security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,633 Commits 47 Branches 0 Tags
958eea13f4e0063b5ea6f4818fe0350004ddd006
Commit Graph

2633 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CircleCI Atomic Red Team GUID generator 958eea13f4 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-09 14:29:37 +00:00
Wesley Cesar 91eca87002 Update T1082.yaml (#1421) 
Added environmet variables discovery

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-04-09 08:29:11 -06:00
CircleCI Atomic Red Team doc generator c32fa3af4f Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-08 17:48:04 +00:00
Carrie Roberts dfa1c271f8 programatically determine location of protocolhandler (#1420) 2021-04-08 11:47:25 -06:00
CircleCI Atomic Red Team doc generator 3f103f9603 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-08 14:34:34 +00:00
Carrie Roberts 4fb4525bf3 small correction to handle cmd/ps executors (#1419) 2021-04-08 08:34:04 -06:00
CircleCI Atomic Red Team doc generator 9eda0b1d7f Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-08 13:22:48 +00:00
Ryan 7ac896f82a Update T1027.yaml (#1418) 
Because, powershell executor

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-04-08 07:22:23 -06:00
CircleCI Atomic Red Team doc generator a2b44e6026 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-08 13:20:04 +00:00
Ryan 23c3f8114b Update T1218.yaml (#1416) 
Default install path was c:\Program Files\Microsoft Office\root\Office16\protocolhandler.exe

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-04-08 07:19:27 -06:00
CircleCI Atomic Red Team doc generator f62f72c9d8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-08 13:12:07 +00:00
Ryan d5f39f7819 Update T1555.yaml (#1415) 
Was failing prereqs due to missing $process value

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-04-08 07:11:40 -06:00
CircleCI Atomic Red Team doc generator adc459fbf7 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-08 13:10:07 +00:00
Ryan ba13a01daf Update T1569.002.yaml (#1414) 
I was failing to pass the precheck without adding in the dependency_executor_name parameter. Something with parsing I believe
 2021-04-08 07:09:43 -06:00
CircleCI Atomic Red Team doc generator 2ecb4a4f84 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-08 13:08:38 +00:00
Carrie Roberts 678d9c5444 remove non-PS command and incorrect param (#1413) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-04-08 07:08:08 -06:00
CircleCI Atomic Red Team doc generator 5148bb998c Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-07 03:39:44 +00:00
CircleCI Atomic Red Team GUID generator cd3087fa78 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-07 03:39:39 +00:00
inc0gnit0 ee6707aadb Added T1053.006 - Blackbot Inc. (#1412) 
* Added T1053.006 - Raymond

* Update T1053.006.yaml

* Update used_guids.txt

Co-authored-by: ryang <ryang@blackbot.io>
 2021-04-06 21:39:25 -06:00
CircleCI Atomic Red Team doc generator 8035973916 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-02 14:18:48 +00:00
CircleCI Atomic Red Team GUID generator afb9b9cc33 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-02 14:18:43 +00:00
Carl 4a2f5b9a73 Merge pull request #1230 from tlor89/T1070.003_Update 2021-04-02 08:18:30 -06:00
tlor89 0c9a8d403e Merge branch 'master' into T1070.003_Update 2021-04-02 09:12:26 -05:00
tlor89 a2395663c0 Update for Disable Bash History Logging with SSH -T Atomic 
Made the following changes for -T for the command and resolved supported platform to linux
 2021-04-02 09:07:57 -05:00
tlor89 08b98f2556 Update T1070.003.yaml 2021-04-02 09:03:48 -05:00
CircleCI Atomic Red Team doc generator ea98ba6b7a Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-02 13:30:11 +00:00
CircleCI Atomic Red Team GUID generator 76a1c0f4bc Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-02 13:30:06 +00:00
tlor89 f4bdccc905 t1564-update (#1411) 
Co-authored-by: Toua Lor <tlor@nti.local>
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2021-04-02 07:29:46 -06:00
CircleCI Atomic Red Team doc generator 228dcb1ae3 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-02 13:28:54 +00:00
Carrie Roberts 8b6c9af427 add usebasicparsing flag (#1410) 2021-04-02 07:28:29 -06:00
CircleCI Atomic Red Team doc generator 180623c8ab Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-04-01 16:50:55 +00:00
Carrie Roberts 0c3ab2ea9c update nav layer version (#1409) 2021-04-01 10:50:37 -06:00
CircleCI Atomic Red Team doc generator bc17626d85 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-03-24 18:39:14 +00:00
Adam Mashinchi f2cb520542 Remove ARTifacts directory (#1408) 
* Update 1547.001 with link to stable "ARTifact" URL

Creating static link for Discovery.bat as "ARTifacts" directory is slated for removal.

* Update 1547.001.md to reflect YAML change

* Delete ARTifacts directory

Legacy URL available here: https://github.com/redcanaryco/atomic-red-team/tree/e88a1ea463964839e267dba74ec1cf7bf634ccbf/ARTifacts
 2021-03-24 12:38:00 -06:00
CircleCI Atomic Red Team doc generator 058b5c2423 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-03-22 15:39:07 +00:00
Matt Graeber 92026b8e3c Moving Invoke-Mimikatz test to T1003.001 (#1407) 2021-03-22 09:38:35 -06:00
CircleCI Atomic Red Team doc generator 396ea73b70 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-03-13 14:24:38 +00:00
CircleCI Atomic Red Team GUID generator 4803288632 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-03-13 14:24:31 +00:00
Matt Graeber 80415a586f Moving mavinject test to T1055.001 and src cleanup #1404 (#1405) 
* Moving mavinject test to T1055.001 and src cleanup #1404

* Adding Windows Command Prompt test

* Adding rundll32.exe test

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2021-03-13 07:22:36 -07:00
Adam Mashinchi 78d40c38a0 Merge pull request #1406 from amashinchi-rc/update-slack-invite-url 
Update Slack Invite on Website
 2021-03-12 10:30:19 -08:00
Michael Haag 83a9f985e4 Merge branch 'master' into update-slack-invite-url 2021-03-12 11:05:02 -07:00
Adam Mashinchi b72f5785ac Update Slack Invite on Website 
Also updating the URL on the atomicredteam.io website.
 2021-03-12 10:02:09 -08:00
Matt Graeber f03437fd28 Merge pull request #1403 from amashinchi-rc/update-slack-invite-url 
Update the Slack Invite Request URL
 2021-03-12 10:24:54 -05:00
Adam Mashinchi a8d45abe94 Update the Slack Invite Request URL 
The web app for requesting a Slack invite no longer works due to a deprecated Slack API call. Moving requests to a (Red Canary provided) Google Form.
 2021-03-11 15:15:00 -08:00
CircleCI Atomic Red Team doc generator a574666190 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-03-10 14:55:55 +00:00
Carrie Roberts 4031861550 add quotes to fix command execution (#1401) 
Thank you @aky1286 and Issue #1400
 2021-03-10 07:55:23 -07:00
CircleCI Atomic Red Team doc generator 974e2eb8b6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-03-10 04:09:43 +00:00
Clément Notin 2221b0715b T1055: psexec "-s" is not required (#1402) 
Since the user is admin the debug privilege is automatically obtained when necessary for the injection
The TTP is also clearer because mimikatz runs as the current user (used for psexec) and not as SYSTEM
 2021-03-09 21:09:09 -07:00
CircleCI Atomic Red Team doc generator 2fd6408411 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2021-03-06 04:06:46 +00:00
Carl fec19f8bef Merge pull request #1398 from YSaxon/patch-1 
remove macOS from /etc/passwd test
 2021-03-05 21:06:10 -07:00