bd3170421e
Merge pull request #135 from redcanaryco/yaml-spec
...
Proposed YAML spec and validation script
2018-05-09 18:29:49 -04:00
3bea351443
Update mshta.sct
2018-05-08 17:05:54 -06:00
d8b7e75619
Update mshta.sct
2018-05-08 16:49:15 -06:00
9fe04531fe
Update mshta.sct
2018-05-08 16:43:20 -06:00
b320eb3949
Update mshta.sct
2018-05-08 16:42:13 -06:00
3df40194fd
Update mshta.sct
2018-05-08 16:41:05 -06:00
ef53daad74
Merge pull request #134 from redcanaryco/atomic-dev-cs
...
Atomic dev cs
2018-05-07 16:21:30 -04:00
cb7f4a7923
Fix
2018-05-07 14:20:16 -06:00
934bb78ea8
Fix
2018-05-07 14:18:51 -06:00
d508c3a71a
SquiblyTwo
...
Adding SquiblyTwo
2018-05-01 15:29:42 -04:00
7467e6aade
Merge pull request #125 from redcanaryco/atomic-dev-cs
...
Hooking T1179
2018-04-25 13:10:18 -04:00
0ee8cfae2b
Update AtomicSSLHook.cpp
2018-04-25 10:57:23 -06:00
4834b6928f
Update AtomicSSLHook.cpp
2018-04-25 10:56:26 -06:00
191d95c26a
Hooking T1179
...
Atomic Hooking Technqiue
2018-04-25 10:52:00 -06:00
7ef84e4815
Credential_Access/Hooking
2018-04-24 10:17:42 -04:00
92ab19d773
Created T1191 and T1183, added technique to T1060
2018-04-17 11:58:38 +02:00
55d9b37b22
start yamlizing a bunch of techniques
2018-04-17 00:13:12 -07:00
c5ed6a89f9
Update AtomicRedTeam.sct
2018-03-13 14:11:24 -06:00
f5c852b834
add windows browser extension docs and payload
2018-02-26 13:14:07 +11:00
af7be36230
Update Payload
2018-02-11 21:19:46 -07:00
3ac9834f38
mshta
2018-01-16 08:56:26 -07:00
1b087c7e2a
Update Program.cs
2018-01-13 12:28:33 -07:00
dce29fd24d
Add/Change Mac and All the Things cleanup
...
Created Mac/Credential_Access/Input_Prompt
Added AppleScript password prompt to Credential Access/Input Prompt
Cleanup Mac/Execution/AppleScript
Updated Mac Grid
Updated formatting on AllTheThings test.bat
2017-12-29 12:12:54 -05:00
d266915612
Update All The Things
2017-12-20 15:39:07 -07:00
1d57ef77e0
Fix Shim References
2017-12-07 09:03:07 -07:00
67613f4a44
Context For Shims
2017-12-06 15:40:21 -07:00
809e2cb4b8
Fix Typo
2017-12-06 15:12:35 -07:00
7bec20d991
App Compat ReadMe
2017-12-06 15:11:56 -07:00
44611b8f3b
Fix Instructions
2017-12-06 15:05:18 -07:00
14f2a68a96
Shim Test Files
2017-12-06 14:52:06 -07:00
b8cd61afb4
Fix Casing
2017-12-01 13:04:29 -07:00
1804b97780
Updated All the Things
2017-11-30 08:54:10 -07:00
f47d9be70a
Merge pull request #35 from redcanaryco/Protoss-Dev
...
Updated AllTheThings
2017-11-30 08:36:08 -07:00
e4e892da8b
Updated All The Things
2017-11-30 06:25:37 -07:00
5375477446
Updated AllTheThings Example
2017-11-30 06:08:27 -07:00
58426cd424
Merge pull request #29 from redcanaryco/dev-mh
...
Updated Formatting + System Service Discovery
2017-11-27 13:09:31 -07:00
f6bfcd4e52
Discovery.bat - add
...
Added sc.exe query line
2017-11-21 12:17:55 -08:00
c3d870f399
Update AtomicService.cs
2017-11-19 07:54:51 -07:00
f84a365a73
Update AtomicService.cs
2017-11-19 07:53:03 -07:00
df59f2be24
Service Binary Code
2017-11-19 07:42:50 -07:00
24e2671f45
Added Invoke-Mimnikatz
...
Invoke-Mimikatz Locally
2017-11-13 15:06:40 -07:00
c03b740553
update instructions
...
Update MHT To Doc Notes
2017-11-13 11:54:20 -07:00
4439c529ea
Sample VBA
...
Sample VBA Downloader
2017-11-13 11:53:35 -07:00
d61e743c41
Discovery bat fix
...
Removed a basic thing and made it even more basic
2017-11-03 09:56:44 -07:00
e22d823c4b
Credentials in Files
...
+ Credentials in Files
+ add Get-GPPPassword.ps1
+ Update matrix
2017-11-02 11:53:28 -07:00
be85bb6afe
Discovery bat
...
+ Added reg queries to payload.
2017-10-31 12:58:40 -07:00
34dd80d94b
Initial Commit
...
+ Audio Capture
+ Automated Collection
+ Input Capture
+ collection bat
+ Payload
+ Updated Matrix
2017-10-12 15:05:28 -07:00
87743faf73
Discovery
...
+ Added a Discovery bat file to run all the things at once. Generally, none of this activity is deemed "evil" as it is recon activity. Seeing it all run at once should be suspect to anyone.
+ Updates to two discovery files.
2017-10-12 10:35:44 -07:00
ac8dd2cfec
Initial Commit
...
Initial Checkin
2017-10-11 10:35:17 -07:00
caseysmithrc