atomic-red-team

security-tools/atomic-red-team

Fork 0

Commit Graph

Select branches

Hide Pull Requests

APT28

AutoSUID_linux

ProcessHolllowingT1093

T1016_fix

T1218.005-powershell-without-network-call

T1553.001_fix

add_codeowners

admin-guide

atoms

attack-v19-migration

cloudlfare-tunnel

clr2of8-patch-14

clr2of8-patch-16

clr2of8-patch-3

clr2of8-patch-32

clr2of8-patch-35

clr2of8-patch-43

clr2of8-patch-44

clr2of8-patch-8

cyberbuff-patch-2

dependabot/pip/hypothesis-6.152.4

dependabot/pip/pydantic-2.13.3

dependabot/pip/typer-0.25.1

external_payloads

fix_T1562.001

fix_attack_nav

insecure-curl

io-update

issue_template_fix

linpeas_linux

markdown_changes

master

npm_simulate

oscd

pre-commit

python_conversion

remove-unused-static-dir

remove_bin

remove_ruby

remove_users_launch_daemon

revert-1530-adding_comments_to_navigator

sysmon_fix

t1547008

testest

update-PSDocs

use-basic-parsing

yamlfix

3649d34631 Fixed the issues with OSX not reporting executors. Lemelin 2018-10-01 13:40:29 -04:00
a3c0e5b238 Added missing files. Lemelin 2018-09-28 16:52:48 -04:00
f0f6804345 Adjusted YAML file relative path. Lemelin 2018-09-28 16:52:03 -04:00
93c27c437b Moved Python test harness to contrib. Lemelin 2018-09-28 16:23:20 -04:00
27fe1066d6 Users/zacbrown/deprecate old powershell executor (#352) Zac Brown 2018-09-28 12:11:08 -07:00
a61dbfbbb5 Component Object Model Hijacking (#354) caseysmithrc 2018-09-28 13:08:15 -06:00
789b2cfc59 Added '---' (#350) caseysmithrc 2018-09-25 12:39:52 -06:00
74765edf7e Merge pull request #349 from redcanaryco/add-related Keith McCammon 2018-09-21 08:01:44 -06:00
37e485ce06 Add a Related section to reference other works Keith McCammon 2018-09-21 07:56:54 -06:00
ba64b21e2a T1126 fix (#341) Michael Haag 2018-09-18 10:38:22 -05:00
1976a539c8 Merge pull request #347 from ForensicITGuy/master Zac Brown 2018-09-14 23:03:39 -06:00
ef0b8f073e Hopefully this works remotely now Tony M Lambert 2018-09-14 20:49:10 -05:00
62ed0f30ab Fix script again Tony M Lambert 2018-09-14 20:46:03 -05:00
03adb61ee4 Added remote test, simplified script file Tony M Lambert 2018-09-14 20:35:48 -05:00
ddd0e81e54 Fix customer name Tony M Lambert 2018-09-14 16:21:39 -05:00
f344a573b7 Add MSXSL test to T1127 Tony M Lambert 2018-09-14 16:20:25 -05:00
b85c21bb00 Merge pull request #346 from redcanaryco/T1140-Add Zac Brown 2018-09-14 08:25:39 -06:00
d0a5bb7762 Generate docs from job=validate_atomics_generate_docs branch=T1140-Add CircleCI Atomic Red Team doc generator 2018-09-14 13:34:52 +00:00
52ca3f8b1b Added certutil rename Michael Haag 2018-09-14 08:34:29 -05:00
4f31d6ac09 Merge pull request #339 from MSAdministrator/modified_execution_functions_and_readme Zac Brown 2018-09-13 21:06:26 -06:00
9aeecf2694 Added Pester tests and modified Manifest file Josh Rickard 2018-09-13 22:55:35 -04:00
e81485b3e2 Converted Invoke-AtomicRedTeam to PowerShell Script Module Josh Rickard 2018-09-13 22:00:50 -04:00
8b6116bffc Generate docs from job=validate_atomics_generate_docs branch=master CircleCI Atomic Red Team doc generator 2018-09-13 20:33:22 +00:00
a01d08725b Merge pull request #343 from JimmyAstle/T1191-synax-fix Michael Haag 2018-09-12 08:08:19 -04:00
d5a791015b Minor update to cmstp.exe syntax Jimmy Astle 2018-09-11 15:36:29 -04:00
6c0620f855 Merge pull request #342 from 2xyo/patch-1 Michael Haag 2018-09-11 10:05:46 -04:00
909df7b204 Fix path of RegSvr32.sct 2*yo 2018-09-11 15:49:39 +02:00
5130db160b Modified Invoke-AtomicRedTeam functions and README Josh Rickard 2018-09-07 23:28:17 -04:00
18ae6fb97a Merge pull request #335 from MSAdministrator/T1193-modifying-download-of-payload caseysmithrc 2018-09-06 21:33:25 -06:00
41073650e6 Merge pull request #338 from MSAdministrator/origin/T1060-adding-removal-of-registry-keys caseysmithrc 2018-09-06 21:31:50 -06:00
823766d2c9 Adding removal of registry keys for T1060 based on issue #328 Josh Rickard 2018-09-06 21:56:10 -04:00
0738765238 Removing outdated tests for T1193 and Office/excel pre-check to test Josh Rickard 2018-09-06 21:20:14 -04:00
068a5fa98e Merge pull request #325 from redcanaryco/Invoke-AtomicRedTeam Michael Haag 2018-09-06 16:42:51 -04:00
86ffa9f37c Fix All The Things caseysmithrc 2018-09-06 12:18:17 -06:00
4fd7dd3cce Fix Error Message caseysmithrc 2018-09-06 11:45:06 -06:00
de3c2b6684 IMport-Module cleaner caseysmithrc 2018-09-06 09:34:39 -06:00
0ed64ddf4a Merge pull request #336 from MSAdministrator/T1112-modifying-the-registry caseysmithrc 2018-09-06 07:23:03 -06:00
7aa0e28a90 Merge pull request #332 from redcanaryco/PowerShell-Executor.Command-Properties caseysmithrc 2018-09-06 07:06:14 -06:00
d02c38650e Merge pull request #334 from redcanaryco/Fix-T1170 Michael Haag 2018-09-06 08:02:08 -04:00
28c470b40c Add test for T1112 that modifies registry keys Josh Rickard 2018-09-05 23:46:44 -04:00
aa7e700a93 Added test for T1193 that downloads an macro-enabled excel sheet and opens your default web-browser Josh Rickard 2018-09-05 21:49:22 -04:00
8778460f74 Generate docs from job=validate_atomics_generate_docs branch=Fix-T1170 CircleCI Atomic Red Team doc generator 2018-09-05 19:56:09 +00:00
7735933ba7 Fixed T1170 execution command caseysmithrc 2018-09-05 13:55:53 -06:00
af2e5938e1 Fixed Error Message caseysmithrc 2018-09-05 13:45:45 -06:00
747f5909d0 correct demo examples caseysmithrc 2018-09-05 13:17:51 -06:00
36b00a7d20 Generate docs from job=validate_atomics_generate_docs branch=PowerShell-Executor.Command-Properties CircleCI Atomic Red Team doc generator 2018-09-05 18:58:23 +00:00
165ab03d68 t1086 Michael Haag 2018-09-05 14:58:05 -04:00
f6c6cb2e28 Remove spurious spaces. Zac Brown 2018-09-05 10:56:55 -07:00
2fd67101fe Format harder. Zac Brown 2018-09-05 10:53:39 -07:00
860a78908a Best PowerShell Script EVEr Written caseysmithrc 2018-09-05 11:48:10 -06:00
7073f4274e Merge pull request #330 from redcanaryco/T1126 caseysmithrc 2018-09-05 11:47:18 -06:00
a1b44d2b6b Dependency Confrimation and Style fix caseysmithrc 2018-09-05 11:17:31 -06:00
fcff42d14b Fixed documentation issues. Lemelin 2018-09-05 12:50:57 -04:00
c03d202bd5 Generate docs from job=validate_atomics_generate_docs branch=PowerShell-Executor.Command-Properties CircleCI Atomic Red Team doc generator 2018-09-05 15:35:37 +00:00
b512869c36 Powershell fixes Michael Haag 2018-09-05 11:35:24 -04:00
626deed1ad T1033 fix Michael Haag 2018-09-05 11:25:52 -04:00
7b57631c20 T1126 fix Michael Haag 2018-09-05 11:17:19 -04:00
3a802faa98 Implemented Python test harness. Lemelin 2018-09-05 11:06:10 -04:00
a48a8de6da Merge pull request #324 from redcanaryco/technique-fixup-cs Michael Haag 2018-09-05 10:45:28 -04:00
643472f5ee Merge pull request #327 from redcanaryco/Fix-T1179 Michael Haag 2018-09-05 09:38:08 -04:00
ae0022cc32 Merge pull request #326 from redcanaryco/Fix-T1121 Michael Haag 2018-09-05 09:36:22 -04:00
f19fb29bfa Merge pull request #311 from redcanaryco/rootkit-T1014-Windows Michael Haag 2018-09-05 09:35:51 -04:00
11e9f88a62 Merge branch 'Fix-T1179' of https://github.com/redcanaryco/atomic-red-team into Fix-T1179 caseysmithrc 2018-09-05 07:35:12 -06:00
9e542eaad5 Removed MessageBox Prompt caseysmithrc 2018-09-05 07:35:05 -06:00
7e8594e288 Generate docs from job=validate_atomics_generate_docs branch=Fix-T1179 CircleCI Atomic Red Team doc generator 2018-09-05 13:31:22 +00:00
2dfe7cce3f fix caseysmithrc 2018-09-05 07:31:09 -06:00
32be456da1 Fixed Test caseysmithrc 2018-09-05 07:30:14 -06:00
deca346fcb Generate docs from job=validate_atomics_generate_docs branch=Fix-T1121 CircleCI Atomic Red Team doc generator 2018-09-05 12:16:41 +00:00
cbe95e5a3a clean up caseysmithrc 2018-09-05 06:15:36 -06:00
14cbfa95e9 Generate docs from job=validate_atomics_generate_docs branch=Fix-T1121 CircleCI Atomic Red Team doc generator 2018-09-05 02:44:59 +00:00
6a3cb5d779 Merge branch 'Fix-T1121' of https://github.com/redcanaryco/atomic-red-team into Fix-T1121 caseysmithrc 2018-09-04 20:44:47 -06:00
da9748c7db parameterized path and source code caseysmithrc 2018-09-04 20:44:37 -06:00
8418f40294 Generate docs from job=validate_atomics_generate_docs branch=Fix-T1121 CircleCI Atomic Red Team doc generator 2018-09-05 02:40:48 +00:00
f85b47c2d2 T1121 Fixed Test caseysmithrc 2018-09-04 20:40:31 -06:00
0d34c40f06 fixed style caseysmithrc 2018-09-04 20:29:07 -06:00
5a799c5bfc fix dem spaces caseysmithrc 2018-09-04 19:55:55 -06:00
3c2f6b0043 Fixed Dependency Documentation caseysmithrc 2018-09-04 09:52:15 -06:00
954b3c70ce Generate replace Execute caseysmithrc 2018-09-04 09:41:48 -06:00
09e0767c52 Fix Docs GetEnumerator on HashTable caseysmithrc 2018-09-04 09:40:50 -06:00
5341fe6954 MARKDOWN!!! caseysmithrc 2018-09-04 09:37:18 -06:00
160d68ebd3 fix README caseysmithrc 2018-09-04 09:36:36 -06:00
46c56eee4f Clean Up Style and README caseysmithrc 2018-09-04 09:28:28 -06:00
2e17e3d025 Generate docs from job=validate_atomics_generate_docs branch=technique-fixup-cs CircleCI Atomic Red Team doc generator 2018-09-03 14:54:17 +00:00
7fea6fc22a T1117 Cleanup/Fix caseysmithrc 2018-09-03 08:54:04 -06:00
edf4a88498 Generate docs from job=validate_atomics_generate_docs branch=technique-fixup-cs CircleCI Atomic Red Team doc generator 2018-09-03 04:26:30 +00:00
f48e47d408 updated T1050 ServiceCreate caseysmithrc 2018-09-02 22:26:13 -06:00
55e3679943 Added Invoke-AtomicTest with Switch statements caseysmithrc 2018-09-02 09:07:27 -06:00
f240060234 adjust Markdown caseysmithrc 2018-09-02 08:41:11 -06:00
f305a96b2c Added PowerShellExecution caseysmithrc 2018-09-02 08:39:32 -06:00
a08a5b0f1d Add README caseysmithrc 2018-09-02 08:32:17 -06:00
5d5d8ffaf4 Generate docs from job=validate_atomics_generate_docs branch=technique-fixup-cs CircleCI Atomic Red Team doc generator 2018-09-02 13:55:38 +00:00
b959a22cee Merge branch 'technique-fixup-cs' of https://github.com/redcanaryco/atomic-red-team into technique-fixup-cs caseysmithrc 2018-09-02 07:55:17 -06:00
50b9480bc9 PowerShell How to express caseysmithrc 2018-09-02 07:55:09 -06:00
b463c42c72 Generate docs from job=validate_atomics_generate_docs branch=technique-fixup-cs CircleCI Atomic Red Team doc generator 2018-09-02 13:32:38 +00:00
0c2d46bd83 Merge branch 'technique-fixup-cs' of https://github.com/redcanaryco/atomic-red-team into technique-fixup-cs caseysmithrc 2018-09-02 07:32:21 -06:00
bdfb0c8e5b typo caseysmithrc 2018-09-02 07:32:15 -06:00
f3bbe748a5 Generate docs from job=validate_atomics_generate_docs branch=technique-fixup-cs CircleCI Atomic Red Team doc generator 2018-09-02 13:26:08 +00:00
baca5415a1 use sc.exe explicitly caseysmithrc 2018-09-02 07:25:50 -06:00
7ce58bc1db Generate docs from job=validate_atomics_generate_docs branch=technique-fixup-cs CircleCI Atomic Red Team doc generator 2018-09-02 13:24:14 +00:00
19bc330d2d Fix T1050 Service Create caseysmithrc 2018-09-02 07:23:53 -06:00

... 56 57 58 59 60 ...