security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,829 Commits 47 Branches 0 Tags
bd2d2ae1edbbed4fa5906ae37acdc9547232b791
Commit Graph

3761 Commits

Author SHA1 Message Date
tccontre bd2d2ae1ed Update T1562.001.yaml 2023-02-16 11:09:44 +01:00
Atomic Red Team doc generator b3bbf28256 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-15 20:20:24 +00:00
Atomic Red Team GUID generator 5847dca08c Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-15 20:20:07 +00:00
Bhavin Patel 28934201ad new atomic post testing (#2307) 
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2023-02-15 13:19:34 -07:00
Atomic Red Team doc generator 8da17a40cc Generated docs from job=generate-docs branch=master [ci skip] 2023-02-14 18:33:21 +00:00
Josh Rickard c690a13984 fix: Updating format of 2 yaml defintions for new schema (#2330) 
* fix: Updating format of 2 yaml defintions for new schema

* fix: Updating T1048

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
 2023-02-14 11:32:38 -07:00
Atomic Red Team doc generator 89a2c90aae Generated docs from job=generate-docs branch=master [ci skip] 2023-02-14 16:16:58 +00:00
Carrie Roberts d56cc45551 doesn't exfil data as written (#2329) 2023-02-14 09:15:58 -07:00
Atomic Red Team doc generator 16594d72c5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 23:11:19 +00:00
Josh Rickard a5dd0813cd fix: Updating atomics YAML file structure to align with the new JSON schema definition (#2323) 
* fix: Updating atomics YAML file structure to align with the new JSON schema definition.

This also fixes some white space issues and general line formatting across all impacted atomics.

* fix: One additional change needed

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 16:10:37 -07:00
Atomic Red Team doc generator e2e66117b8 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 22:53:46 +00:00
Biological Robot f50d13881d T1546.004_II (#2324) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-13 15:53:06 -07:00
Atomic Red Team doc generator 7168ecda1e Generated docs from job=generate-docs branch=master [ci skip] 2023-02-13 22:50:58 +00:00
Atomic Red Team GUID generator 4cc2099338 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-13 22:50:40 +00:00
Michael Haag ee8b35e90a Update T1552.004.yaml (#2327) 2023-02-13 15:49:26 -07:00
Atomic Red Team doc generator 18767571a5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-10 19:15:02 +00:00
Atomic Red Team GUID generator 08c23c0d81 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-10 19:14:46 +00:00
Jose Enrique Hernandez b20b72a9a8 Merge branch 'master' into T1546.004 2023-02-10 14:03:06 -05:00
Atomic Red Team doc generator 78b49d87d2 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-09 16:13:03 +00:00
Atomic Red Team GUID generator 836b81b127 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-09 16:12:48 +00:00
Josh Rickard 42527f4bdf Merge branch 'master' into T1048.003_http.server 2023-02-09 10:11:27 -06:00
Atomic Red Team doc generator 9d9a7cc251 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-09 16:08:02 +00:00
Atomic Red Team GUID generator 1b886699f1 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-09 16:07:43 +00:00
Josh Rickard efaae59060 Merge branch 'master' into T1059.004_four_tests 2023-02-09 10:05:53 -06:00
Atomic Red Team doc generator 7d7049f64a Generated docs from job=generate-docs branch=master [ci skip] 2023-02-08 01:33:36 +00:00
Atomic Red Team GUID generator 291fef80f6 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-08 01:33:20 +00:00
Bhavin Patel 07bf46163d Merge branch 'master' into T1552-007-all-secrets 2023-02-07 17:27:08 -08:00
Biological Robot f11240fd8d Update T1059.004.yaml 2023-02-07 10:10:37 +00:00
Biological Robot 0279620882 Merge branch 'redcanaryco:master' into T1546.004 2023-02-07 10:07:58 +00:00
Biological Robot 37e7469b3a Merge branch 'master' into T1059.004_four_tests 2023-02-07 10:06:34 +00:00
Atomic Red Team doc generator 5fc044b874 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-06 22:16:07 +00:00
Josh Rickard 6dab7992a0 fix: fix: Adding missing index files (#2320) 
Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
 2023-02-06 15:15:23 -07:00
Josh Rickard 1fe727afc4 fix: Removing index files with colons (#2319) 
Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
 2023-02-06 15:07:17 -07:00
Atomic Red Team doc generator a7e555c092 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-06 20:20:38 +00:00
Atomic Red Team doc generator d61000ff30 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-06 13:25:25 +00:00
Atomic Red Team GUID generator 0db5a0261a Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-06 13:25:17 +00:00
biot-2131 44f5d3ce23 T1546.004 2023-02-04 13:59:36 +00:00
Michael Haag c0bba5e5ec Update T1552.004.yaml 2023-02-04 06:36:46 -07:00
Michael Haag 599e147cfd ExportPFX 2023-02-04 05:55:40 -07:00
Atomic Red Team doc generator cd3690b100 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-31 14:48:55 +00:00
Atomic Red Team GUID generator b12b28bf52 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-01-31 14:48:49 +00:00
Leo Verlod 1896e182c5 Adding T1112 Mimic Ransomware Registry Modification Tests (#2306) 
Adding T1112 tests 45 and 46 to emulate Mimic ransomware's ability to modify the registry in order to enable multiple user sessions locally, as well as allow multiple RDP sessions per user. 

Reference: https://www.trendmicro.com/en_us/research/23/a/new-mimic-ransomware-abuses-everything-apis-for-its-encryption-p.html

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-01-31 09:48:20 -05:00
Atomic Red Team doc generator 70b897d8d8 Generated docs from job=generate-docs branch=master [ci skip] 2023-01-31 14:45:49 +00:00
Atomic Red Team GUID generator 8efb2a9443 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-01-31 14:45:42 +00:00
Leo Verlod fed5ad2204 Adding T1562.004 Test 18 - Blackbit - Disable Windows Firewall using netsh firewall (#2305) 
* Adding T1562.004 Test 18 - Blackbit - Disable Windows Firewall using netsh firewall

Adding T1562.004 Test 18 - Blackbit - Disable Windows Firewall using netsh firewall. Within BlackBit ransomware, one of the commands ran is "netsh firewall set opmode mode=disable". While "netsh firewall" has been deprecated and replaced with "netsh advfirewall", the old command still does work, leading to a vector that adversaries can use for firewall disablement.

* Adding error handling to cleanup
 2023-01-31 09:45:07 -05:00
yogisec 45964ab763 echo for prereq 2023-01-29 07:21:21 -06:00
yogisec 5173af83ae add missing | 2023-01-29 07:19:22 -06:00
yogisec 2f1cbadead adding get prereq command 2023-01-29 07:17:55 -06:00
yogisec 37e1fd7c4d initial 2023-01-29 06:49:35 -06:00
Biological Robot eed9c5b08d Merge branch 'master' into T1059.004_four_tests 2023-01-28 17:19:31 +00:00