security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,945 Commits 47 Branches 0 Tags
c0b144a44a4845a64e2c7eb564cd65a6bbd03371
Commit Graph

4945 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gavin Knapp c0b144a44a Update T1136.003.yaml 
removed auto_generated_guid field that was failing checks
 2023-03-11 13:40:18 +00:00
Gavin Knapp 434a54490d Update T1136.003.yaml 
fixed a couple of typos and removed a blank line
 2023-03-11 07:51:42 +00:00
Gavin Knapp cd12370a63 Update T1136.003.yaml 2023-03-10 21:49:39 +00:00
Gavin Knapp 937c62b9be Update T1136.003.yaml 2023-03-10 21:28:09 +00:00
Gavin Knapp 13c3f8361f Update T1136.003.yaml 
Added the same technique but via the azure cli with an automated login atomic which then creates  anew user via the Azure CLI
 2023-03-10 21:27:27 +00:00
Atomic Red Team doc generator b65e562290 Generated docs from job=generate-docs branch=master [ci skip] 2023-03-09 22:42:27 +00:00
Atomic Red Team GUID generator aaf3fd5992 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-03-09 22:42:12 +00:00
Bhavin Patel 8b7ba2fab9 Merge pull request #2352 from m4nbat/gk-atomic-red-team-T1136.003-UPDATE 
GK atomic red team t1136.003 update
 2023-03-09 14:41:47 -08:00
Bhavin Patel 6a4d1571f3 remove guid key 2023-03-09 14:39:07 -08:00
Bhavin Patel 9e0e9ebae4 Merge branch 'master' into gk-atomic-red-team-T1136.003-UPDATE 2023-03-09 14:37:57 -08:00
Atomic Red Team doc generator f982fdda71 Generated docs from job=generate-docs branch=master [ci skip] 2023-03-09 16:50:59 +00:00
Zeta 8863da1c40 T1112: fix typo (#2357) 
fix typo
 2023-03-09 09:49:28 -07:00
Gavin Knapp 83a170407a Merge branch 'redcanaryco:master' into gk-atomic-red-team-T1136.003-UPDATE 2023-03-04 15:30:26 +00:00
Atomic Red Team doc generator f296668303 Generated docs from job=generate-docs branch=master [ci skip] 2023-03-02 15:30:01 +00:00
Jose Enrique Hernandez ccfababf58 T1140 bash base64 decode (#2353) 
* added a new test for base64 encoded shebang shells

* updated description

---------

Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com>
 2023-03-02 08:29:17 -07:00
m4nbat c1079b58f6 Merge branch 'redcanaryco:master' into gk-atomic-red-team-T1136.003-UPDATE 2023-03-02 14:40:19 +00:00
m4nbat 16c9bcfc07 Update T1136.003.yaml 
Changed the way I did the test after some additional testing and playing around.
 2023-03-02 14:39:37 +00:00
Atomic Red Team doc generator 2f53466792 Generated docs from job=generate-docs branch=master [ci skip] 2023-03-01 22:06:40 +00:00
Atomic Red Team GUID generator 20fc4c5d66 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-03-01 22:06:24 +00:00
Jose Enrique Hernandez 63dc1ce0f1 added a new test for base64 encoded shebang shells (#2351) 2023-03-01 15:05:51 -07:00
Atomic Red Team doc generator ba2dd8d1cd Generated docs from job=generate-docs branch=master [ci skip] 2023-02-28 21:24:39 +00:00
Atomic Red Team GUID generator c966568506 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-28 21:24:22 +00:00
Bhavin Patel b1bc38cd46 Merge pull request #2314 from 0xv1n/cloud-discovery 
Begin T1580 Coverage - AWS
 2023-02-28 13:23:55 -08:00
Bhavin Patel 052ae5d5ed Merge branch 'master' into cloud-discovery 2023-02-28 13:23:09 -08:00
m4nbat f756a442c3 Update T1136.003.yaml 
Updated T1136.003 Create Account: Cloud Account and added a new atomic test for a user being created in azure
 2023-02-28 18:57:28 +00:00
0xv1n 1a12e7dc3e Update T1580.yaml 2023-02-27 14:25:02 -05:00
0xv1n 266a3f4321 typo 2023-02-27 13:32:47 -05:00
Atomic Red Team doc generator e56e34fac4 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-27 18:25:15 +00:00
Atomic Red Team GUID generator b56af9f7d8 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-27 18:24:56 +00:00
Brandon Tirado 26b5e537c8 Update T1087.002.yaml (#2349) 
* Update T1087.002.yaml

Added Wevtutil - Discover NTLM Users Remote

* added link to more info

* Update T1087.002.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-27 11:24:14 -07:00
Atomic Red Team doc generator 6d416704c9 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-27 18:15:32 +00:00
Atomic Red Team GUID generator 98f05c9777 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-27 18:15:15 +00:00
CyberBilly7 0d5091f06b Adding Data Encrypted with GPG4Win (#2342) 
* Adding Data Encrypted with GPG4Win

Adding Data Encrypted with GPG4Win

* Update T1560.001.yaml

Moving to T1486

* Adding GPGwin to T1486 

Adding GPGwin to T1486 per moderator request.

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-27 11:14:46 -07:00
0xv1n 39be578f27 updating T1580 2023-02-27 12:51:02 -05:00
Atomic Red Team doc generator e75f2159c5 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-24 20:41:02 +00:00
Paul 51e8522daa Merge pull request #2348 from redcanaryco/sccreate 
Update T1543.003.yaml - service type and startup type add
 2023-02-24 12:40:03 -08:00
Michael Haag 81f44c8c00 Update T1543.003.yaml 2023-02-24 13:29:47 -07:00
Atomic Red Team doc generator 8ec0ff54c6 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-24 04:33:12 +00:00
Atomic Red Team GUID generator 9ec5c8bcaf Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-24 04:32:51 +00:00
John Chamblee 19f1ee8e97 Added T1112 Event Viewer persistence (#2346) 
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
 2023-02-23 21:32:18 -07:00
Atomic Red Team doc generator 251cd8640a Generated docs from job=generate-docs branch=master [ci skip] 2023-02-24 04:09:52 +00:00
Hare Sudhan 65de3e765a removing duplicate test (#2347) 2023-02-23 21:09:06 -07:00
Atomic Red Team doc generator 7b652dddfe Generated docs from job=generate-docs branch=master [ci skip] 2023-02-23 21:15:30 +00:00
Bhavin Patel a3f7018432 Merge pull request #2341 from cnotin/pr-improve-aad-add-app-permission 
Improvements to "Azure AD - adding permission to application"
 2023-02-23 13:14:37 -08:00
Clément Notin c14d680bce Improvements to "Azure AD - adding permission to application" 
- Make it clearer that this test will create an app, instead of using an existing one
- If the user ignored this, a second app with the same name as the one they wanted to use will be created. So when using the -Cleanup feature it cannot know which one to delete. Shows a warning then (instead of crashing)
- Some minor English fixes
 2023-02-23 18:39:40 +01:00
Atomic Red Team doc generator 32ff3497db Generated docs from job=generate-docs branch=master [ci skip] 2023-02-23 17:16:43 +00:00
Bhavin Patel e3fdba327a Merge pull request #2340 from cnotin/pr-use-aad-filter 
Use -Filter instead of Where-Object to improve perf and avoid missed items
 2023-02-23 09:16:00 -08:00
Bhavin Patel c3edd4c1ca Merge branch 'master' into pr-use-aad-filter 2023-02-23 09:08:56 -08:00
Atomic Red Team doc generator 73fcfa1d48 Generated docs from job=generate-docs branch=master [ci skip] 2023-02-23 03:20:24 +00:00
Atomic Red Team GUID generator 2b6c054fa2 Generate GUIDs from job=generate-docs branch=master [skip ci] 2023-02-23 03:20:06 +00:00