security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
121 Commits 47 Branches 0 Tags
fbce4cfb2da24993827532bcb554dc2de774ada6
Commit Graph

121 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Haag fbce4cfb2d Merge pull request #42 from redcanaryco/Protoss-Dev 
Context For Shims
 2017-12-06 14:41:33 -08:00
caseysmithrc 67613f4a44 Context For Shims 2017-12-06 15:40:21 -07:00
caseysmithrc 4326601868 Merge pull request #41 from redcanaryco/Argonaut 
Argonaut Chain Reaction + Updates to windows.md
 2017-12-06 15:27:35 -07:00
Michael Haag 5449cc27f0 Argonaut 
Argonaut was built with the idea of assisting organizations with identifying the use of Invoke-WebRequest aliases - Wget and Curl. Within your detection tools, how does it look? Do you have detection for Wget and curl on Windows?
 2017-12-06 14:22:21 -08:00
Michael Haag cf124cd5d4 Merge pull request #40 from redcanaryco/Protoss-Dev 
Protoss dev
 2017-12-06 14:13:47 -08:00
caseysmithrc 809e2cb4b8 Fix Typo 2017-12-06 15:12:35 -07:00
caseysmithrc 7bec20d991 App Compat ReadMe 2017-12-06 15:11:56 -07:00
Michael Haag b93b2b1978 Merge pull request #39 from redcanaryco/Protoss-Dev 
Fix Instructions
 2017-12-06 14:07:21 -08:00
caseysmithrc 44611b8f3b Fix Instructions 2017-12-06 15:05:18 -07:00
Michael Haag 5971f8d1ce Merge pull request #38 from redcanaryco/Protoss-Dev 
Shim Test Files. Confirmed operational on Win8 and Win10
 2017-12-06 14:04:42 -08:00
caseysmithrc 14f2a68a96 Shim Test Files 2017-12-06 14:52:06 -07:00
caseysmithrc 8cba9e39ec Update DragonsTail.vba 2017-12-06 14:01:43 -07:00
Michael Haag 53694dc7d4 Windows ReadMe Fixes 
+ Updated all Discovery files in previous PR.
+ Fixed Windows.md to match new files. All good now
 2017-12-01 15:06:10 -08:00
caseysmithrc 892fd74539 Merge pull request #37 from redcanaryco/Protoss-Dev 
Fix Casing
 2017-12-01 13:05:31 -07:00
caseysmithrc b8cd61afb4 Fix Casing 2017-12-01 13:04:29 -07:00
Michael Haag 847159d808 Merge pull request #36 from redcanaryco/Protoss-Dev 
Updated All the Things + Binaries and Tests Cyclotron
 2017-11-30 09:00:48 -07:00
caseysmithrc 1804b97780 Updated All the Things 2017-11-30 08:54:10 -07:00
Michael Haag f47d9be70a Merge pull request #35 from redcanaryco/Protoss-Dev 
Updated AllTheThings
 2017-11-30 08:36:08 -07:00
caseysmithrc e4e892da8b Updated All The Things 2017-11-30 06:25:37 -07:00
caseysmithrc 5375477446 Updated AllTheThings Example 2017-11-30 06:08:27 -07:00
Michael Haag b54dad8890 Merge pull request #33 from redcanaryco/Protoss-Dev 
Fix Dragon's Tail References
 2017-11-29 11:38:17 -07:00
caseysmithrc b4deda9aae Fix Dragon's Tali References 2017-11-29 11:36:40 -07:00
Michael Haag 0685e5ab8c Merge pull request #32 from redcanaryco/Protoss-Dev 
Fix Dragon's Tail .bat
 2017-11-29 11:23:17 -07:00
caseysmithrc 2da4ce1e9b Fix Dragon's Tail .bat 2017-11-29 11:21:48 -07:00
Michael Haag ebedfe3192 Merge pull request #31 from redcanaryco/Protoss-Dev 
Update Dragon's Tail
 2017-11-29 10:23:54 -07:00
caseysmithrc ab69bd75a6 Update Draon's Tail 2017-11-29 10:11:47 -07:00
caseysmithrc 58426cd424 Merge pull request #29 from redcanaryco/dev-mh 
Updated Formatting + System Service Discovery
 2017-11-27 13:09:31 -07:00
caseysmithrc 37de135220 Merge pull request #30 from ForensicITGuy/master 
Commit Create Account for Linux
 2017-11-27 13:09:19 -07:00
Michael Haag 874b3cd787 Update README.md 2017-11-22 06:55:57 -08:00
Tony M Lambert cd3ee13d8e Commit Create Account for Linux 2017-11-21 19:13:54 -05:00
Michael Haag f6bfcd4e52 Discovery.bat - add 
Added sc.exe query line
 2017-11-21 12:17:55 -08:00
Michael Haag c121d1539b Format Updates + System Service Discovery 
+ Updated format to Discovery md files
+ Added System Service Discovery
 2017-11-21 12:16:00 -08:00
caseysmithrc d851a275a6 Merge pull request #28 from redcanaryco/ChainReactions 
Account Manipulation + Chain Reactions Names
 2017-11-20 12:38:37 -07:00
Michael Haag bf35e2895e Update README.md 2017-11-20 11:37:27 -08:00
Michael Haag 8f42ea3fc4 Account Manipulation + Chain Reactions Names 
Changed CR names
+ Fixed .md for Account manipulation
 2017-11-20 11:34:34 -08:00
caseysmithrc 06b1cba1f6 Merge pull request #27 from unbaiat/patch-1 
Account Manipulation
 2017-11-20 12:28:44 -07:00
Michael Haag 253282bceb Format and edits 
Modified the format and cleaned it up.
 2017-11-20 11:27:50 -08:00
unbaiat 74c1c52bdb Create Account Manipulation 2017-11-20 20:18:03 +02:00
caseysmithrc c3d870f399 Update AtomicService.cs 2017-11-19 07:54:51 -07:00
caseysmithrc f84a365a73 Update AtomicService.cs 2017-11-19 07:53:03 -07:00
caseysmithrc d8a38ca5c4 Update Service_Installation.md 2017-11-19 07:51:59 -07:00
Brian Beyer 3263027699 Merge pull request #26 from redcanaryco/Nucleus 
Service Binary Code
 2017-11-19 07:47:01 -07:00
caseysmithrc df59f2be24 Service Binary Code 2017-11-19 07:42:50 -07:00
caseysmithrc 543cae5b60 Merge pull request #25 from redcanaryco/DragonsTail 
Dragon's Tail - Publication
 2017-11-17 15:55:31 -07:00
Michael Haag dae8dcabe5 Dragon's Tail - Publication 
- Removed APT32 name scheme
+ Refactored with ART Naming Scheme
 2017-11-17 14:45:22 -08:00
Michael Haag e5a2be4a6d Merge pull request #24 from 2xyo/newService 
Add T1050: Windows - Persistence - Service Installation
 2017-11-16 14:59:03 -08:00
Yohann Lepage 2e675d73f8 Add T1050: Windows - Persistence - Service Installation 2017-11-16 23:27:14 +01:00
caseysmithrc 0eb05ace09 Merge pull request #23 from redcanaryco/dev-mh 
Input Capture - Payload Reference fix
 2017-11-15 16:13:08 -07:00
Michael Haag 18fa8c1218 Input Capture - Payload Reference fix 
Per https://github.com/redcanaryco/atomic-red-team/issues/22, fixing payload link location.
 2017-11-15 15:10:16 -08:00
Michael Haag fd832ae264 Merge pull request #21 from redcanaryco/atomic-dev-cs 
Atomic dev cs
 2017-11-15 14:03:09 -07:00