T

sai prashanth pulisetti e9051bed60 Update T1490.yaml "Modify VSS Service Permissions" (#2668 )

* Update T1490.yaml "Modify VSS Service Permissions"

Modify permissions of the VSS service to inhibit system recovery. This test alters the security settings of the Volume Shadow Copy Service (VSS), potentially impacting system recovery operations. It should be conducted only in a controlled environment. The executor must have administrative privileges to modify service permissions. Note that this test does not include a cleanup command; thus, the changes will persist after execution. Ensure that you have a backup or a system recovery plan in place before running this test. Running this test on a production system or critical environment is not recommended without proper precautions.

* Update T1490.yaml

updated guid

* Update T1490.yaml

updated description and clean up command

* Update T1490.yaml

updated indentations

* Update T1490.yaml

* Update T1490.yaml

---------

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>

2024-01-31 17:26:10 -06:00

.devcontainer

Github Codespace added (#2644 )

2023-12-22 15:43:02 -06:00

.github

tokens added (#2506 )

2023-08-01 21:23:11 -06:00

atomic_red_team

Update attack_api.rb (#2624 )

2023-11-28 10:01:37 -06:00

atomics

Update T1490.yaml "Modify VSS Service Permissions" (#2668 )

2024-01-31 17:26:10 -06:00

bin

Fix schema validation (#2666 )

2024-01-20 14:44:16 -06:00

static

adding demo gif (#2051 )

2022-08-03 09:18:01 -06:00

.gitignore

T1055.011 - Process Injection: Extra Window Memory Injection (#2539 )

2023-10-03 07:05:41 -04:00

atomic-red-team.gemspec

Update atomic-red-team.gemspec (#1719 )

2022-01-12 14:45:52 -07:00

CODE_OF_CONDUCT.md

Update CODE_OF_CONDUCT.md (#1934 )

2022-05-10 08:31:53 -06:00

Gemfile

Add microsite (#250 )

2018-06-13 19:33:59 -06:00

LICENSE.txt

move bin scripts into bin, apis into atomic-red-team

2018-05-11 06:49:20 +02:00

poetry.lock

Bump jsonschema from 4.20.0 to 4.21.1 (#2667 )

2024-01-29 10:21:26 -06:00

pyproject.toml

Bump jsonschema from 4.20.0 to 4.21.1 (#2667 )

2024-01-29 10:21:26 -06:00

README.md

updating atomics count in README.md [ci skip]

2024-01-31 23:23:39 +00:00

README.md

Atomic Red Team

Atomic Red Team™ is a library of tests mapped to the MITRE ATT&CK® framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.

Get started

You can execute atomic tests directly from the command line, no installation required. See the Getting started page of our wiki.

For a more robust testing experience, consider using an execution framework like Invoke-Atomic.

Learn more

The Atomic Red Team documentation is available as a wiki.

For information about the philosophy and development of Atomic Red Team, visit our website at https://atomicredteam.io.

Contribute to Atomic Red Team

Atomic Red Team is open source and community developed. If you're interested in becoming a contributor, check out these resources:

Join our Slack workspace and get involved with the community. Don't forget to review the code of conduct before you join.
Report bugs and request new features by submitting an issue.
Read our contribution guide for more information about contributing directly to this repository.
Check the license for information regarding the distribution and modification of Atomic Red Team.
Contribute to linux atomics quickly from GitHub Codespaces. For more details, click here

Languages

C 38.7%

PowerShell 13.3%

Go 11.4%

Java 7.8%

C# 6.8%

Other 21.7%