atomic-red-team

security-tools/atomic-red-team

Fork 0

Commit Graph

Select branches

Hide Pull Requests

APT28

AutoSUID_linux

ProcessHolllowingT1093

T1016_fix

T1218.005-powershell-without-network-call

T1553.001_fix

add_codeowners

admin-guide

atoms

attack-v19-migration

cloudlfare-tunnel

clr2of8-patch-14

clr2of8-patch-16

clr2of8-patch-3

clr2of8-patch-32

clr2of8-patch-35

clr2of8-patch-43

clr2of8-patch-44

clr2of8-patch-8

cyberbuff-patch-2

dependabot/pip/hypothesis-6.152.4

dependabot/pip/pydantic-2.13.3

dependabot/pip/typer-0.25.1

external_payloads

fix_T1562.001

fix_attack_nav

insecure-curl

io-update

issue_template_fix

linpeas_linux

markdown_changes

master

npm_simulate

oscd

pre-commit

python_conversion

remove-unused-static-dir

remove_bin

remove_ruby

remove_users_launch_daemon

revert-1530-adding_comments_to_navigator

sysmon_fix

t1547008

testest

update-PSDocs

use-basic-parsing

yamlfix

0dcde71a15 Asynchronous Attack Execution and other handy things (#790) Carrie Roberts 2020-01-22 20:36:20 -07:00
3ef533126a Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-23 03:08:33 +00:00
cc6735d7f7 Added clean-up, automation of test 1, aligned tests with specs (#746) JB 2020-01-22 21:08:15 -06:00
45746eea98 T1096 Test to Write File in ADS (#697) Tony M Lambert 2020-01-22 20:09:50 -06:00
27f7c3484a Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-22 15:16:03 +00:00
65ecf19fdb Update T1170.yaml (#789) rsjohnson07 2020-01-22 09:15:30 -06:00
8d4be7584e T1490 PowerShell deleting shadow copies (#785) Tony M Lambert 2020-01-21 12:39:36 -06:00
42afe34cd3 check for null commands (#787) Carrie Roberts 2020-01-21 11:30:03 -07:00
a956d4640f Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-21 18:12:06 +00:00
a4c9ee4430 Replay the Dependencies Merge (#786) Tony M Lambert 2020-01-21 12:11:45 -06:00
82bc6fab20 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-21 04:40:22 +00:00
c20e2135ed Fix incorrect reg value type (#780) Makenzie Schwartz 2020-01-20 20:40:06 -08:00
caeea44b95 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-19 05:09:19 +00:00
f2fbeb18ed T1003 rm (#778) san-gwea 2020-01-18 23:09:07 -06:00
3c40408ad2 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-18 18:47:54 +00:00
b4ded762d4 moving recently added source files to /src per project spec (#783) JB 2020-01-18 12:47:37 -06:00
f0579aa1e7 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-18 18:42:43 +00:00
4c8ae4c7bc renamed folder paths and moved files to match current project spec (#782) JB 2020-01-18 12:42:28 -06:00
b98561d215 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-18 18:41:01 +00:00
ef772a3af9 pypykatz registry and LSASS tests (#784) Brandon Morgan 2020-01-18 12:40:45 -06:00
3643481bf1 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-17 23:54:26 +00:00
413aa26cac clean up : Added "-ErrorAction Ignore" to remove error for file not created (#777) san-gwea 2020-01-17 17:53:50 -06:00
a526aa7729 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-14 16:43:16 +00:00
66bf73a44b atomic for modifying ZoneMap under internet settings and adding a c2 domain (#775) san-gwea 2020-01-14 08:42:51 -08:00
70defe4dc9 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-14 16:33:58 +00:00
7988bb05e8 Tamper with Windows Defender ATP (#776) Andrew Beers 2020-01-14 08:33:36 -08:00
c3b398e48c Revert "Add Dependencies section to test Yaml and support to use them… (#773) Tony M Lambert 2020-01-09 09:12:38 -06:00
96edae69d4 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-09 14:36:26 +00:00
511bb87af2 Add Dependencies section to test Yaml and support to use them in the PS execution framework (#772) Carrie Roberts 2020-01-09 07:36:08 -07:00
550ba03c22 T1063 Discover AV via WMI (#770) Tony M Lambert 2020-01-08 14:06:24 -06:00
bba9f2f738 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-08 19:47:52 +00:00
2ed57f2a9b Locking down payloads to a specific version (#737) Carrie Roberts 2020-01-08 12:47:34 -07:00
5cd5133763 Admin not required to install atomic-red-team (#731) Carrie Roberts 2020-01-08 12:45:50 -07:00
ab03b826f8 Typo Fix (#771) Michael Haag 2020-01-08 12:40:18 -07:00
dfa7d4e513 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-06 21:18:03 +00:00
a0b8d7e438 More test improvements (#732) Andrew Beers 2020-01-06 13:17:45 -08:00
2156972ed0 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-06 21:14:46 +00:00
dc9531aa03 Added Chrome Bookmark checking atomics to T1217' (#765) Luminous-InfiniTom 2020-01-06 15:14:26 -06:00
23285cf6cb Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-06 21:07:55 +00:00
7065f37725 Updates for Powershell (#767) Micheal Fleck 2020-01-06 15:07:33 -06:00
792bd4b12b Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-06 21:06:24 +00:00
73a8220b24 Moved source code files used in tests 1 & 2 to /src per project specs (#764) JB 2020-01-06 15:05:46 -06:00
60a8bb70ba Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2020-01-06 21:02:26 +00:00
b2d25ea9bc Updated atomic test 3 for better alignment with T1074 (Staging) (#763) JB 2020-01-06 15:02:07 -06:00
336595c703 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-30 15:27:19 +00:00
a83fbd47d6 corrections to test 1 (zip & gpg test with .sh) (#742) JB 2019-12-30 09:26:55 -06:00
a602195e5d Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-30 15:23:55 +00:00
26205914c2 Update T1037: Atomics "Logon Scripts" and "Startup Folder Script" (#762) dwhite9 2019-12-30 09:23:37 -06:00
657186e246 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-30 15:20:39 +00:00
1d37472ced Replaced the ${atomics_path} input variable with the (#761) dwhite9 2019-12-30 09:20:25 -06:00
eac69aa2d9 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-30 15:19:21 +00:00
fc060f9e92 Improve test 7 (Offline Mimikatz) for T1003 that performs Credential Dumping (#760) Mr B0b 2019-12-30 16:18:57 +01:00
f7a918d875 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-30 15:15:09 +00:00
d587dfbc91 Improve test 5 (ProcDump) for T1003 that performs Credential Dumping (#759) Mr B0b 2019-12-30 16:14:49 +01:00
99a2a8aa31 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-30 15:11:52 +00:00
8786bf538b Add cleanup command for test 10 of T1003 that performs Credential Dumping (#758) Mr B0b 2019-12-30 16:11:34 +01:00
246176fe5d Harmonization of spaces between lines for T1003 that performs Credential Dumping (#756) Mr B0b 2019-12-30 16:09:42 +01:00
135c516a08 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-30 15:06:51 +00:00
409e812b17 Fix test 4 output folder for T1003 that performs Credential Dumping (#757) Mr B0b 2019-12-30 16:06:20 +01:00
6626b254aa Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-30 15:04:57 +00:00
a4123e5e2f Fix test 8 and 10 output folder for T1003 that performs Credential Dumping (#755) Mr B0b 2019-12-30 16:04:37 +01:00
9431728f2b Bump rubyzip from 1.2.3 to 2.0.0 (#750) dependabot[bot] 2019-12-23 09:01:41 -07:00
223cc1901e Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-23 16:00:25 +00:00
9e71e2adcb moved remote file used in test to src - no other changes (#754) JB 2019-12-23 09:59:58 -06:00
cfa6ae33fc Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-23 15:55:40 +00:00
6c6c3cf57f Add test 13 (NinjaCopy) for T1003 that performs Credential Dumping (#753) Mr B0b 2019-12-23 16:55:13 +01:00
c8e040c9d4 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-23 15:52:54 +00:00
53da28447c Add test for T1006 (File System Logical Offsets) (#752) Mr B0b 2019-12-23 16:52:35 +01:00
95596cd61c cleaned up root directory (#749) JB 2019-12-23 09:33:00 -06:00
9fd560617c Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-23 15:31:24 +00:00
a4634b777b minor fix to meet atomic specs; moved src files to /src (#748) JB 2019-12-23 09:31:02 -06:00
2f17ab1491 linux as supported_platform, not specific versions (depreciated) (#747) JB 2019-12-23 09:30:09 -06:00
f4eac66bb7 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-23 15:20:41 +00:00
096ba193b4 Automated test for OSX Local Library Startup Items + fixes (#743) JB 2019-12-23 09:20:15 -06:00
765c34ead6 rm .plist file (it is now in /src directory) (#744) JB 2019-12-23 09:16:18 -06:00
53a8393c74 copied script to /src (#741) JB 2019-12-21 20:44:19 -06:00
a8b96af84b Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-22 02:43:44 +00:00
0c84aca2e4 Rewrote "Trap" test to not pull down remote files (#740) JB 2019-12-21 20:43:22 -06:00
1698e5c347 duplicate file is not needed, recent invoke-atomic changes removed the need for this (#739) JB 2019-12-21 20:39:08 -06:00
c7d95ebc23 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-22 00:19:55 +00:00
9df75a4013 added path to src directory (#738) JB 2019-12-21 18:16:57 -06:00
20fbdb7173 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-20 22:04:10 +00:00
38a5811f31 using updated version of mimikatz that works on latest win10 versions (#736) Carrie Roberts 2019-12-20 15:03:50 -07:00
5e90af5009 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-19 03:19:21 +00:00
66b7136553 Test 4 change (#735) Brian Thacker 2019-12-18 21:18:58 -06:00
9817fc3b59 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-19 03:16:52 +00:00
38c7ac2fe1 T1002 test 2 correction (#734) Brian Thacker 2019-12-18 21:16:30 -06:00
b3ce1fb005 T1074 .bat fix (#733) Brian Thacker 2019-12-18 10:32:36 -06:00
84b724b29d Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-18 06:45:00 +00:00
cf2879466d T1114 Update (#730) dwhite9 2019-12-18 00:44:35 -06:00
3fdbd91fc0 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-18 06:11:04 +00:00
40845ae5dd Fix issue #499 for T1007 (#729) r1ghtstuff 2019-12-17 22:10:44 -08:00
ab4c68b970 Execute powershell with "-Command -" arguments. Tell powershell to read scripts from stdin. (#727) FenQiDian 2019-12-18 14:09:02 +08:00
f51c26ab5f Revert "Added WCE executable to test 3 (Windows Credentials Editor)" (#728) Tony M Lambert 2019-12-17 09:45:42 -06:00
b18c5a498d Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-17 00:05:19 +00:00
3750c092bc Add "#" before file_extension argument (#726) FenQiDian 2019-12-17 08:04:56 +08:00
c34176e00b Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-17 00:03:42 +00:00
4364411ff4 update tests (#725) Andrew Beers 2019-12-16 18:03:20 -06:00
cf15882964 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-12-17 00:02:40 +00:00
df12b3792b This is to add a new atomic for windows that uses curl instead of (#724) dwhite9 2019-12-16 18:02:02 -06:00

... 50 51 52 53 54 ...