security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1663bf7d524b6fc8a9a39104feb2949b36368dfc
atomic-red-team/atomics/T1146/T1146.yaml
T
Michael Haag f09c2aef6a Bunches of Mac converted to YAML
2018-05-25 12:21:10 -04:00

72 lines
1.4 KiB
YAML
Raw Blame History

---
attack_technique: T1146
display_name: Clear Command History
atomic_tests:
- name: Clear Bash history (rm)
description: |
Clears bash history via rm
supported_platforms:
- linux
- macos
executor:
name: sh
command: |
rm ~/.bash_history
- name: Clear Bash history (echo)
description: |
Clears bash history via rm
supported_platforms:
- linux
- macos
executor:
name: sh
command: |
echo "" > ~/.bash_history
- name: Clear Bash history (cat dev/null)
description: |
Clears bash history via cat /dev/null
supported_platforms:
- linux
- macos
executor:
name: sh
command: |
cat /dev/null > ~/.bash_history
- name: Clear Bash history (ln dev/null)
description: |
Clears bash history via a symlink to /dev/null
supported_platforms:
- linux
- macos
executor:
name: sh
command: |
ln -sf /dev/null ~/.bash_history
- name: Clear Bash history (truncate)
description: |
Clears bash history via truncate
supported_platforms:
- linux
executor:
name: sh
command: |
truncate -s0 ~/.bash_history
- name: Clear history of a bunch of shells
description: |
Clears the history of a bunch of different shell types by setting the history size to zero
supported_platforms:
- linux
- macos
executor:
name: sh
command: |
unset HISTFILE
export HISTFILESIZE=0
history -c
Reference in New Issue View Git Blame Copy Permalink