atomic-red-team

security-tools/atomic-red-team

Fork 0

Commit Graph

Select branches

Hide Pull Requests

APT28

AutoSUID_linux

ProcessHolllowingT1093

T1016_fix

T1218.005-powershell-without-network-call

T1553.001_fix

add_codeowners

admin-guide

atoms

attack-v19-migration

cloudlfare-tunnel

clr2of8-patch-14

clr2of8-patch-16

clr2of8-patch-3

clr2of8-patch-32

clr2of8-patch-35

clr2of8-patch-43

clr2of8-patch-44

clr2of8-patch-8

cyberbuff-patch-2

dependabot/pip/hypothesis-6.152.4

dependabot/pip/pydantic-2.13.3

dependabot/pip/typer-0.25.1

external_payloads

fix_T1562.001

fix_attack_nav

insecure-curl

io-update

issue_template_fix

linpeas_linux

markdown_changes

master

npm_simulate

oscd

pre-commit

python_conversion

remove-unused-static-dir

remove_bin

remove_ruby

remove_users_launch_daemon

revert-1530-adding_comments_to_navigator

sysmon_fix

t1547008

testest

update-PSDocs

use-basic-parsing

yamlfix

4f5c279c61 T1009 - Adjust test with variable for execution (#418) Tony M Lambert 2019-01-16 16:14:49 -06:00
37ca7e5fd0 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-01-16 17:25:14 +00:00
6b6f4beae5 Update flag for cmd.exe (#416) Ross Wolf 2019-01-16 12:25:04 -05:00
c65ed5d77e Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-01-16 17:24:56 +00:00
d76e946bc2 T1002 - Reorganize tests for better execution with framework (#417) Tony M Lambert 2019-01-16 11:24:48 -06:00
87bd65c63c Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-01-16 17:24:38 +00:00
832a907d54 T1174 Password Filter DLL PoSH test (#420) Tony M Lambert 2019-01-16 11:24:29 -06:00
d8510e729b Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-01-16 17:24:16 +00:00
78bedf0e45 T1107 Fix wbadmin test (#421) Tony M Lambert 2019-01-16 11:24:09 -06:00
dfabc52d64 T1107 File Deletion reorg with variables (#423) Tony M Lambert 2019-01-16 11:23:55 -06:00
bb07c4ac15 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-01-16 17:23:40 +00:00
61ffc53425 Register-CimProvider Atomic test (#435) JimmyAstle 2019-01-16 12:23:29 -05:00
7554e9b644 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2019-01-16 16:17:22 +00:00
5c3f5b6389 Merge pull request #424 from ForensicITGuy/t1166-setuidgid Keith McCammon 2019-01-16 09:17:12 -07:00
063e489114 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-12-13 16:07:16 +00:00
0779b60397 T1010 App Window Discovery with C# (#429) Tony M Lambert 2018-12-13 10:07:08 -06:00
8243dfedec Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-12-13 16:06:56 +00:00
4334a8c0b0 T1007 Service Discovery Net Start to File (#428) Tony M Lambert 2018-12-13 10:06:48 -06:00
07079c9ed7 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-12-13 16:06:36 +00:00
0f576dd03f T1004 Winlogon Helper DLLs (#427) Tony M Lambert 2018-12-13 10:06:28 -06:00
5da497ed1d T1156 .bash_profile .bashrc reorg into separate tests (#426) Tony M Lambert 2018-12-13 10:06:19 -06:00
15b6f10135 T1009 Binary Padding reorg with variables (#425) Tony M Lambert 2018-12-13 10:06:12 -06:00
a49998432e T1088 Fodhelper UAC Bypass and PoSH tests (#422) Tony M Lambert 2018-12-13 10:06:02 -06:00
6725795d88 T1166 SetUID SetGID add tests with variables Tony M Lambert 2018-12-11 00:31:19 -06:00
5bbe2e6403 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-12-05 00:53:11 +00:00
9aaa150dcf T1220 XSL Script Processing (#410) Tony M Lambert 2018-12-04 18:52:57 -06:00
0d9f652cab Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-12-05 00:38:31 +00:00
9a487bd26a Added test for persistence via BITS (#409) Tony M Lambert 2018-12-04 18:38:19 -06:00
4c0eab68c4 T1220 WMIC XSL Tests (#411) Tony M Lambert 2018-12-04 18:38:12 -06:00
4d4cc31211 T1222 Added File Perm Modification tests (#412) Tony M Lambert 2018-12-04 18:38:03 -06:00
943b36db5d T1218 Signed Binary Proxy Execution (#413) Tony M Lambert 2018-12-04 18:37:48 -06:00
d2362a0d45 Security updates to gems (#415) Brian Beyer 2018-11-28 15:31:18 -05:00
9ab98d2318 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-11-17 16:15:14 +00:00
ae1b07bf4d Update T1042 with cmd /c argument (#408) Ross Wolf 2018-11-17 11:15:06 -05:00
51180df1b1 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-11-14 21:38:39 +00:00
64ac0fea1f T1223 Compiled HTML Help (#407) Tony M Lambert 2018-11-14 14:38:32 -07:00
6965fc15ef Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-11-14 20:59:18 +00:00
c68c20392b Update ATT&CK JSON (#406) Tony M Lambert 2018-11-14 13:59:04 -07:00
53b39e11fe Merge pull request #401 from redcanaryco/clean-up-csmith Keith McCammon 2018-11-11 18:18:48 -07:00
7074c68b8d Merge pull request #403 from redcanaryco/t1087-kwm Keith McCammon 2018-11-11 12:45:34 -07:00
bce4f2b833 Generate docs from job=validate_atomics_generate_docs branch=t1087-kwm CircleCI Atomic Red Team doc generator 2018-11-11 19:43:16 +00:00
2cf59e99fa Clean up for consistency, platform accuracy Keith McCammon 2018-11-11 12:41:49 -07:00
f48234fc7f Generate docs from job=validate_atomics_generate_docs branch=clean-up-csmith CircleCI Atomic Red Team doc generator 2018-11-10 22:54:09 +00:00
11b85d5596 fix-executor caseysmithrc 2018-11-10 15:53:55 -07:00
1054ca1f97 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-11-10 22:26:16 +00:00
2983aae443 Merge pull request #378 from ForensicITGuy/add-test-t1158 Keith McCammon 2018-11-10 15:26:10 -07:00
b1f0697d79 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-11-10 22:25:33 +00:00
443adfb504 Merge pull request #386 from ForensicITGuy/t1089-http-logging Keith McCammon 2018-11-10 15:25:26 -07:00
531154eefd Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-11-10 22:24:33 +00:00
50c590cb1f Merge pull request #390 from ForensicITGuy/t1105-fix Keith McCammon 2018-11-10 15:24:25 -07:00
c2c27aeb71 Merge branch 'master' into t1105-fix Keith McCammon 2018-11-10 14:23:53 -07:00
159d503bdb Merge pull request #382 from redcanaryco/t1090-proxy-redirection Keith McCammon 2018-11-08 09:27:00 -07:00
22d5574c10 Fixed T1099 (#399) Michael Haag 2018-11-02 15:10:44 -06:00
7bc7660f4f Discovery.bat Update (#397) Michael Haag 2018-11-02 14:17:39 -06:00
16a9e95f16 Don't validate the template because of todos Brian Beyer 2018-10-26 15:00:21 -06:00
cbb425bdc7 Fixed T1105 test Tony M Lambert 2018-10-26 12:59:47 -06:00
087be15e6a T1089 Disable IIS HTTP logging ForensicITGuy 2018-10-23 15:49:20 -05:00
1deb39ba9a Validate command, input_arguments, and TODOs (#383) Brian Beyer 2018-10-22 13:10:51 -04:00
13665af6ef Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-10-21 17:39:45 +00:00
8cfecaf347 Merge pull request #380 from ForensicITGuy/copy-keys-t1145 Keith McCammon 2018-10-21 11:39:39 -06:00
44ad3639a9 Generate docs from job=validate_atomics_generate_docs branch=t1090-proxy-redirection CircleCI Atomic Red Team doc generator 2018-10-21 17:34:35 +00:00
2a1d1fd31b macOS and Linux connection proxy test Keith McCammon 2018-10-21 11:31:17 -06:00
4ee921e314 Merge pull request #381 from redcanaryco/roll-the-dice Keith McCammon 2018-10-20 19:18:14 -06:00
950842f40f Generate docs from job=validate_atomics_generate_docs branch=roll-the-dice CircleCI Atomic Red Team doc generator 2018-10-20 21:51:42 +00:00
cc720886e8 initial commit of roll the dice implementation Brian Beyer 2018-10-20 15:51:26 -06:00
8db4f8c2a3 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-10-20 19:38:18 +00:00
ae418fec76 add initial commit of atomics/index.yaml Brian Beyer 2018-10-20 13:38:06 -06:00
73491d44c2 generate YAML index alongside Markdown indices Brian Beyer 2018-10-20 13:36:29 -06:00
305e153881 T1145 Added tests to copy private keys using cp and rsync Tony M Lambert 2018-10-19 17:42:11 -04:00
4098cd9e09 Minor fix to syntax Tony M Lambert 2018-10-19 17:27:04 -04:00
abb43d1b4f T1145 discover SSH keys Tony M Lambert 2018-10-19 16:36:28 -04:00
ff02488808 Fix the things to pass CircleCI Tony M Lambert 2018-10-19 16:15:44 -04:00
9a00a05ba0 Added tests for hidden and system file hiding using attrib.exe Tony M Lambert 2018-10-19 16:11:36 -04:00
a91994c5bb Fixed Bug in Get-Atomic (#376) caseysmithrc 2018-10-11 18:28:39 -06:00
664ca4d109 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-10-12 00:28:10 +00:00
84677cc45c T1003 Added credential dumping tests (#377) Tony M Lambert 2018-10-11 19:27:57 -05:00
efd5688d9d Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-10-11 17:28:54 +00:00
d6e5210332 T1086 Fileless PowerShell from Registry (#372) Tony M Lambert 2018-10-11 12:28:46 -05:00
bd4afde020 T1055 update (#370) caseysmithrc 2018-10-04 20:02:30 -06:00
0dfd0a7320 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-10-04 12:48:25 +00:00
36bdfd4731 Some Powershell bugs fixed. (#369) Superbug 2018-10-04 15:48:16 +03:00
eb9cf5f42c Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-10-03 13:57:44 +00:00
fe5a6d68cd T1088 Bypass User Account Control (EventVwr Bypass) (#362) Tony M Lambert 2018-10-03 08:57:28 -05:00
0613d660a7 T1035 Service Execution (#363) Tony M Lambert 2018-10-03 08:57:23 -05:00
f82f953822 T1216 Signed Script Proxy Execution (#364) Tony M Lambert 2018-10-03 08:57:16 -05:00
27619d3895 T1180 Screensaver (#365) Tony M Lambert 2018-10-03 08:57:07 -05:00
aa3bd1b063 T1089 Added test to unload Sysmon filter driver (#366) Tony M Lambert 2018-10-03 08:56:58 -05:00
0cb986641d T1063 Discovery of Sysmon using fltmc.exe (#367) Tony M Lambert 2018-10-03 08:56:49 -05:00
df9e3737af Merge pull request #331 from zante/feature-python-test-harness Keith McCammon 2018-10-02 11:57:04 -06:00
7ca21a8da5 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-10-02 03:54:00 +00:00
75f452195a T1036 Masquerading (#361) Tony M Lambert 2018-10-01 22:53:53 -05:00
4c78e54768 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-10-02 03:25:26 +00:00
a59c97a4e4 T1153 Source (#356) Tony M Lambert 2018-10-01 22:25:17 -05:00
d8af126f49 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-10-02 03:23:08 +00:00
702a9c7c32 T1009 Binary Padding (#358) Tony M Lambert 2018-10-01 22:23:00 -05:00
6947fbe69d Added tests for T1206 Sudo Caching (#355) Tony M Lambert 2018-10-01 22:22:48 -05:00
2dbe24c325 T1064 Scripting (#357) Tony M Lambert 2018-10-01 15:42:14 -05:00
aed844bbc4 Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-10-01 20:40:44 +00:00
f046d56246 T1027 Obfuscated Files or Information (#359) Tony M Lambert 2018-10-01 15:40:25 -05:00
e6166c4499 T1217 Browser Bookmark Discovery (#360) Tony M Lambert 2018-10-01 15:40:14 -05:00

... 55 56 57 58 59 ...