security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,676 Commits 47 Branches 0 Tags
b0b413cc9da90065caf67acab30c6c08cf4e02b4
Commit Graph

4676 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
çidem b0b413cc9d T1105 :: Correct remote_url, Change del to rm (#2265) 2023-01-03 22:23:39 -05:00
Atomic Red Team doc generator c2aca27df1 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-04 03:19:27 +00:00
Atomic Red Team GUID generator b5dde3c8f2 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-01-04 03:19:21 +00:00
Michael Haag 6db82cba9c T1505.004 - IIS Components & T1562.002 - Disable HTTP logging (#2266) 2023-01-03 22:18:53 -05:00
Atomic Red Team doc generator 9627003081 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-03 13:36:41 +00:00
Carrie Roberts fd7772813a corrected code so it will execute (#2263) 
* corrected code so it will execute

* elevation not needed

* update description
 2023-01-03 06:36:03 -07:00
Atomic Red Team doc generator 9a6e0425ff Generated docs from job=generate-docs branch=master [ci skip] 2022-12-30 16:02:40 +00:00
Atomic Red Team GUID generator 8036dec1c4 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-12-30 16:02:34 +00:00
devapriya16 4a4fd153d8 Update T1112.yaml (#2262) 
Enabling Restricted Admin Mode via Command_Prompt, enables an attacker to perform a pass-the-hash attack using RDP

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-12-30 11:02:04 -05:00
Atomic Red Team doc generator 08579bb5be Generated docs from job=generate-docs branch=master [ci skip] 2022-12-30 00:42:18 +00:00
Carrie Roberts 0dab0ee7e9 block regedit and cmd.exe (#2260) 2022-12-29 17:41:33 -07:00
Atomic Red Team doc generator 25acadc0b4 Generated docs from job=generate-docs branch=master [ci skip] 2022-12-20 16:01:17 +00:00
Noy-s1 5c710cc04e Fixed Automated Collection Command Prompt variable call (#2259) 
* Fixed Automated Collection Command Prompt variable call

While using the commands from a batch file the old code wont work because of the way the variable is being called.
The addition of '%' fixed the issue.

* Update T1119.yaml

* add slash

* Update T1564.004.yaml

* Update T1564.004.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-12-20 11:00:42 -05:00
Atomic Red Team doc generator 84d9edaaaa Generated docs from job=generate-docs branch=master [ci skip] 2022-12-17 15:46:08 +00:00
Atomic Red Team GUID generator 6564ab464e Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-12-17 15:46:01 +00:00
Michael Haag 9c34bcb1a8 Create T1562.yaml (#2258) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-12-17 10:45:29 -05:00
Atomic Red Team doc generator 2fadd2287c Generated docs from job=generate-docs branch=master [ci skip] 2022-12-16 21:55:22 +00:00
Carrie Roberts c17eeb2b66 move reference to description (#2257) 2022-12-16 16:54:51 -05:00
Atomic Red Team doc generator 13e23151c8 Generated docs from job=generate-docs branch=master [ci skip] 2022-12-16 20:27:20 +00:00
Atomic Red Team GUID generator 204c86694e Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-12-16 20:27:13 +00:00
sai prashanth pulisetti 7fd3529b28 Update for name: Abuse Nslookup with DNS Records (#2248) 
* Update for name: Abuse Nslookup with DNS Records

* custom nslookup function

* fix spacing

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-12-16 15:26:42 -05:00
Atomic Red Team doc generator b86d24fd99 Generated docs from job=generate-docs branch=master [ci skip] 2022-12-14 23:10:06 +00:00
Atomic Red Team GUID generator 51c59e06d3 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-12-14 23:09:58 +00:00
Mohana Shankar D 54cc912687 Remote System Discovery - net group Domain Controller (#2249) 
* Remote System Discovery - net group Domain Controller

Identify remote systems with net.exe querying the Active Directory Domain Controller. Upon successful execution, cmd.exe will execute cmd.exe against Active Directory to list the "Domain Controller" in the domain. Output will be via stdout.

* Update T1018.yaml

* Update T1018.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-12-14 18:09:24 -05:00
Atomic Red Team doc generator c17e4303bc Generated docs from job=generate-docs branch=master [ci skip] 2022-12-14 22:50:55 +00:00
Bhavin Patel 939774541e Merge pull request #2243 from redcanaryco/clr2of8-patch-29 
correct name
 2022-12-14 14:50:22 -08:00
Michael Haag 17a66b018f Merge branch 'master' into clr2of8-patch-29 2022-12-14 13:42:35 -07:00
Atomic Red Team doc generator 324b2a7401 Generated docs from job=generate-docs branch=master [ci skip] 2022-12-14 20:41:48 +00:00
Michael Haag 09043e625c Merge branch 'master' into clr2of8-patch-29 2022-12-14 13:41:37 -07:00
Carrie Roberts 14271bcbc5 removing duplicate test (#2239) 
* removing duplicate test

* add elevation required

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2022-12-14 13:41:20 -07:00
Atomic Red Team doc generator 45741c6c95 Generated docs from job=generate-docs branch=master [ci skip] 2022-12-14 20:35:27 +00:00
Carrie Roberts 684a637c1a fix typo, user temp directory (#2238) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2022-12-14 13:34:57 -07:00
Jonathan Yee 9d2f6e05c9 Update T1567.002.yaml (#2245) 
Removed tab from file which was causing parsing to break
 2022-12-14 07:33:55 -07:00
Atomic Red Team doc generator 5c1e6f1b4f Generated docs from job=generate-docs branch=master [ci skip] 2022-12-07 01:40:37 +00:00
Brian c6368a624d Updating ATT&CK and Navigator (#2244) 
This should update the Navigator layers from ATT&CK 11 to 12 and from Navigator 4.5.5 to 4.7.1
 2022-12-06 18:39:57 -07:00
Carrie Roberts 063610ad8e correct name 2022-12-03 18:37:00 -05:00
Atomic Red Team doc generator ce55c6dfb1 Generated docs from job=generate-docs branch=master [ci skip] 2022-11-29 00:09:43 +00:00
Atomic Red Team GUID generator 747a28a689 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-11-29 00:09:36 +00:00
tr4cefl0w d4721d481c adding credman gump using keymgr.dll (#2242) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-11-28 19:09:04 -05:00
Atomic Red Team doc generator c65c1656a4 Generated docs from job=generate-docs branch=master [ci skip] 2022-11-29 00:06:26 +00:00
Atomic Red Team GUID generator 4fbdacf673 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-11-29 00:06:19 +00:00
BlueTeamOps 414118431e Tests to simulate misuse of secedit.exe (#2241) 
* secedit config template

* added secedit based persistence

* added secedit based discovery
 2022-11-28 19:05:09 -05:00
Atomic Red Team doc generator 1e6c1c70fd Generated docs from job=generate-docs branch=master [ci skip] 2022-11-24 14:10:04 +00:00
çidem 18baf6d730 T1560.002 :: Fix typo for gzip (#2240) 2022-11-24 09:09:26 -05:00
Atomic Red Team doc generator bfbb8be4e3 Generated docs from job=generate-docs branch=master [ci skip] 2022-11-21 20:42:04 +00:00
Atomic Red Team GUID generator d1343687d4 Generate GUIDs from job=generate-docs branch=master [skip ci] 2022-11-21 20:41:57 +00:00
tr4cefl0w 17b80161a4 adding atomic test T1055.003 (#2237) 
* adding atomic test T1055.003

* adding atomic test T1055.003
 2022-11-21 13:41:23 -07:00
Atomic Red Team doc generator 9837b4fcd1 Generated docs from job=generate-docs branch=master [ci skip] 2022-11-21 14:43:35 +00:00
0xv1n ee62e616b9 T1482 additional techniques (#2236) 
* Updated T1482.md

Additional trust enumeration techniques.

* Update T1482.yaml

Additional trust enumeration techniques.

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2022-11-21 07:42:51 -07:00
Atomic Red Team doc generator 6a621382ba Generated docs from job=generate-docs branch=master [ci skip] 2022-11-18 16:23:19 +00:00