Enrique Hernandez	89aa57c332	Merge branch 'master' into am_t1547006_kextload	2022-11-09 11:33:03 -05:00
Atomic Red Team doc generator	2b62e8a3c0	Generated docs from job=generate-docs branch=master [ci skip]	2022-11-09 16:29:21 +00:00
Atomic Red Team GUID generator	9f65cb32e3	Generate GUIDs from job=generate-docs branch=master [skip ci]	2022-11-09 16:29:15 +00:00
Jose Enrique Hernandez	352136941c	Merge pull request #2212 from packetzero/am_t1040_macos_pcap Add two T1040 packet capture tests for macos using /dev/bpf	2022-11-09 11:28:43 -05:00
Jose Enrique Hernandez	db1b815881	Merge branch 'master' into am_t1040_macos_pcap	2022-11-09 11:27:07 -05:00
Atomic Red Team doc generator	c55f3ecce0	Generated docs from job=generate-docs branch=master [ci skip]	2022-11-07 21:25:36 +00:00
Carrie Roberts	ee954d215c	mv 2 1547 tests to 1546 (#2223 )	2022-11-07 14:25:09 -07:00
Atomic Red Team doc generator	55d2311eeb	Generated docs from job=generate-docs branch=master [ci skip]	2022-11-07 21:21:50 +00:00
Atomic Red Team GUID generator	09ad06700a	Generate GUIDs from job=generate-docs branch=master [skip ci]	2022-11-07 21:21:43 +00:00
BlueTeamOps	83ca10639b	Update T1003 (#2225 ) * Added AppCmd list command AppCmd list command can be used to retrieve IIS service account credentials. * Update - Test name update and a new test Updated the test name of 6c7a4fd3-5b0b-4b30-a93e-39411b25d889 Added a new test to simulate /config command for AppCmd	2022-11-07 14:21:05 -07:00
Atomic Red Team doc generator	17b4c931b6	Generated docs from job=generate-docs branch=master [ci skip]	2022-11-07 14:39:00 +00:00
Atomic Red Team GUID generator	c03fb24928	Generate GUIDs from job=generate-docs branch=master [skip ci]	2022-11-07 14:38:54 +00:00
BlueTeamOps	ae01b90e1f	Added AppCmd list command (#2224 ) AppCmd list command can be used to retrieve IIS service account credentials.	2022-11-07 07:38:16 -07:00
packetzero	576d92a4dc	fix prerequisite check for compile step	2022-11-04 16:46:04 -05:00
Jose Enrique Hernandez	11d4b8086d	Merge branch 'master' into am_t1040_macos_pcap	2022-11-04 16:06:31 -04:00
Atomic Red Team doc generator	dc947ea3ae	Generated docs from job=generate-docs branch=master [ci skip]	2022-11-04 19:38:42 +00:00
Atomic Red Team GUID generator	b4ce61ac45	Generate GUIDs from job=generate-docs branch=master [skip ci]	2022-11-04 19:38:35 +00:00
Jose Enrique Hernandez	d5b7ecb116	Merge pull request #2211 from packetzero/am_t1547_015_loginitem Add macOS T1547.015 add/remove LoginItem via AppleScript	2022-11-04 15:38:08 -04:00
Jose Enrique Hernandez	aaca4c60e6	Merge branch 'master' into am_t1547_015_loginitem	2022-11-04 15:37:22 -04:00
Atomic Red Team doc generator	721e184423	Generated docs from job=generate-docs branch=master [ci skip]	2022-11-04 17:04:14 +00:00
Jose Enrique Hernandez	3a0d280883	Merge pull request #2195 from jmac774/patch-2 Fix T1546.004 for remote execution on Linux	2022-11-04 13:03:41 -04:00
Jose Enrique Hernandez	4921b5f679	Merge branch 'master' into patch-2	2022-11-04 13:00:59 -04:00
Atomic Red Team doc generator	f1fe367fc7	Generated docs from job=generate-docs branch=master [ci skip]	2022-11-03 20:06:21 +00:00
Atomic Red Team GUID generator	422ab1751f	Generate GUIDs from job=generate-docs branch=master [skip ci]	2022-11-03 20:06:15 +00:00
Thomas de Brelaz	96b45ecbbf	Added missing test for T1547.014 Active Setup, 3 tests created (#2219 ) * Added missing test for T1547.014 Active Setup, 3 tests created Committer: Thomas De Brelaz <thockoro@hotmail.com> * some format changes and simplications * Update T1547.014.yaml Co-authored-by: Thomas De Brelaz <thomas.de-brelaz@ubisoft.com> Co-authored-by: Carrie Roberts <clr2of8@gmail.com>	2022-11-03 15:05:44 -05:00
Atomic Red Team doc generator	5f084fc1e1	Generated docs from job=generate-docs branch=master [ci skip]	2022-11-03 18:45:42 +00:00
DerKi	ae1493e46e	Update T1560.001.yaml (#2221 ) The name for "Compress Data and lock with password for Exfiltration with winzip" of T1560.001.yaml Invoke-WebRequestVerifyHash function has not import	2022-11-03 13:45:03 -05:00
Atomic Red Team doc generator	a052ee3bca	Generated docs from job=generate-docs branch=master [ci skip]	2022-11-02 17:55:09 +00:00
Atomic Red Team GUID generator	71b8056ed2	Generate GUIDs from job=generate-docs branch=master [skip ci]	2022-11-02 17:55:02 +00:00
Carrie Roberts	8300ec7632	Create Symbolic Link From osk.exe to cmd.exe (#2218 ) * Create Symbolic Link From osk.exe to cmd.exe * Update T1546.008.yaml	2022-11-02 11:54:33 -06:00
Jose Enrique Hernandez	cc704d65bd	Merge branch 'master' into patch-2	2022-11-01 11:37:46 -04:00
Atomic Red Team doc generator	31d9ef273e	Generated docs from job=generate-docs branch=master [ci skip]	2022-11-01 15:25:54 +00:00
Atomic Red Team GUID generator	dde1c39789	Generate GUIDs from job=generate-docs branch=master [skip ci]	2022-11-01 15:25:47 +00:00
BlueTeamOps	5da061570e	Added CommandProcessor Autorun (#2214 ) * Added CommandProcessor Autorun * add an hcku version as well Co-authored-by: Carrie Roberts <clr2of8@gmail.com>	2022-11-01 10:25:17 -05:00
Atomic Red Team doc generator	2bdf7058a5	Generated docs from job=generate-docs branch=master [ci skip]	2022-10-31 18:59:04 +00:00
Atomic Red Team GUID generator	72a67e2dc8	Generate GUIDs from job=generate-docs branch=master [skip ci]	2022-10-31 18:58:56 +00:00
BlueTeamOps	a69e08e6ae	Updated T1048.003 to include Rclone (#2202 ) * Updated T1048.003 to include Rclone Added the use of Rclone to exfiltrate data to an external FTP server. * Updated the test as discussed. * Fixed the typo Co-authored-by: Carrie Roberts <clr2of8@gmail.com>	2022-10-31 13:58:24 -05:00
Atomic Red Team doc generator	8c427d03ea	Generated docs from job=generate-docs branch=master [ci skip]	2022-10-31 18:55:22 +00:00
Atomic Red Team GUID generator	535c5be594	Generate GUIDs from job=generate-docs branch=master [skip ci]	2022-10-31 18:55:16 +00:00
Paul	f5e9554b1a	Update T1562.001.yaml (#2216 ) Add Atomic to leverage WMI to exclude a folder within Defender. Co-authored-by: Carrie Roberts <clr2of8@gmail.com>	2022-10-31 13:54:50 -05:00
Atomic Red Team doc generator	43d82f25da	Generated docs from job=generate-docs branch=master [ci skip]	2022-10-31 18:42:04 +00:00
Carrie Roberts	2589ca7d6f	fix missing input arg (#2210 )	2022-10-31 13:41:32 -05:00
Alex M	3e33f6c7c2	add missing prereq	2022-10-31 13:26:35 -05:00
Alex M	721db0d11e	Add T1547.006 kernel module load and unload tests for MacOS	2022-10-31 12:16:16 -05:00
Atomic Red Team doc generator	40cb9df131	Generated docs from job=generate-docs branch=master [ci skip]	2022-10-31 14:02:32 +00:00
Atomic Red Team GUID generator	cd6e3d15ae	Generate GUIDs from job=generate-docs branch=master [skip ci]	2022-10-31 14:02:26 +00:00
Paul	aaf8223501	t1027-006-html-smuggling (#2215 ) Add Atomic for HTML smuggling	2022-10-31 08:01:55 -06:00
Alex M	d2f15451b4	Add two T1040 packet capture tests for macos using /dev/bpf	2022-10-30 18:19:46 -05:00
Alex M	2b06c09045	Add note in description about backgrounditems.btm file	2022-10-30 16:00:54 -05:00
Alex M	04506ef79b	update description	2022-10-30 15:49:21 -05:00

1 2 3 4 5 ...

4586 Commits