security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
602 Commits 47 Branches 0 Tags
fc495c1192fda69bd1ed33a13d7590ef055eee09
Commit Graph

602 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tony M Lambert 8346a7a1f5 Added tests for disable of firewall, syslog, Cb daemon, SELinux 2018-03-09 22:25:46 -06:00
Tony M Lambert 4f65330559 Added Remote File Copy tests on Linux and relevant README 2018-03-09 21:54:34 -06:00
Tony M Lambert 80a9487da3 Added test for timestomping on Linux with relevant README changes. 2018-03-09 19:51:46 -06:00
Michael Haag a023d346cb Contributions 
How to contrib
 2018-03-09 12:19:07 -06:00
caseysmithrc 82c57914fd Merge pull request #100 from ForensicITGuy/master 
Added Hidden Files and Directories checks for Linux
 2018-03-08 22:57:25 -07:00
Tony M Lambert 8b8d6059ee Added Hidden Files and Directories checks for Linux 2018-03-08 23:52:30 -06:00
caseysmithrc 4874dbc78c Merge pull request #99 from redcanaryco/03082018 
Technique Adds
 2018-03-08 13:31:55 -07:00
Michael Haag 27cb5a75c6 Fix 
updated
 2018-03-08 14:28:13 -06:00
Michael Haag 8ba1dc8a19 Technique Adds 
Private Keys
- Find them

DDE
- Reference: https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/

Data Staged
 2018-03-08 14:26:18 -06:00
Michael Haag a6134b19c0 Techniques and Readme 
Technique: Hidden Files and Directories

Technique: Logon Scripts
- Source: https://github.com/NextronSystems/APTSimulator/blob/1c9048e834f0adabd18c8871d587fda42315575b/test-sets/persistence/userinit-mpr-logonscript.bat

Readme updates
 2018-03-08 08:11:24 -06:00
Michael Haag 5078248ca1 Merge pull request #95 from TacoRocket/master 
Added Screen Capture from Keylogger to Collection
 2018-03-06 09:20:01 -06:00
caseysmithrc c3377e74d6 Merge pull request #86 from ahogue-atlassian/master 
Add Custom C2 Protocol - Bitbucket Snippets
 2018-03-06 07:45:05 -07:00
Michael Haag e6622d0021 Updated title 2018-03-06 08:43:51 -06:00
ahogue-atlassian 3aa4c528d9 Merge branch 'master' into master 2018-03-06 09:05:52 +11:00
Colby Farley fd1e413566 Adds a method to detect when extended attributes are used to hide files and folders. 2018-03-01 16:11:28 -06:00
caseysmithrc 41801d14ed Merge pull request #98 from clong/persistence_rc.common 
Adding Mac rc.common persistence
 2018-03-01 07:48:59 -07:00
Chris Long 96ce9fbbbf Adding Mac rc.common persistence 2018-03-01 00:57:54 -08:00
caseysmithrc 05a16f250d Merge pull request #97 from JeremyNGalloway/master 
created Credential_Access/Credentials_in_Files.md w/o stored payload
 2018-02-28 16:52:24 -07:00
JeremyNGalloway 75145a2766 updated readme with link to Credential_Access/Credentials_in_Files.md 2018-02-28 16:44:33 -06:00
JeremyNGalloway 21cdce9777 initial upload 2018-02-28 16:43:07 -06:00
Colby Farley a7ee6830f7 Removed PowerShell payload 2018-02-28 11:32:07 -06:00
Colby Farley dea84864fa Added screen capture discovery for Mac 2018-02-28 11:30:41 -06:00
caseysmithrc ed1dd3cea0 Merge pull request #93 from JeremyNGalloway/master 
added a Linux Defense Evasion entry for Rootkits
 2018-02-27 13:21:49 -07:00
Colby Farley ac4762e283 Changed filename and fixed remaining markdown issue 2018-02-27 12:30:32 -06:00
Colby Farley 28ac11f0a1 Should fix Markdown issue 2018-02-27 12:26:54 -06:00
Colby Farley 18a1a5521c Added a method to download and install PowerShell on Mac 2018-02-27 12:23:53 -06:00
JeremyNGalloway 7ff3fb1ee1 Update README.md 2018-02-27 11:14:56 -06:00
JeremyNGalloway 56ed971cdd Update README.md 2018-02-27 11:14:29 -06:00
JeremyNGalloway ee8b642728 updated README with links to Rootkits 2018-02-27 11:13:15 -06:00
JeremyNGalloway 08de1f2ead Initial upload 2018-02-27 11:07:04 -06:00
Alexander Hogue 4353a6719e Merge branch 'master' of github.com:ahogue-atlassian/atomic-red-team 2018-02-27 14:26:46 +11:00
Alexander Hogue 1cdbdc51bf Move scripts to Payloads directory 2018-02-27 14:24:06 +11:00
Alexander Hogue 8613767ee0 Merge branch 'master' of github.com:redcanaryco/atomic-red-team 2018-02-27 14:17:30 +11:00
ahogue-atlassian fb99ca3f6f Merge branch 'master' into master 2018-02-27 14:04:13 +11:00
caseysmithrc d58a87f670 Merge pull request #91 from danbourke/browser_extension 
Browser extension
 2018-02-26 08:23:51 -07:00
caseysmithrc c3d8a53edf Merge pull request #90 from infosecn1nja/patch-6 
Update README.md
 2018-02-26 08:20:56 -07:00
caseysmithrc dc61cbb18e Merge pull request #89 from infosecn1nja/patch-5 
Create Disabling_Security_Tools.md
 2018-02-26 08:20:14 -07:00
Dan Bourke 3e4ba89cf4 adding actually published extension details 2018-02-26 16:26:56 +11:00
Dan Bourke 24412945ce add instructions for Firefox 2018-02-26 15:16:12 +11:00
Dan Bourke 5dc3e36666 typo in README.md 2018-02-26 13:16:16 +11:00
Dan Bourke f5c852b834 add windows browser extension docs and payload 2018-02-26 13:14:07 +11:00
Dan Bourke e4b8cdb9c2 add linux browser extension docs and payload 2018-02-26 13:13:39 +11:00
Dan Bourke e52c8a8980 finishing mac bits 2018-02-26 13:08:47 +11:00
Dan Bourke e99ab35460 can't markdown 2018-02-26 12:55:34 +11:00
Dan Bourke d203930a36 can't markdown 2018-02-26 12:54:52 +11:00
Dan Bourke d9f9154cdf Merge branch 'browser_extension' of github.com:danbourke/atomic-red-team into browser_extension 2018-02-26 12:53:09 +11:00
Dan Bourke 9d247c281d add a 'minimum viable malicious extension' payload + collection notes for Mac 2018-02-26 12:52:26 +11:00
Dan Bourke 5d20c6b6dc add a 'minimum viable malicious extension' payload + collection notes for Mac 2018-02-26 12:46:47 +11:00
ahogue-atlassian 1347bc88dd Merge branch 'master' into master 2018-02-26 09:49:23 +11:00
rahmatnurfauzi 31a7a268f1 Update README.md 2018-02-25 17:04:36 +07:00