security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,564 Commits 47 Branches 0 Tags
a6e1d47cdde51a5df021f7c4d135c8da025abb4e
Commit Graph

3564 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Araveti Esanya Reddy a6e1d47cdd Update T1562.008.yaml 2022-03-14 22:44:03 +05:30
Araveti Esanya Reddy c88221308f updated as per review comments 2022-03-14 22:34:33 +05:30
Araveti Esanya Reddy 6b9b55ff88 Automated o365 Exchange Audit Log disabled scenario 2022-03-03 16:27:56 +05:30
CircleCI Atomic Red Team doc generator 0e616b34b3 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-02 22:00:09 +00:00
CircleCI Atomic Red Team GUID generator 28e7237bc1 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-02 22:00:03 +00:00
SecWilson b62ba2e548 Atomic that mimics recent Qakbot behavior (#1793) 
* Atomic that mimics recent Qakbot behavior

* small edits

removed elevation_required, shortened test name, made some readability updates.

Co-authored-by: Wilson <SWilson@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-03-02 14:59:28 -07:00
CircleCI Atomic Red Team doc generator 9d17172d5b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-02 20:37:37 +00:00
CircleCI Atomic Red Team GUID generator 150d0db325 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-03-02 20:37:30 +00:00
Leo Verlod a24baaf6da Adding T1217 Test 8 - List Safari Bookmarks (#1794) 
Adding T1217 Test 8 - List Safari Bookmarks for MacOS. This test locates any Safari bookmarks files and outputs the file paths to a text document.
 2022-03-02 13:36:51 -07:00
CircleCI Atomic Red Team doc generator 021449e282 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-28 19:20:26 +00:00
Carrie Roberts a1f4a9b8e2 move uacme.zip into RC repo (#1790) 
* move uacme.zip into RC repo

* set outfile
 2022-02-28 12:19:52 -07:00
dependabot[bot] e6dcefa095 Bump nokogiri from 1.12.5 to 1.13.3 (#1791) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.5...v1.13.3)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-26 14:58:50 -06:00
CircleCI Atomic Red Team doc generator 74bdf86845 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-24 21:32:47 +00:00
CircleCI Atomic Red Team GUID generator 3ebf9c41ff Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-24 21:32:42 +00:00
Leo Verlod c01fece41f Adding T1090.003 Test 4 - Tor Proxy Usage on MacOS (#1789) 
This test is designed to launch the Tor proxy service on MacOS.
 2022-02-24 14:32:16 -07:00
CircleCI Atomic Red Team doc generator 1693f83068 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-22 23:58:21 +00:00
CircleCI Atomic Red Team GUID generator 66ecac79c7 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-22 23:58:16 +00:00
BigPint 285db746a7 Initial creation of BlackByte Ransomware Registry Changes atomic (#1787) 
* Initial creation of BlackByte Ransomware Registry Changes atomic

* Updated T1112 Yaml

Added line at the end
Removed auto guid
added -cmd to test name

Co-authored-by: Wilson <SWilson@nti.local>
 2022-02-22 17:57:54 -06:00
CircleCI Atomic Red Team doc generator 021fe46502 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-22 15:39:03 +00:00
CircleCI Atomic Red Team GUID generator 319908bbc5 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-22 15:38:58 +00:00
Leo Verlod a50772cdf6 Adding T1090.003 Test 3 - Tor Usage on Debian/Ubuntu (#1786) 2022-02-22 08:38:30 -07:00
CircleCI Atomic Red Team doc generator 6bacc32286 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-21 17:35:33 +00:00
CircleCI Atomic Red Team GUID generator 79ff4f08bc Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-21 17:35:27 +00:00
frack113 771a4fba70 Sigma sysmon_susp_mic_cam_access (#1785) 2022-02-21 10:34:57 -07:00
CircleCI Atomic Red Team doc generator 2f802d60e7 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-18 18:00:32 +00:00
Bhavin Patel 2a1fa2498c Merge pull request #1784 from clr2of8/giturl 
github perm url
 2022-02-18 09:59:58 -08:00
Carrie Roberts daa211f444 github perm url 2022-02-17 15:56:26 -07:00
CircleCI Atomic Red Team doc generator a917a6fe3e Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-17 21:58:24 +00:00
Carrie Roberts fad941ace9 update script link (#1783) 2022-02-17 14:57:50 -07:00
CircleCI Atomic Red Team doc generator 1259433119 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-17 18:55:02 +00:00
Eloy ef2792b098 T1046 2 fix prerequisites (#1781) 
* T1046-2: set elevation_required: true

* T1046-2: add netcat prerequisite

* T1046-2: add telnet prerequisite

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-02-17 11:54:29 -07:00
IntelScott 89ff9a817f Create T1003.005.yaml (#1780) 
* Create T1003.005.yaml

* Update T1003.005.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-02-17 10:54:23 -07:00
CircleCI Atomic Red Team doc generator 822dcbdb0e Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-15 20:23:40 +00:00
CircleCI Atomic Red Team GUID generator 1bdc7b2855 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-15 20:23:35 +00:00
Lou Stella a4ef8ea382 DiskShadow Execution of script (#1778) 
* DiskShadow Execution of script

* Added reference to description

* Implemented dspath check
 2022-02-15 14:23:09 -06:00
CircleCI Atomic Red Team doc generator cb88319f98 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-15 13:56:29 +00:00
CircleCI Atomic Red Team GUID generator eed223eecd Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-15 13:56:23 +00:00
Leo Verlod 391c790aa4 Adding T1090.003 Test 1 - Tor Usage (Windows) (#1779) 
This test is designed to emulate the Tor proxy service being utilized on Windows, which can then be connected to via other applications to anonymize traffic.

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-02-15 06:55:54 -07:00
CircleCI Atomic Red Team doc generator 1792b93448 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-15 13:15:07 +00:00
CircleCI Atomic Red Team GUID generator 284f07af70 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-15 13:15:02 +00:00
CyberBilly7 a3ead89e7c Psiphon (#1771) 
* message

* Update T1090.003.yaml

* Final updates b4 merge

Removed input arg, split dependencies out into two different ones, made use of USERPROFILE environment variable to improve robustness of test.

* use %USERPROFILE% environment variable

Co-authored-by: Chase James <cjames@nti.local>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-02-15 06:14:43 -07:00
CircleCI Atomic Red Team doc generator f01c461021 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-14 19:20:25 +00:00
glallen 2a77160edf T1546.004: changes default command, adds cleanup command (#1777) 
* adds prereq for lsof/T1087.001, fixes other broken prereq cmds

- several instances of: `yum -y epel-release rsyslog` missing an `install`
- adds dependency for lsof

* T1546.004: changes default command, adds cleanup command

The default `/path/to/script.py` was not present, and not cleaned up, which
caused some annoyance with repeat testing.
 2022-02-14 13:19:38 -06:00
CircleCI Atomic Red Team doc generator 40da3cb699 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-12 20:02:51 +00:00
CircleCI Atomic Red Team GUID generator 8ef1fbdcf9 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-12 20:02:45 +00:00
frack113 cd6ed162eb Add T1564.006 Virtualbox (#1775) 
* Add T1564.006 Virtualbox

* update description

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-02-12 13:02:22 -07:00
CircleCI Atomic Red Team doc generator b9445cf19e Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-10 14:40:10 +00:00
glallen a83e73fbe4 adds prereq for lsof/T1087.001, fixes other broken prereq cmds (#1774) 
- several instances of: `yum -y epel-release rsyslog` missing an `install`
- adds dependency for lsof
 2022-02-10 07:39:32 -07:00
CircleCI Atomic Red Team doc generator 5f5b2d23d5 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-09 16:57:44 +00:00
CircleCI Atomic Red Team GUID generator ac50cbfaae Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] 2022-02-09 16:57:39 +00:00