atomic-red-team

security-tools/atomic-red-team

Fork 0

Commit Graph

Select branches

Hide Pull Requests

APT28

AutoSUID_linux

ProcessHolllowingT1093

T1016_fix

T1218.005-powershell-without-network-call

T1553.001_fix

add_codeowners

admin-guide

atoms

attack-v19-migration

cloudlfare-tunnel

clr2of8-patch-14

clr2of8-patch-16

clr2of8-patch-3

clr2of8-patch-32

clr2of8-patch-35

clr2of8-patch-43

clr2of8-patch-44

clr2of8-patch-8

cyberbuff-patch-2

dependabot/pip/hypothesis-6.152.4

dependabot/pip/pydantic-2.13.3

dependabot/pip/typer-0.25.1

external_payloads

fix_T1562.001

fix_attack_nav

insecure-curl

io-update

issue_template_fix

linpeas_linux

markdown_changes

master

npm_simulate

oscd

pre-commit

python_conversion

remove-unused-static-dir

remove_bin

remove_ruby

remove_users_launch_daemon

revert-1530-adding_comments_to_navigator

sysmon_fix

t1547008

testest

update-PSDocs

use-basic-parsing

yamlfix

ed7d3faabd Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team GUID generator 2021-01-07 16:43:06 +00:00
6f40ae85f5 solarigate atomic (#1358) Carrie Roberts 2021-01-07 09:42:43 -07:00
fb179a30a8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2021-01-06 19:39:15 +00:00
a3ad539a58 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team GUID generator 2021-01-06 19:39:08 +00:00
7c1471c403 T1110.001: add test "Brute Force Credentials of single domain user via LDAP against domain controller (NTLM or Kerberos)" (#1354) Clément Notin 2021-01-06 20:38:52 +01:00
4dbcb20934 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2021-01-06 18:51:58 +00:00
a4ca274d7d Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team GUID generator 2021-01-06 18:51:49 +00:00
c71444f1dc T1110.003: add test "Password spray all domain users with a single password via LDAP against domain controller (NTLM or Kerberos)" (#1349) Clément Notin 2021-01-06 19:51:31 +01:00
0b9d36e786 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2021-01-06 18:47:31 +00:00
9a59eac0b8 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team GUID generator 2021-01-06 18:47:22 +00:00
d5b6e69f89 T1003.006: add DCSync test (#1352) Clément Notin 2021-01-06 19:46:59 +01:00
603040c6e3 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2021-01-06 18:42:39 +00:00
90611a079a Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team GUID generator 2021-01-06 18:42:30 +00:00
b0a0bbc66e T1055: add new test "Remote Process Injection in LSASS via mimikatz" (#1353) Clément Notin 2021-01-06 19:42:08 +01:00
443e0318fc Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2021-01-06 18:35:50 +00:00
7ef584f9fd Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team GUID generator 2021-01-06 18:35:42 +00:00
d50239ff57 T1558.001: add test "Golden ticket" (#1351) Clément Notin 2021-01-06 19:35:14 +01:00
ccb97235c4 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2021-01-06 18:20:33 +00:00
4064764c17 T1207: automate test for DCShadow (#1350) Clément Notin 2021-01-06 19:20:11 +01:00
91e05be201 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2021-01-05 23:34:56 +00:00
8c4eb62532 Update T1127.001.yaml (#1356) Michael Haag 2021-01-05 16:34:35 -07:00
4c655f1e84 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2021-01-05 23:31:24 +00:00
139ed0927e Update T1550.003.yaml (#1355) Brian Thacker 2021-01-05 17:30:39 -06:00
aed82f6297 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2021-01-01 23:43:53 +00:00
871cab05dd Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team GUID generator 2021-01-01 23:43:46 +00:00
bb9c4b1f6f T1049 update (#1347) tlor89 2021-01-01 17:43:33 -06:00
aa9f47cdae Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2020-12-29 14:18:50 +00:00
1ce97c0325 Merge pull request #1346 from redcanaryco/clr2of8-patch-2 Matt Graeber 2020-12-29 09:18:20 -05:00
c4f6609515 update gup.exe download link Carrie Roberts 2020-12-28 16:02:35 -07:00
582d2e97f8 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2020-12-28 22:45:56 +00:00
d9dcbd3dec T1070.003 test7 cleanup (#1345) Brian Thacker 2020-12-28 16:45:17 -06:00
527fd3b78b Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2020-12-28 16:19:14 +00:00
b699820fe3 Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team GUID generator 2020-12-28 16:19:04 +00:00
91e0e61c94 Adding RemoteFXvGPUDisablement.exe LOLBin coverage (#1341) Matt Graeber 2020-12-28 11:18:37 -05:00
aa8e484d30 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2020-12-21 16:40:14 +00:00
9be279e20f Generate GUIDs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team GUID generator 2020-12-21 16:40:06 +00:00
ef3f58fe24 Merge pull request #1338 from clr2of8/icedid Matt Graeber 2020-12-21 11:39:46 -05:00
24b31fa6cc Merge branch 'master' into icedid Matt Graeber 2020-12-21 11:38:51 -05:00
0fe0dc26c6 Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci] CircleCI Atomic Red Team doc generator 2020-12-21 16:14:07 +00:00
dbaaec1021 T1546.001 update (#1339) andrewyaj 2020-12-21 10:13:37 -06:00
fd2bbab66b typo fix clr2of8 2020-12-19 16:26:33 -07:00
e059e698ba rundll32 spawning mshta and wscript clr2of8 2020-12-19 16:17:38 -07:00
b3e7ae893f Move CI generation of GUIDs and docs to master branch only (#1337) Brian Beyer 2020-12-18 14:19:58 -07:00
5ff80f6f90 Update maintainers.md (#1335) Keith McCammon 2020-12-17 22:57:51 -07:00
756a90294b Shortcut additions to user startup (#1329) 4rb1t3r 2020-12-17 09:23:03 -05:00
7ebf7536b8 Separate CI steps so Github status checks can reference the right checks (#1334) Brian Beyer 2020-12-16 11:27:51 -07:00
9a2c1350c9 Added T0178.003 for local accounts (#1330) Michael Wade 2020-12-16 10:36:27 -07:00
b8774a1318 initial (#1333) Ama Smuggle Avocados 2020-12-16 11:32:10 -05:00
1eaae6d3ce Added T1082 test 8, Griffon recon advanced tool (#1320) JB 2020-12-16 10:19:14 -06:00
78507aedce Extractbinary (#1332) Ama Smuggle Avocados 2020-12-16 10:46:56 -05:00
28086402e2 Maintainers updates (#1328) Keith McCammon 2020-12-15 14:18:41 -07:00
5db071d288 Workflow compiler tests (#1331) JimmyAstle 2020-12-15 15:47:39 -05:00
46b69318c8 Credmanager (#1327) Ama Smuggle Avocados 2020-12-11 10:34:34 -05:00
9e352ddc2d Shellcodevba (#1326) Ama Smuggle Avocados 2020-12-11 09:55:17 -05:00
43fc8a3516 Extractmemory (#1318) Ama Smuggle Avocados 2020-12-11 09:52:24 -05:00
f80bea245d updating enterprise-attack.json from Mitre (#1325) Carrie Roberts 2020-12-10 18:03:27 -07:00
10edd69822 Update T1059.003.yaml (#1324) tsustyle 2020-12-10 17:57:03 -05:00
5f208eec00 Clipboardvba (#1321) Ama Smuggle Avocados 2020-12-10 12:03:22 -05:00
4fc97b9206 Taskscheduler (#1317) Ama Smuggle Avocados 2020-12-10 11:42:46 -05:00
13d6dd0357 Merge branch 'master' into patch-33 JB 2020-12-10 01:04:27 -06:00
db96a6f4cf Runpe (#1316) Ama Smuggle Avocados 2020-12-09 13:02:40 -05:00
1ca8072bc9 update output file name to match expected (#1315) Carrie Roberts 2020-12-09 09:26:36 -07:00
8e33c2801e simplify atomics (#1313) Carrie Roberts 2020-12-09 09:20:50 -07:00
23da9127e3 Encodedvbs (#1314) Ama Smuggle Avocados 2020-12-09 09:04:10 -05:00
75b8d9722a Merge pull request #1292 from bp256r1/bugfix/7e46c7a5-0142-45be-a858-1a3ecb4fd3cb Carl 2020-12-04 12:35:42 -07:00
46b6c790a6 Merge branch 'master' into bugfix/7e46c7a5-0142-45be-a858-1a3ecb4fd3cb Carl 2020-12-04 12:31:39 -07:00
b6d2ed9537 Excel4macro (#1312) Ama Smuggle Avocados 2020-12-03 14:33:51 -05:00
3304c0b020 T1555.003 (#1311) Michael Haag 2020-12-01 13:31:40 -07:00
832c95cc2f fix display name (#1310) dmr4of8 2020-12-01 13:12:04 -07:00
0e6ceefc7e Merge branch 'master' into bugfix/7e46c7a5-0142-45be-a858-1a3ecb4fd3cb hodgepodge 2020-12-01 12:10:18 -05:00
90cc72063a dummy PR to cause documentation to be rebuilt (#1309) MrOrOneEquals1 2020-12-01 07:40:10 -07:00
9ca764c258 Update T1033.yml (#1308) Murat ERDEM 2020-12-01 17:19:19 +03:00
7e10dda193 Update T1204.002.yaml (#1307) Brian Thacker 2020-11-30 18:27:55 -06:00
ffecea355a T1204.002 new atomic office bat (#1305) Brian Thacker 2020-11-30 17:37:26 -06:00
5832c65cb2 T1014 - Driver Rootkit Test Update (#1303) Michael Haag 2020-11-30 14:34:25 -07:00
e9cb3c2f59 Update README.md (#1302) Matt Graeber 2020-11-30 11:18:32 -05:00
2b4c7c0112 Add two T1003.008 tests (#1299) zgdatadoghq 2020-11-30 11:12:21 -05:00
e8bad1a913 Merge pull request #1300 from zgdatadoghq/patch-2 Carl 2020-11-27 19:42:25 -07:00
31c0f228e5 Merge branch 'master' into patch-2 Carl 2020-11-27 19:13:05 -07:00
d5e64a6d87 New atomic t1574 011 (#1301) P4T12ICK 2020-11-27 22:15:29 +01:00
91ea164b8e new atomic (#1298) P4T12ICK 2020-11-27 22:13:05 +01:00
9ec5d7dd9a Update T1218 Test 5 (#1296) Brian Thacker 2020-11-27 14:57:42 -06:00
164da2cfa0 T1133 (#1295) tlor89 2020-11-27 14:55:37 -06:00
7e96588a69 Merge branch 'master' into patch-2 zgdatadoghq 2020-11-23 16:15:45 -05:00
52f440e80a Expand cronjob tests zgdatadoghq 2020-11-23 16:11:53 -05:00
f427e2c338 Generate docs from job=validate_atomics_generate_docs branch=oscd oscd CircleCI Atomic Red Team doc generator 2020-11-23 13:41:01 +00:00
3610e65375 Merge pull request #1240 from remotephone/oscdt1016 Matt Graeber 2020-11-23 08:40:31 -05:00
3a001ee8f9 Generate docs from job=validate_atomics_generate_docs branch=oscd CircleCI Atomic Red Team doc generator 2020-11-23 13:40:04 +00:00
5f34ccd556 Merge pull request #1267 from oscd-initiative/oscd_sigma_sync Matt Graeber 2020-11-23 08:39:33 -05:00
83b21a9487 atomic for disable UAC (#1289) P4T12ICK 2020-11-20 17:17:23 +01:00
becfc6e128 Merge branch 'master' into bugfix/7e46c7a5-0142-45be-a858-1a3ecb4fd3cb hodgepodge 2020-11-20 09:07:35 -05:00
2c037b2243 New atomics t1222 001 (#1291) P4T12ICK 2020-11-19 18:51:03 +01:00
de1bd5a20f Allow root user to run 'T1087.001: Account Discovery: Local Account - List opened files by user' by updating how current username is determined Tyler Fisher 2020-11-19 11:18:53 -05:00
d0b51ff08a T1016 qakbot addition (#1288) Brian Thacker 2020-11-17 20:29:55 -06:00
e5aab6a68f T1069 typo updates and new test (#1285) JimmyAstle 2020-11-17 21:28:26 -05:00
43815e0c0f simpliifed prereq command JB 2020-11-15 02:04:17 -06:00
3505174fa3 fixing typo and adjusting privledges on prereq JB 2020-11-15 01:43:26 -06:00
bfbff31b5a Test 2 - added alternate pam.d module location like in CentOS JB 2020-11-15 01:33:04 -06:00
b03e1ebced Code fix, and Updates per spec to unix keylogging atomic JB 2020-11-14 16:49:50 -06:00
9c7a3b0889 Update gems to remove kramdown vulnerability (#1287) crothe 2020-11-12 13:40:23 -07:00

... 41 42 43 44 45 ...