f7efbc9d6a
new atomics ( #1098 )
...
Co-authored-by: Patrick Bareiss <pbareib@splunk.com >
2020-06-30 08:34:07 -06:00
2435846063
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-29 22:46:36 +00:00
d7f38267d5
T1055: tech 1, launch visible notepad ( #1035 )
...
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-29 16:46:15 -06:00
9a145066e8
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-29 22:44:19 +00:00
e1d1141689
T1197: reorder and fix bitsadmin commands ( #1048 )
...
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-29 16:43:29 -06:00
191a28d946
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-29 22:39:07 +00:00
da5324fd74
Update T1562.004.yaml ( #1096 )
...
fixed typo, reference
2020-06-29 16:38:32 -06:00
7362a8c427
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-29 22:20:08 +00:00
529631d8b0
added test for opening ports on firewall for proxy - T1562.004 ( #1094 )
...
* added test for opening ports on firewall for proxy
* remove extra blank lines and fix typo
Co-authored-by: san-gwea <sheartlet01@gmail.com >
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-29 16:19:47 -06:00
a9be66581c
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-29 22:15:08 +00:00
2eac9311b4
Update T1059.002.yaml ( #1095 )
2020-06-29 16:14:29 -06:00
2f760a3ff0
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-26 19:14:22 +00:00
f96c775c4d
Merge pull request #1083 from clr2of8/password-spray
...
Add Password spray atomic to T1110.003
2020-06-26 15:13:48 -04:00
43fed8bcc1
Merge branch 'master' into password-spray
2020-06-26 15:11:13 -04:00
01f44d4333
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-26 19:00:18 +00:00
bdb98ff77b
T1053.005: in remote schtasks, we need username and password for authentication ( #1093 )
...
/RU and /RP are credentials for "runas" when running the task, not for remote auth when creating it
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-26 12:59:54 -06:00
3066499851
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-26 18:54:43 +00:00
968a3122ac
Pre Requisites added for T1069.002 ( #1090 )
...
* Fixed execution issue and added cleanup command
* Cleanup command added
* Added cleanup command
* CheckPreReqs added
* GetPreReqs added
* Minor bug fix
* Update T1069.002.yaml
* Description change
* Dependencies change.
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-26 12:53:35 -06:00
ee6524f61a
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-26 18:22:49 +00:00
e0d9f79ea8
T1003.003: create empty folder for ntdsutil output and add cleanup command ( #1089 )
2020-06-26 12:21:54 -06:00
ec1db8da75
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-26 15:32:22 +00:00
099419c84a
T1551: minor typo ( #1084 )
...
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-26 09:31:52 -06:00
8e9ee4c4cd
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-26 15:30:26 +00:00
446b6f49bf
T1571: minor typo ( #1085 )
...
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-26 09:29:48 -06:00
4c8eec4017
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-26 15:28:29 +00:00
468f5839b2
Update T1219.yaml ( #1086 )
...
Updated Commands and Cleanup Commands for all T1219 atomics
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-26 09:27:44 -06:00
9cdb1bd100
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-26 15:26:33 +00:00
dbf6e1af6e
T1546.008: re-add cleanup command lost during transition to subtechnique ( #1087 )
...
And improve it
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-26 09:26:01 -06:00
53f879ea8e
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-26 15:23:36 +00:00
630ac611db
T1482: hide error in check prereq command ( #1088 )
2020-06-26 09:23:06 -06:00
cc80af8eda
typo fix
2020-06-25 20:30:46 -06:00
608337f3e8
link to blog
2020-06-25 20:20:57 -06:00
7e13ef98af
link to blog
2020-06-25 20:20:28 -06:00
6894cf41ec
remove second echo
2020-06-25 20:17:21 -06:00
f4fa336bf7
parse users script
2020-06-25 20:12:44 -06:00
f5c6f9076c
fix typo
2020-06-25 19:40:38 -06:00
eedfdee5ff
print status .
2020-06-25 19:39:14 -06:00
3466f287d2
print status .
2020-06-25 19:38:37 -06:00
e4c0db9a20
print status .
2020-06-25 19:29:47 -06:00
a084ff4ae6
some cleanup
2020-06-25 19:27:02 -06:00
86549295ad
password as input arg
2020-06-25 17:42:05 -06:00
d4a0d3fed1
fix password variable
2020-06-25 17:16:53 -06:00
96bf275a88
adding password spray atomic
2020-06-25 17:03:07 -06:00
2235ae41d2
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-25 21:48:15 +00:00
75bf6ed382
T1569.002: fix psexec prereq install ( #1043 )
...
Create folder for psexec_exe
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-25 15:47:00 -06:00
75ba087820
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-25 21:43:43 +00:00
b52d11fd82
T1482: add PowerView dependency & RSAT notes ( #1041 )
...
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-25 15:43:24 -06:00
69f71316ef
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-25 21:27:30 +00:00
2960308f22
T1562.004: add Microsoft Defender Firewall tests ( #1073 )
...
- Disable Microsoft Defender Firewall
- Allow SMB and RDP on Microsoft Defender Firewall
Fixes #1044
Co-authored-by: Carrie Roberts <clr2of8@gmail.com >
2020-06-25 15:26:55 -06:00
ded0f5bc53
Generate docs from job=validate_atomics_generate_docs branch=master
2020-06-25 20:36:36 +00:00
P4T12ICK