Atomic Red Team doc generator
39 lines
1.3 KiB
YAML
39 lines
1.3 KiB
YAML
attack_technique: T1496
|
|
display_name: Resource Hijacking
|
|
atomic_tests:
|
|
- name: FreeBSD/macOS/Linux - Simulate CPU Load with Yes
|
|
auto_generated_guid: 904a5a0e-fb02-490d-9f8d-0e256eb37549
|
|
description: |
|
|
This test simulates a high CPU load as you might observe during cryptojacking attacks.
|
|
End the test by using CTRL/CMD+C to break.
|
|
supported_platforms:
|
|
- linux
|
|
- macos
|
|
executor:
|
|
command: |
|
|
yes > /dev/null
|
|
name: sh
|
|
|
|
- name: Windows - Simulate CPU Load with PowerShell
|
|
auto_generated_guid: 44315fb0-f78d-4cef-b10f-cf21c1fe2c75
|
|
description: |
|
|
This test simulates high CPU load using PowerShell, commonly seen in resource hijacking.
|
|
Spawns background jobs to stress CPU cores for a specified duration.
|
|
supported_platforms:
|
|
- windows
|
|
input_arguments:
|
|
duration_seconds:
|
|
description: Duration in seconds to run the CPU stress test
|
|
type: integer
|
|
default: 30
|
|
cpu_threads:
|
|
description: Number of threads to stress (default 4)
|
|
type: integer
|
|
default: 4
|
|
executor:
|
|
command: |
|
|
$end = (Get-Date).AddSeconds(#{duration_seconds})
|
|
1..#{cpu_threads} | ForEach-Object { Start-Job { param($t) while((Get-Date) -lt $t) { $i=0; while($i -lt 200000){$i++} } } -ArgumentList $end }
|
|
Get-Job | Wait-Job | Remove-Job
|
|
name: powershell
|