aa8e484d30
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2020-12-21 16:40:14 +00:00
0fe0dc26c6
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2020-12-21 16:14:07 +00:00
5ff80f6f90
Update maintainers.md ( #1335 )
...
* Update maintainers.md
* Generate GUIDs from job=generate_and_commit_guids branch=maintainers-update
* Generate docs from job=generate_and_commit_docs branch=maintainers-update
Co-authored-by: CircleCI Atomic Red Team GUID generator <email>
2020-12-17 22:57:51 -07:00
7ebf7536b8
Separate CI steps so Github status checks can reference the right checks ( #1334 )
...
* Separate CI steps so Github status checks can reference the right checks
* Generate docs from job=generate_docs branch=bb-separate-ci-steps
* Commit GUIDs after generating; require GUIDs before other steps
* Fix config
* Generate GUIDs from job=generate_guids branch=bb-separate-ci-steps
* Generate docs from job=generate_docs branch=bb-separate-ci-steps
* Better wording
* Update config.yml
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-12-16 11:27:51 -07:00
28086402e2
Maintainers updates ( #1328 )
...
* Update maintainers.md
Remove reference to announcements channel, which has been created.
* Generate docs from job=validate_atomics_generate_docs branch=maintainers-updates
* Update maintainers.md
Updates to maintainers meeting purpose, scope, and agendas.
* Generate docs from job=validate_atomics_generate_docs branch=maintainers-updates
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-12-15 14:18:41 -07:00
1ca8072bc9
update output file name to match expected ( #1315 )
...
* update output file name to match expected
* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-1
* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-1
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-12-09 09:26:36 -07:00
3304c0b020
T1555.003 ( #1311 )
...
* Generate docs from job=validate_atomics_generate_docs branch=T1555.003
* Windows LaZagne
Adding test for LaZagne on Windows to collect passwords stored in browser. Issue #1030
* Generate docs from job=validate_atomics_generate_docs branch=T1555.003
* Generate docs from job=validate_atomics_generate_docs branch=T1555.003
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-12-01 13:31:40 -07:00
5832c65cb2
T1014 - Driver Rootkit Test Update ( #1303 )
...
* T1014 - Driver rootkit test
Fixed Test 3 per issue #1153 .
- Added pre-req
- New comments for additional info on retrieving the capcom driver
- Added elevation required
- Added new input argument for puppetstrings.exe
Confirmed operational on win10.
* Generate docs from job=validate_atomics_generate_docs branch=T1014
* Fixed GUID
* Generate docs from job=validate_atomics_generate_docs branch=T1014
* Update used_guids.txt
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-11-30 14:34:25 -07:00
e9cb3c2f59
Update README.md ( #1302 )
...
* Update README.md
Updating execution frameworks link.
* Generate docs from job=validate_atomics_generate_docs branch=mgraeber-rc-patch-1
* Generate docs from job=validate_atomics_generate_docs branch=mgraeber-rc-patch-1
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
Co-authored-by: Michael Haag <mike@redcanary.com >
2020-11-30 09:18:32 -07:00
9c7a3b0889
Update gems to remove kramdown vulnerability ( #1287 )
...
* Update gems to remove kramdown vulnerability
* Generate docs from job=validate_atomics_generate_docs branch=fix_kramdown_vuln
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-11-12 13:40:23 -07:00
0ff4aada24
Generate docs from job=validate_atomics_generate_docs branch=ATHPowerShellCommandLineParamter
2020-11-09 16:41:52 +00:00
61e9bb8e87
new atomic T1112 ( #1281 )
...
* new atomic T1112
* typo fix
Co-authored-by: P4T12ICK <pbareib@splunk.com >
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-11-06 13:04:35 -07:00
9c90036704
Add elevation required ( #1277 )
...
* Add elevation required
* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-12
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-11-04 08:30:24 -07:00
2ef8ebdcf1
Generate docs from job=validate_atomics_generate_docs branch=master
2020-11-04 15:24:54 +00:00
bf4bbbb82a
Generate docs from job=validate_atomics_generate_docs branch=master
2020-11-03 22:43:32 +00:00
6fc4272218
Assume Yes for pre-req installation in Linux ( #1280 )
...
Co-authored-by: DNX <auraltension@riseup.net >
2020-11-03 15:42:58 -07:00
e1181e7384
Merge OSCD branch into master ( #1273 )
...
* Tests added
* standardize display name
* Add tests for T1134.001 Access Token Impersonation/Theft (#1236 )
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* Changing to device manufacturer based test
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* Add test for T1006 Direct Volume Access (#1254 )
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* [OSCD] T1036.004: Masquerade Task or Service - 2 tests (#1253 )
* T1036.004 - 2 tests added
* Update T1036.004.yaml
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* T1136.002 - 2 tests added (#1252 )
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* [OSCD] Create atomic test for T1113 for Windows (#1251 )
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* update T1564.002
* update T1564.002
* add Gatekeeper disable; add cleanup for security tools disable; add another launchagent for carbon black defense; remove Gatekeeper disable command from Gatekeeper bypass technique
* Added T1562.006 tests to emulate indicator blocking by modifying configuration files
* Removed prereq and fixed command endings
* Indirect command execution - conhost (#1265 )
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* [OSCD] Office persiststence : Office test (#1266 )
* Office persiststence : Office test
* Added technique details
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* Remove index files to avoid CI complaints.
* Grr
* Generate docs from job=validate_atomics_generate_docs branch=oscd
* Generate docs from job=validate_atomics_generate_docs branch=oscd
Co-authored-by: haresudhan <code@0x6c.dev >
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
Co-authored-by: gregclermont <580609+gregclermont@users.noreply.github.com >
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
Co-authored-by: Carl <57147304+rc-grey@users.noreply.github.com >
Co-authored-by: mrblacyk <kweinzettl@gmail.com >
Co-authored-by: sn0w0tter <42819997+sn0w0tter@users.noreply.github.com >
Co-authored-by: Yugoslavskiy Daniil <yugoslavskiy@gmail.com >
Co-authored-by: aw350m3 <aw350m3@yandex.com >
Co-authored-by: omkargudhate22 <36105402+omkar72@users.noreply.github.com >
2020-10-29 22:54:55 -06:00
f1dacdfeb7
Generate docs from job=validate_atomics_generate_docs branch=master
2020-10-24 14:41:32 +00:00
9658f928e5
better test name ( #1261 )
...
* better name
* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-14
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-10-24 08:19:12 -06:00
49285769f7
cleaner title ( #1260 )
...
* cleaner title
* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-13
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-10-24 08:17:34 -06:00
8c75682918
title clarification ( #1259 )
...
* title clarification
* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-12
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-10-24 08:15:58 -06:00
9e4b0e36d2
move cleanup to cleanup command ( #1258 )
...
* move cleanup to cleanup command
* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-11
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-10-24 08:15:20 -06:00
c9715c0d8c
Generate docs from job=validate_atomics_generate_docs branch=master
2020-10-24 14:12:36 +00:00
c8f43265c7
Introducing AtomicTestHarnesses Tests to ART ( #1270 )
...
* Introduce AtomicTestHarness Tests to ART
Adding:
- T1134.004 - Access Token Manipulation: Parent PID Spoofing
- T1218.001 - Signed Binary Proxy Execution: Compiled HTML File
- T1218.005 - Signed Binary Proxy Execution: Mshta
These tests utilize the recently released [AtomicTestHarnesses](https://github.com/redcanaryco/atomictestharnesses ) to simulate the base tests from from each ATH Harness. Input arguments may be manipulated as needed to enhance simulation.
* Generate docs from job=validate_atomics_generate_docs branch=atomictestharness-tests
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-10-22 14:34:31 -06:00
7a1c4e857b
Generate docs from job=validate_atomics_generate_docs branch=master
2020-10-21 16:48:59 +00:00
29ae06b032
Generate docs from job=validate_atomics_generate_docs branch=master
2020-10-15 16:28:04 +00:00
8f72e4f710
Generate docs from job=validate_atomics_generate_docs branch=master
2020-10-14 02:21:45 +00:00
0e54272108
Generate docs from job=validate_atomics_generate_docs branch=master
2020-10-10 14:35:26 +00:00
1b0994ea9e
update/clarify description ( #1247 )
...
* update/clarify description
* Generate docs from job=validate_atomics_generate_docs branch=clr2of8-patch-10
Co-authored-by: CircleCI Atomic Red Team doc generator <email>
2020-10-08 12:03:40 -06:00
408a3b694c
Generate docs from job=validate_atomics_generate_docs branch=master
2020-10-08 13:45:04 +00:00
298a90bcb5
Generate docs from job=validate_atomics_generate_docs branch=master
2020-10-08 13:39:28 +00:00
4e4f8a2775
Generate docs from job=validate_atomics_generate_docs branch=master
2020-10-08 02:37:06 +00:00
8eb52117b7
Generate docs from job=validate_atomics_generate_docs branch=master
2020-10-06 16:13:36 +00:00
23fc9289cf
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-29 15:47:51 +00:00
f46f1788ab
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-18 18:45:01 +00:00
aaf9b7500e
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-18 14:44:29 +00:00
d68a57842a
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-16 13:57:33 +00:00
30b77fc5a0
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-15 14:57:15 +00:00
00948b0058
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-15 14:53:29 +00:00
45f59adc44
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-09 16:42:32 +00:00
166da61509
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-09 16:41:01 +00:00
5277ef9105
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-09 16:35:21 +00:00
115bb861b7
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-04 17:21:36 +00:00
dcb3d26d84
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-04 17:00:36 +00:00
77428a9439
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-03 22:20:14 +00:00
b69f27c2b3
Generate docs from job=validate_atomics_generate_docs branch=master
2020-09-03 21:49:12 +00:00
04a409832e
Generate docs from job=validate_atomics_generate_docs branch=master
2020-08-20 20:40:34 +00:00
1411b5ec4a
Generate docs from job=validate_atomics_generate_docs branch=master
2020-08-20 20:38:40 +00:00
84054abce5
Generate docs from job=validate_atomics_generate_docs branch=master
2020-08-20 20:28:30 +00:00
7e5f711d57
Generate docs from job=validate_atomics_generate_docs branch=master
2020-08-20 20:21:38 +00:00
CircleCI Atomic Red Team doc generator