security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,121 Commits 47 Branches 0 Tags
9ab98d23188317182dcbf9299feb06fd4e49449f
Commit Graph

1121 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CircleCI Atomic Red Team doc generator 9ab98d2318 Generate docs from job=validate_atomics_generate_docs branch=master 2018-11-17 16:15:14 +00:00
Ross Wolf ae1b07bf4d Update T1042 with cmd /c argument (#408) 
The `/c` flag was missing for `cmd.exe`, causing the command to be skipped.
 2018-11-17 09:15:06 -07:00
CircleCI Atomic Red Team doc generator 51180df1b1 Generate docs from job=validate_atomics_generate_docs branch=master 2018-11-14 21:38:39 +00:00
Tony M Lambert 64ac0fea1f T1223 Compiled HTML Help (#407) 
* T1223 Compiled HTML Help

* Update ATT&CK JSON (#406)

* Generate docs from job=validate_atomics_generate_docs branch=master

* T1223 Compiled HTML Help
 2018-11-14 14:38:32 -07:00
CircleCI Atomic Red Team doc generator 6965fc15ef Generate docs from job=validate_atomics_generate_docs branch=master 2018-11-14 20:59:18 +00:00
Tony M Lambert c68c20392b Update ATT&CK JSON (#406) 2018-11-14 13:59:04 -07:00
Keith McCammon 53b39e11fe Merge pull request #401 from redcanaryco/clean-up-csmith 
fix-executor
 2018-11-11 18:18:48 -07:00
Keith McCammon 7074c68b8d Merge pull request #403 from redcanaryco/t1087-kwm 
Clean up T1087 for consistency, platform accuracy
 2018-11-11 12:45:34 -07:00
CircleCI Atomic Red Team doc generator bce4f2b833 Generate docs from job=validate_atomics_generate_docs branch=t1087-kwm 2018-11-11 19:43:16 +00:00
Keith McCammon 2cf59e99fa Clean up for consistency, platform accuracy 
No new atomic tests were added. One test was broken into two.
 2018-11-11 12:41:49 -07:00
CircleCI Atomic Red Team doc generator f48234fc7f Generate docs from job=validate_atomics_generate_docs branch=clean-up-csmith 2018-11-10 22:54:09 +00:00
caseysmithrc 11b85d5596 fix-executor 2018-11-10 15:53:55 -07:00
CircleCI Atomic Red Team doc generator 1054ca1f97 Generate docs from job=validate_atomics_generate_docs branch=master 2018-11-10 22:26:16 +00:00
Keith McCammon 2983aae443 Merge pull request #378 from ForensicITGuy/add-test-t1158 
T1158 Added tests for hidden and system file hiding using attrib.exe
 2018-11-10 15:26:10 -07:00
CircleCI Atomic Red Team doc generator b1f0697d79 Generate docs from job=validate_atomics_generate_docs branch=master 2018-11-10 22:25:33 +00:00
Keith McCammon 443adfb504 Merge pull request #386 from ForensicITGuy/t1089-http-logging 
T1089 Disable IIS HTTP logging
 2018-11-10 15:25:26 -07:00
CircleCI Atomic Red Team doc generator 531154eefd Generate docs from job=validate_atomics_generate_docs branch=master 2018-11-10 22:24:33 +00:00
Keith McCammon 50c590cb1f Merge pull request #390 from ForensicITGuy/t1105-fix 
Fixed T1105 test
 2018-11-10 15:24:25 -07:00
Keith McCammon c2c27aeb71 Merge branch 'master' into t1105-fix 2018-11-10 14:23:53 -07:00
Keith McCammon 159d503bdb Merge pull request #382 from redcanaryco/t1090-proxy-redirection 
T1090 proxy redirection
 2018-11-08 09:27:00 -07:00
Michael Haag 22d5574c10 Fixed T1099 (#399) 
* Fixed T1099

fixed T1099 input args

* Generate docs from job=validate_atomics_generate_docs branch=T1099-2
 2018-11-02 14:10:44 -07:00
Michael Haag 7bc7660f4f Discovery.bat Update (#397) 
* Discovery and Cleanup

* Generate docs from job=validate_atomics_generate_docs branch=Discovery

* mv discovery.bat

* Fixed Discovery.bat URLs

Updated Techniques with new location of discovery.bat

* Generate docs from job=validate_atomics_generate_docs branch=Discovery
 2018-11-02 13:17:39 -07:00
Brian Beyer 16a9e95f16 Don't validate the template because of todos 2018-10-26 15:00:21 -06:00
Tony M Lambert cbb425bdc7 Fixed T1105 test 2018-10-26 12:59:47 -06:00
ForensicITGuy 087be15e6a T1089 Disable IIS HTTP logging 2018-10-23 15:49:20 -05:00
Brian Beyer 1deb39ba9a Validate command, input_arguments, and TODOs (#383) 
* validate input args in command and vice versa

* validate the existence of TODOs

* Update T1002.yaml

* Update T1014.yaml

* Update T1022.yaml

* Fixed Issues Identified

Fixed multiple issues identified by branch in order to push merge
 2018-10-22 13:10:51 -04:00
CircleCI Atomic Red Team doc generator 13665af6ef Generate docs from job=validate_atomics_generate_docs branch=master 2018-10-21 17:39:45 +00:00
Keith McCammon 8cfecaf347 Merge pull request #380 from ForensicITGuy/copy-keys-t1145 
T1145 Copy SSH keys using cp/rsync
 2018-10-21 11:39:39 -06:00
CircleCI Atomic Red Team doc generator 44ad3639a9 Generate docs from job=validate_atomics_generate_docs branch=t1090-proxy-redirection 2018-10-21 17:34:35 +00:00
Keith McCammon 2a1d1fd31b macOS and Linux connection proxy test 
Configure basic connection proxy on macOS or Linux using http_proxy or
https_proxy environment variables.
 2018-10-21 11:31:17 -06:00
Keith McCammon 4ee921e314 Merge pull request #381 from redcanaryco/roll-the-dice 
initial commit of roll the dice implementation
 2018-10-20 19:18:14 -06:00
CircleCI Atomic Red Team doc generator 950842f40f Generate docs from job=validate_atomics_generate_docs branch=roll-the-dice 2018-10-20 21:51:42 +00:00
Brian Beyer cc720886e8 initial commit of roll the dice implementation 2018-10-20 15:51:26 -06:00
CircleCI Atomic Red Team doc generator 8db4f8c2a3 Generate docs from job=validate_atomics_generate_docs branch=master 2018-10-20 19:38:18 +00:00
Brian Beyer ae418fec76 add initial commit of atomics/index.yaml 2018-10-20 13:38:06 -06:00
Brian Beyer 73491d44c2 generate YAML index alongside Markdown indices 2018-10-20 13:36:29 -06:00
Tony M Lambert 305e153881 T1145 Added tests to copy private keys using cp and rsync 2018-10-19 17:42:11 -04:00
Tony M Lambert 4098cd9e09 Minor fix to syntax 2018-10-19 17:27:04 -04:00
Tony M Lambert abb43d1b4f T1145 discover SSH keys 2018-10-19 16:36:28 -04:00
Tony M Lambert ff02488808 Fix the things to pass CircleCI 2018-10-19 16:15:44 -04:00
Tony M Lambert 9a00a05ba0 Added tests for hidden and system file hiding using attrib.exe 2018-10-19 16:11:36 -04:00
caseysmithrc a91994c5bb Fixed Bug in Get-Atomic (#376) 
* Fixed Bug in Get-Atomic

* Update Get-AtomicTechnique.ps1
 2018-10-11 20:28:39 -04:00
CircleCI Atomic Red Team doc generator 664ca4d109 Generate docs from job=validate_atomics_generate_docs branch=master 2018-10-12 00:28:10 +00:00
Tony M Lambert 84677cc45c T1003 Added credential dumping tests (#377) 
* Added test to dump lsass using procdump

* Added test to dump lsass.exe using Task Manager

* Added offline credential theft using Mimikatz

* Added test to dump NTDS.dit using NTDSUtil
 2018-10-11 20:27:57 -04:00
CircleCI Atomic Red Team doc generator efd5688d9d Generate docs from job=validate_atomics_generate_docs branch=master 2018-10-11 17:28:54 +00:00
Tony M Lambert d6e5210332 T1086 Fileless PowerShell from Registry (#372) 
* T1086 Exec PoSH payload from registry

* fixed a syntax issue
 2018-10-11 13:28:46 -04:00
caseysmithrc bd4afde020 T1055 update (#370) 
* Correct T1055 Soruce and Test

* Generate docs from job=validate_atomics_generate_docs branch=T1055-Update

* Update T1055.cpp
 2018-10-04 19:02:30 -07:00
CircleCI Atomic Red Team doc generator 0dfd0a7320 Generate docs from job=validate_atomics_generate_docs branch=master 2018-10-04 12:48:25 +00:00
Superbug 36bdfd4731 Some Powershell bugs fixed. (#369) 
* Some Powershell bugs fixed.

* Update T1112.md
 2018-10-04 05:48:16 -07:00
CircleCI Atomic Red Team doc generator eb9cf5f42c Generate docs from job=validate_atomics_generate_docs branch=master 2018-10-03 13:57:44 +00:00