55 lines
924 B
YAML
55 lines
924 B
YAML
version: 1
|
|
file_type: group-administration
|
|
platform:
|
|
- Windows
|
|
- Azure AD
|
|
groups:
|
|
- group_name: Red team
|
|
campaign: Scenario 1
|
|
technique_id:
|
|
- T1566.002
|
|
- T1059.001
|
|
- T1053.005
|
|
- T1204.001
|
|
- T1003.001
|
|
- T1055
|
|
- T1027.002
|
|
- T1218.011
|
|
- T1070.006
|
|
- T1082
|
|
- T1016
|
|
- T1033
|
|
- T1087.002
|
|
- T1550.002
|
|
- T1057
|
|
- T1039
|
|
- T1041
|
|
- T1071.001
|
|
- T1001.003
|
|
- T1114.003
|
|
- T1560.003
|
|
software_id:
|
|
- S0002
|
|
enabled: true
|
|
- group_name: Red team
|
|
campaign: Ransomware
|
|
technique_id:
|
|
- T1078.004
|
|
- T1136.003
|
|
- T1053.005
|
|
- T1055
|
|
- T1003.001
|
|
- T1033
|
|
- T1021.006
|
|
- T1071.001
|
|
- T1001.003
|
|
- T1041
|
|
- T1039
|
|
- T1566.002
|
|
- T1078.002
|
|
- T1036.003
|
|
- T1486
|
|
- T1083
|
|
software_id: []
|
|
enabled: false
|