atomic-red-team

security-tools/atomic-red-team

Fork 0

Commit Graph

Select branches

Hide Pull Requests

APT28

AutoSUID_linux

ProcessHolllowingT1093

T1016_fix

T1218.005-powershell-without-network-call

T1553.001_fix

add_codeowners

admin-guide

atoms

attack-v19-migration

cloudlfare-tunnel

clr2of8-patch-14

clr2of8-patch-16

clr2of8-patch-3

clr2of8-patch-32

clr2of8-patch-35

clr2of8-patch-43

clr2of8-patch-44

clr2of8-patch-8

cyberbuff-patch-2

dependabot/pip/hypothesis-6.152.4

dependabot/pip/pydantic-2.13.3

dependabot/pip/typer-0.25.1

external_payloads

fix_T1562.001

fix_attack_nav

insecure-curl

io-update

issue_template_fix

linpeas_linux

markdown_changes

master

npm_simulate

oscd

pre-commit

python_conversion

remove-unused-static-dir

remove_bin

remove_ruby

remove_users_launch_daemon

revert-1530-adding_comments_to_navigator

sysmon_fix

t1547008

testest

update-PSDocs

use-basic-parsing

yamlfix

33d20ffb7c show executor and privilege requirement (#662) san-gwea 2019-11-14 22:59:13 -06:00
3311f02362 Adding .yaml integer parser to python runner (#639) fabamatic 2019-11-15 00:43:41 -03:00
70d795ffa2 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-15 03:38:21 +00:00
5259c936c1 Updated T1002 (#655) Andras32 2019-11-14 21:37:26 -06:00
ddadfbb3bf Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-14 22:57:31 +00:00
e93ed496ac default pid set to spoolsv (#656) Brandon Morgan 2019-11-14 16:57:07 -06:00
41ca40f457 Broken URL (#661) Michael Haag 2019-11-14 14:30:19 -07:00
9980382b3d Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-14 21:11:25 +00:00
9530b27936 T1085 deleting wrong "extra" quotation mark (#652) fabamatic 2019-11-14 18:10:57 -03:00
fdd2927285 T1216 Added tests for proxied script execution (#627) Tony M Lambert 2019-11-14 15:07:28 -06:00
d6f8628818 T1485 Test to delete backup files similar to Ryuk (#659) Tony M Lambert 2019-11-14 15:06:09 -06:00
e8d584cb5c T1085 - Atomic Friday (#660) Michael Haag 2019-11-14 14:04:08 -07:00
5a0e4482dd T1089 Disable Arbitrary Security Service (#658) Tony M Lambert 2019-11-14 14:46:42 -06:00
08c4b265be T1077 PsExec Test (#657) Tony M Lambert 2019-11-14 14:43:23 -06:00
dce95a96da Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-14 06:15:58 +00:00
c36b28eef8 Added cleanup command for fax binary (#654) Luminous-InfiniTom 2019-11-14 00:15:34 -06:00
5dbf1b7864 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-13 23:42:50 +00:00
b22483e2f1 T1090 add proxy reg key (#653) bmorgan-code 2019-11-13 17:41:46 -06:00
406b4a1f77 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-13 00:52:25 +00:00
3fdc8ee7de Cleanup test 6, 7 (#648) Brian Thacker 2019-11-12 18:51:57 -06:00
9412dc71f4 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-13 00:50:03 +00:00
95f0e151ea create simple sdb file (#649) Andrew Beers 2019-11-12 16:49:38 -08:00
52d472a70c Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-12 22:09:07 +00:00
fb4c322761 Added cleanup commands for test 1 & 2 (#651) Gomezz6 2019-11-12 16:08:47 -06:00
e7e3b5f343 ++ before check (#650) Andras32 2019-11-12 14:16:04 -06:00
e5da8a341a Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-12 07:37:40 +00:00
aa0aca3b2e T1070 delete system logs using power shell (#642) Andrew Beers 2019-11-11 23:37:19 -08:00
0a1f37aa54 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-12 07:26:51 +00:00
da90ca6563 T1036 malicious process masquerade as lsm (#637) Andrew Beers 2019-11-11 23:26:37 -08:00
c3183a36fa remove development section, Carrie's new instructions cover it (#638) Andrew Beers 2019-11-11 23:21:34 -08:00
d5217939c7 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-12 07:09:21 +00:00
df73365c8a Updated executor to powershell and updated command syntax. (#635) dwhite9 2019-11-12 01:08:58 -06:00
c6ea937fb4 Fix show details bug (#647) derekenjibowden 2019-11-12 00:26:33 -06:00
7a26c61e28 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-12 05:57:19 +00:00
108cf663a8 Insert cleanup_command for test 2 (#646) derekenjibowden 2019-11-11 23:56:53 -06:00
49f98f60ce Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-12 05:22:40 +00:00
bf7bc47752 Separated out Cleanup Commands (#645) seraran005 2019-11-11 23:22:17 -06:00
6c3da68741 Multi platform invoke art (#641) Andras32 2019-11-11 15:26:23 -06:00
26e0f443b9 T1170 remote hta (#633) Tony M Lambert 2019-11-11 08:45:07 -06:00
5332936f8f Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-11 01:55:17 +00:00
36188490dc removed duplicate 'atomic_tests:' key (#631) Carrie Roberts 2019-11-10 18:54:57 -07:00
8e8222e06a add invoke-atomictest to main page readme (#629) Andrew Beers 2019-11-10 19:53:12 -06:00
6ea465cf61 Fixed URL for Install-AtomicRedTeam (#632) Tony M Lambert 2019-11-10 19:43:28 -06:00
eb9f0fbcd6 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-09 02:14:44 +00:00
940b93af67 Added two more generic tests to T1036: test 6 and test 7. Test 6 meant to masquerade non-windows exes as real windows exes. Test 7 meant to masquerade windows exes as other windows exes. Added cleanup and input arguments logic to test 6 and 7. Added a generic executable for testing masquerading a non-windows exe as a windows exe. Added source files used for creating the executable in the T1036\bin folder. (#617) Brian Thacker 2019-11-08 20:14:13 -06:00
7f62513b8e Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-09 02:07:46 +00:00
60b045eb3c T1028 fixing parameter in powershell Invoke-Command (#630) fabamatic 2019-11-08 23:07:27 -03:00
fa1f9d95dc Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-09 02:03:33 +00:00
2b9b99adcc T1022 parameters that can actually be parsed by windows command prompt (#626) fabamatic 2019-11-08 23:03:10 -03:00
e2309b30af T1218 proxied binary execution tests (#628) Tony M Lambert 2019-11-08 19:57:19 -06:00
a611d8926b Expanding the Execution Frameworks Read me (#619) Carrie Roberts 2019-11-08 10:59:05 -07:00
ed5f9deccc remove deprecated code (#620) Carrie Roberts 2019-11-08 10:58:07 -07:00
c53e73ed96 Readme documents required Import-Module command (#622) Carrie Roberts 2019-11-08 10:57:08 -07:00
d73dc8f041 fix bug: returns null except on PS Core or PS v7 (#624) Carrie Roberts 2019-11-08 10:56:01 -07:00
49ccc8e366 new default PathToAtomicsFolder value (#623) Carrie Roberts 2019-11-08 10:50:31 -07:00
31cb175475 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-08 17:47:02 +00:00
c648b94ff1 remove hard-coded path to atomics foler in tests (#618) Carrie Roberts 2019-11-08 10:46:46 -07:00
43683f44af Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-07 22:28:26 +00:00
cb5f6c91a6 T1055 svchost writing a file to a unc path (#615) Andrew Beers 2019-11-07 14:27:57 -08:00
a86c0a5a9f Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-07 21:20:17 +00:00
c58f6496d6 Add test for T1170 that launches local notepad via VBScript called by… (#505) azeemnow 2019-11-07 16:19:51 -05:00
d2b7adfffd Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-07 21:18:14 +00:00
21b8dbe475 Update T1223.yaml (#614) rsjohnson07 2019-11-07 15:17:51 -06:00
87d70d2ef3 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-07 21:11:20 +00:00
2f9e306ec2 T1170 mshta.exe to execute vb script to execute code (#611) Andrew Beers 2019-11-07 13:10:59 -08:00
239ea1c6b0 Update T1518.yaml (#621) MG-RC 2019-11-07 10:38:10 -07:00
9bcb47ed3e warn if running admin test without admin (#616) Carrie Roberts 2019-11-06 14:07:27 -07:00
e68527d975 PathToAtomicsFolder Input Parameters auto-replaced with actual path (#613) Carrie Roberts 2019-11-06 12:53:20 -07:00
26aad5ed5e T1085 Rundll32 vbscript execution test (#612) Tony M Lambert 2019-11-05 16:53:49 -05:00
457e6acf51 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-05 19:07:44 +00:00
0f77fd91fb Update T1036.yaml (#609) dwhite9 2019-11-05 13:07:15 -06:00
6170883105 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-05 19:05:50 +00:00
2a7ba54263 Add test for T1518 that displays Internet Explorer Version (#605) Jake Hill 2019-11-05 14:05:28 -05:00
30b373f4d2 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-05 19:04:09 +00:00
b276cfeae6 T1529 Tests for shutdown/reboot on macOS/Linux (#599) Tony M Lambert 2019-11-05 14:03:46 -05:00
280b265287 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-05 19:03:00 +00:00
7390b5ff9f Fix version warning, add legend (#600) Tony M Lambert 2019-11-05 14:02:36 -05:00
5b8e894e61 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-05 19:01:25 +00:00
6cf9c681fd T1055 Test for LD_PRELOAD (#601) Tony M Lambert 2019-11-05 14:00:58 -05:00
5a73c43cab Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-05 18:59:40 +00:00
5d4fc8a059 Fixed T1018, Remote System Discovery - sweep (#603) Francisco Oca 2019-11-05 13:59:14 -05:00
5b297d6bb5 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-05 18:58:09 +00:00
71686f518c Fixed command for "View accounts wtih UID 0" (#602) Francisco Oca 2019-11-05 13:57:05 -05:00
a3c75c438b Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-05 18:52:46 +00:00
11586e2f1a T1505 Exchange Transport Agent (#597) Tony M Lambert 2019-11-05 13:50:29 -05:00
1663bf7d52 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-11-05 17:14:33 +00:00
ac176d6536 T1531 Account Access Removal Tests (#598) Tony M Lambert 2019-11-05 12:14:00 -05:00
5caafe4a35 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-10-24 17:24:54 +00:00
b676692b7f Update T1140.md (#594) waltersagehorn-praetorian 2019-10-24 13:24:26 -04:00
d3af57d204 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-10-24 17:22:40 +00:00
cf791d604e T1529 - Shutdown/restart tests (#596) Tony M Lambert 2019-10-24 12:22:24 -05:00
e940fcbe5b Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-10-24 17:13:51 +00:00
7028b8b444 BugFix and Enhancement for T1086-12 (#593) dwhite9 2019-10-24 12:13:16 -05:00
91e86258e6 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-10-24 17:09:43 +00:00
1dbda6cc37 ATT&CK JSON updated (#595) Tony M Lambert 2019-10-24 12:09:24 -05:00
935d69c8e5 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-10-21 21:04:31 +00:00
2c8c26fb71 Update T1037.yaml (#592) dwhite9 2019-10-21 16:04:17 -05:00
c903c6c00e log minutes correctly (#591) Carrie Roberts 2019-10-21 15:03:09 -06:00
3d839e7bd6 handle spaces in input param defaults (#590) Carrie Roberts 2019-10-21 15:02:04 -06:00
d336c79cc4 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-10-21 21:00:53 +00:00

... 52 53 54 55 56 ...