e3b1ecdae4
Fixed missing dependency (msxsl.exe) ( #1642 )
...
Added missing dependency (msxsl.exe)
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2021-10-07 20:02:28 -06:00
e5de126fd6
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-10-08 01:58:39 +00:00
311de56693
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-10-08 01:58:34 +00:00
dc251e8ee5
RDP on Non Standdard Port ( #1643 )
...
Co-authored-by: Priya <dpriya@NTI.local >
2021-10-07 19:58:04 -06:00
57bf589ab7
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-10-01 14:37:22 +00:00
fed35e3c21
T1003.003 wmic atomic bugfix ( #1638 )
...
* Add missing trailing backslash causing the wmic command to fail with the default drive_letter string
* Fix typos
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2021-10-01 08:36:46 -06:00
69c0e80bce
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-10-01 14:33:29 +00:00
68dd3dbf48
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-10-01 14:33:24 +00:00
6d358b996c
Updated T1548.002.yaml file ( #1636 )
...
* Update T1548.002.yaml
Added (11) tests from UACMe project
* Update T1548.002.yaml
Added permalink for .zip file and changed descriptions
* Update T1548.002.yaml
* removed nonworking methods 37,58,65
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2021-10-01 08:33:02 -06:00
114fe09474
Bump nokogiri from 1.11.4 to 1.12.5 ( #1634 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.11.4 to 1.12.5.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.11.4...v1.12.5 )
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-29 09:50:08 -06:00
ae39dcfe39
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-23 21:43:13 +00:00
a612eaebb9
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-23 21:43:08 +00:00
16bd391f53
Wevtutil Event log Disable ( #1633 )
...
* wevtutil sets the log and then disables it
* update input arg desc
Co-authored-by: Riley <lriley@NTI.local >
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2021-09-23 15:42:33 -06:00
29fe641593
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-23 21:25:46 +00:00
c2d50e980f
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-23 21:25:41 +00:00
32c8874944
Dns exfiltrator ( #1631 )
...
* DNSExfiltrator
* DNSExfiltrator DoH
* updated input arg descriptions
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2021-09-23 15:25:08 -06:00
3c80fa064e
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-20 18:48:06 +00:00
b8ba7470ca
Update T1056.001.yaml ( #1632 )
...
Why executor name is command prompt ? It should be 'sh' for linux platforms right ?
2021-09-20 12:47:43 -06:00
a0edb02b80
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-15 16:50:17 +00:00
ad77c4245c
update description, correct link ( #1630 )
...
* update description, correct link
* Update T1082.yaml
updated a word
Co-authored-by: Michael Haag <5632822+MHaggis@users.noreply.github.com >
2021-09-15 10:49:48 -06:00
2d3f3c6ba4
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-15 14:13:57 +00:00
e695715b47
using github permanent URL ( #1628 )
2021-09-15 08:13:16 -06:00
e0b6ebd6c7
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-15 14:07:26 +00:00
fd9667ae0c
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-15 14:07:20 +00:00
f891465d8d
Add PowerUp Invoke-AllChecks ( #1629 )
2021-09-15 08:06:46 -06:00
2a6a82f945
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-15 02:11:02 +00:00
358124ee2d
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-15 02:10:57 +00:00
ef9870b4a0
T1555.003_Update ( #1626 )
...
* T1555.003_Update
* Update T1555.003.yaml
Made the recommend changes
* description update
Co-authored-by: Toua Lor <tlor@nti.local >
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2021-09-14 20:10:23 -06:00
1173a5f1f3
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-15 01:29:34 +00:00
f7404e80e8
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-15 01:29:29 +00:00
f2201c7d4d
Update T1069.001.yaml ( #1627 )
2021-09-14 19:29:06 -06:00
12ca65b029
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-10 15:56:41 +00:00
f6849b45b8
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-10 15:56:35 +00:00
c8aebb9a41
Add SharpHound LocalAdmin attack ( #1625 )
2021-09-10 09:56:00 -06:00
895016b6bd
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-10 15:47:32 +00:00
76420cb24e
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-10 15:47:27 +00:00
adb2b53f0f
T1187: PetitPotam coerce authentication attack ( #1620 )
...
* Add PetitPotam coerce authentication attack
* Change executable URL to a permalink
* Fix cleaning
Co-authored-by: Clément Notin <cnotin@tenable.com >
2021-09-10 09:47:00 -06:00
a7e6de503a
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-09 21:10:42 +00:00
d5c9c01e4f
Update T1047.yaml ( #1624 )
2021-09-09 15:10:08 -06:00
b66dfc7001
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-09 20:59:14 +00:00
acd77c68cb
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-09 20:59:10 +00:00
167fb3c2f6
T1047_update ( #1623 )
...
* T1047_update
* T1047_update
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2021-09-09 14:58:43 -06:00
217dc47106
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-09 18:05:56 +00:00
1605c05954
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-09 18:05:50 +00:00
fbbdd008ac
Add test Windows - Disable the SR scheduled task ( #1622 )
...
Use schtasks.exe to disable the System Restore (SR) scheduled task
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2021-09-09 12:05:16 -06:00
ba0b1a3c35
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-09 18:02:46 +00:00
356a8bbe88
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-09 18:02:40 +00:00
6d46517d6f
T1105 add test download with imewdbld ( #1621 )
...
* Add test "Download a file with IMEWDBLD.exe"
IMEWDBLD.exe can be used to download files from third party websites. This will throw an error for an invalid dictionary but the file will still be downloaded.
Commands to execute this activity and cleanup commands added.
Cleanup commands call on cmd.exe because PowerShell by default would not remove those files.
Disclosed by https://twitter.com/notwhickey
https://twitter.com/notwhickey/status/136749340683504026
* Update T1105.yaml
fixed typo test 17
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2021-09-09 12:02:26 -06:00
4114a92cfa
Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-08 16:17:12 +00:00
095df1c717
Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci]
2021-09-08 16:17:08 +00:00
JoustingZebra