security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,004 Commits 47 Branches 0 Tags
97049fe2fce28827b8ead1beef0773e225fa74cc
Commit Graph

4004 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Brendan Malone 97049fe2fc Made requested changed 2022-06-16 10:38:03 -05:00
Jose Enrique Hernandez 176bc88abf Merge branch 'master' into 1056.001 2022-06-15 20:49:46 -04:00
Atomic Red Team doc generator 5a14d96c37 Generated docs from job=generate-docs branch=master [ci skip] 2022-06-15 21:35:21 +00:00
Jose Enrique Hernandez 0d09ff0234 Merge pull request #1998 from clr2of8/no02 
moving atomics to correct T#
 2022-06-15 17:34:47 -04:00
Carrie Roberts 03e37456cd moving atomics to correct T# 2022-06-15 15:30:42 -06:00
Atomic Red Team GUID generator 1d1ae02aa3 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-15 17:24:10 +00:00
Jacques Decarie d0a80fb9b4 adding t1547.003 (#1996) 
* adding t1547.003

* fixing cleanup commands
 2022-06-15 11:23:41 -06:00
Atomic Red Team GUID generator 9c3785a4ca Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-13 21:04:24 +00:00
Leo Verlod 148a5a235d Adding T1546.015 Test 3 - COM Hijacking with RunDLL32 (Local Server Switch) (#1992) 
* Update T1546.015.yaml

* Add files via upload

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-06-13 15:03:51 -06:00
Brendan Malone c8b80f6fce Add files via upload 2022-06-09 10:19:55 -05:00
Brendan Malone 9982660ef4 Delete MacOSKeylogger.swift 2022-06-09 10:19:39 -05:00
Brendan Malone 62525bc507 Changed swift script 2022-06-09 09:59:48 -05:00
Brendan Malone 1bfc4dc6e3 Updated descriptions 2022-06-09 09:48:27 -05:00
Brendan Malone 58656a3f53 Merge branch 'redcanaryco:master' into 1056.001 2022-06-09 09:46:40 -05:00
Atomic Red Team GUID generator 25299b1e40 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-08 22:51:10 +00:00
Jose Enrique Hernandez 84232bc50c Merge pull request #1989 from RoundBunny/master 
Added T1574.006 MacOS Dylib Injection
 2022-06-08 18:50:39 -04:00
Brendan Malone d2cf4f16bb Uploaded swift keylogging script 2022-06-08 10:13:51 -05:00
Brendan Malone 749c30e4b6 Added MacOS Test for T1056.001 2022-06-08 10:13:11 -05:00
Brendan Malone 40917c1a65 Moved c script 2022-06-07 10:36:26 -05:00
Jose Enrique Hernandez 89c697c951 Merge branch 'master' into master 2022-06-04 23:05:22 -04:00
Atomic Red Team GUID generator d8f1820ef6 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-04 00:04:19 +00:00
tccontre a768529778 Creates Schedule task with hidden attribute settings (#1986) 
* Update T1112.yaml

* Update T1112.yaml

* typos

* Update T1087.002.yaml

* Update T1087.002.yaml

* Update T1087.002.yaml

* Add files via upload

* Update T1053_05_SCTASK_HIDDEN_ATTRIB.xml

* Update T1053.005.yaml

* Update T1053.005.yaml

* Update T1087.002.yaml

* Update T1087.002.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-06-03 18:03:49 -06:00
Atomic Red Team GUID generator 3d378b3924 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-03 22:48:12 +00:00
Ján Trenčanský 3ccb32ec78 WMI Persistence using ActiveScriptEventConsumer (#1987) 2022-06-03 16:47:47 -06:00
Brendan Malone df67a8aa4d Fixed not compiling 2022-06-03 10:23:25 -05:00
Brendan Malone 3e36aa671f MacOS Dylib injection for T1574.006 
reference: https://cedowens.medium.com/taking-esf-for-a-nother-spin-6e1e6acd1b74
 2022-06-02 14:57:35 -05:00
Brendan Malone 7748526bd4 C file for opening calc 2022-06-02 14:56:00 -05:00
Atomic Red Team GUID generator 5b1111f223 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-06-01 20:32:51 +00:00
Bhavin Patel a42be924d6 Merge pull request #1983 from javery-sysdig/patch-2 
Create T1611.002.yaml "Escape to Host"
 2022-06-01 13:32:12 -07:00
Bhavin Patel fa3a182989 Merge branch 'master' into patch-2 2022-06-01 13:30:54 -07:00
Atomic Red Team doc generator 3b83031d25 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-31 17:14:18 +00:00
Atomic Red Team GUID generator cc5498aee5 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-31 17:14:13 +00:00
Bhavin Patel 5c7c272b82 Merge pull request #1981 from Leomon5/patch-14 
Adding T1110.003 Test 7 - Password Spray with MSOLSpray
 2022-05-31 10:13:40 -07:00
Bhavin Patel 0d57af5887 Merge branch 'master' into patch-14 2022-05-31 10:12:43 -07:00
Atomic Red Team doc generator a111959d19 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-25 04:21:58 +00:00
Atomic Red Team GUID generator d9b7195f86 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-25 04:21:53 +00:00
IT-Native c02ec5c36e Changes file extension of Test 1195 so that the file is detected and … (#1982) 
* Changes file extension of Test 1195 so that the file is detected and there is no error anymore

* Update T1195.yaml

Co-authored-by: Georg Schlagholz <georg.schlagholz@it-native.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-24 22:21:26 -06:00
Atomic Red Team doc generator a888e0e7c9 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-25 04:12:17 +00:00
Atomic Red Team GUID generator a8f00eb241 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-25 04:12:12 +00:00
frack113 af529da1e5 Add lolbin (#1979) 2022-05-24 22:11:43 -06:00
Jason Avery be60206066 Create T1611.002.yaml "Escape to Host" 
Fairly straight forward way to escape a privileged docker container and compromise the host once getting root on the container.
 2022-05-24 11:16:30 -05:00
Leo Verlod 322f6843fa Adding T1110.003 Test 7 - Password Spray with MSOLSpray 2022-05-23 23:44:09 -05:00
Atomic Red Team doc generator 9e8bb918d5 Generated docs from job=generate-docs branch=master [ci skip] 2022-05-19 23:05:53 +00:00
Atomic Red Team GUID generator 7846e9770a Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-19 23:05:48 +00:00
Carrie Roberts 908924d51f add a lightweight password spray test (#1978) 2022-05-19 17:05:21 -06:00
Atomic Red Team doc generator ebfc28708d Generated docs from job=generate-docs branch=master [ci skip] 2022-05-17 22:48:32 +00:00
Carrie Roberts c171910f63 typo fix (#1973) 2022-05-17 16:48:04 -06:00
Atomic Red Team doc generator 2007ac5d8d Generated docs from job=generate-docs branch=master [ci skip] 2022-05-17 22:25:12 +00:00
Atomic Red Team GUID generator a204b5bcfb Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-05-17 22:25:08 +00:00
Jesse Moore 0ba9c7ec9e Challenge Bounty T1615 LOL-cmdlet Get-GPO cmdlet (#1966) 
* ChallengeBounty T1615 LOLB Get-GPO cmdlet

* Added changes 

Took out variableInput and put in $ENV:userdnsdomain, on attack command also made the CheckPreqs say people need to install RSAT manually for GroupPolicy and ActiveDirectory. The cleanUp command won't take those RSAT modules out, but instead will remove the gpo_output file.  The GetPrereq might need a little work but shouldn't need it..... since the -CheckPrereq says to Manually install on Windows 10. Hope that works out.

* Update T1615.yaml

Glad you showed me the PreReq "if" command trick, I would of struggled with it, thank you. Thanks for pointing out the GetPreqs need to be in there separate areas, I don't think I've had to do that before. Ya, glad you had me look more into getting the Win10 to work; I was just going for win server but its nice to have both as an option, thanks for kindly suggesting.

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-05-17 16:24:48 -06:00