infosecn1nja
/
atomic-red-team
mirror of https://github.com/infosecn1nja/atomic-red-team.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
320 Commits
14 Branches
0 Tags
1.8 MiB
Commit Graph

320 Commits (patch-8)

Author SHA1 Message Date
Rahmat Nurfauzi ec5af82e6e
Update Disabling_Security_Tools.md 2018-04-13 20:29:22 +07:00
caseysmithrc 165607d242
Merge pull request #113 from redcanaryco/03082018 
How to Contrib and Lateral Movement
 2018-04-10 12:39:03 -06:00
Michael Haag 0bfdcfa480 Lateral Movement 
+ PtH
+ RDP
 2018-04-06 08:21:28 -04:00
caseysmithrc eced20df46
Merge pull request #108 from llandeilocymro/patch-1 
Create psexec
 2018-03-26 08:39:57 -06:00
caseysmithrc 5d0a121142
Merge pull request #111 from llandeilocymro/patch-3 
psexec for lateral movement
 2018-03-26 08:39:33 -06:00
llandeilocymro 5fd733a3ed
psexec for lateral movement 2018-03-26 14:44:21 +01:00
Michael Haag e71d08b5a6
Merge pull request #109 from llandeilocymro/patch-2 
cred dumping using the registry
 2018-03-21 14:13:50 -04:00
Michael Haag e10be818ef
Update Credential_Dumping.md 2018-03-21 14:13:10 -04:00
Michael Haag 6b3d5a1c69
Merge pull request #107 from ForensicITGuy/http-exfiltration 
Added test to exfil data over HTTP
 2018-03-20 12:33:45 -04:00
llandeilocymro c3bda067e2
cred dumping using the registry 2018-03-16 14:24:17 +00:00
llandeilocymro 1b3361896f
Create psexec 2018-03-16 14:00:33 +00:00
ForensicITGuy e9f7a6c9ed Added test to exfil data over HTTP 2018-03-15 17:03:14 -05:00
caseysmithrc fdde68b5e7
Merge pull request #104 from ForensicITGuy/linux-root-ca 
Added test to generate and trust root CA on Linux. Updated README.
 2018-03-14 21:47:32 -06:00
caseysmithrc 2869a65cde
Merge pull request #105 from ForensicITGuy/linux-file-deletion-etc 
Added File Deletion, Data Compression/Encryption, Data splitting tests
 2018-03-14 21:47:22 -06:00
caseysmithrc c5ed6a89f9
Update AtomicRedTeam.sct 2018-03-13 14:11:24 -06:00
Tony M Lambert 376512f6e2 Added File Deletion, Data Compression/Encryption, Data splitting tests 2018-03-12 01:32:55 -05:00
Tony M Lambert 779f2c71cc Added test to generate and trust root CA on Linux. Updated README. 2018-03-10 01:27:49 -06:00
caseysmithrc cbc36697f0
Merge pull request #103 from ForensicITGuy/disable-defenses 
Disable defenses on Linux
 2018-03-09 22:22:32 -07:00
Tony M Lambert 8346a7a1f5 Added tests for disable of firewall, syslog, Cb daemon, SELinux 2018-03-09 22:25:46 -06:00
Tony M Lambert 4f65330559 Added Remote File Copy tests on Linux and relevant README 2018-03-09 21:54:34 -06:00
Tony M Lambert 80a9487da3 Added test for timestomping on Linux with relevant README changes. 2018-03-09 19:51:46 -06:00
Michael Haag a023d346cb Contributions 
How to contrib
 2018-03-09 12:19:07 -06:00
caseysmithrc 82c57914fd
Merge pull request #100 from ForensicITGuy/master 
Added Hidden Files and Directories checks for Linux
 2018-03-08 22:57:25 -07:00
Tony M Lambert 8b8d6059ee Added Hidden Files and Directories checks for Linux 2018-03-08 23:52:30 -06:00
caseysmithrc 4874dbc78c
Merge pull request #99 from redcanaryco/03082018 
Technique Adds
 2018-03-08 13:31:55 -07:00
Michael Haag 27cb5a75c6 Fix 
updated
 2018-03-08 14:28:13 -06:00
Michael Haag 8ba1dc8a19 Technique Adds 
Private Keys
- Find them

DDE
- Reference: https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/

Data Staged
 2018-03-08 14:26:18 -06:00
Michael Haag a6134b19c0 Techniques and Readme 
Technique: Hidden Files and Directories

Technique: Logon Scripts
- Source: 1c9048e834/test-sets/persistence/userinit-mpr-logonscript.bat

Readme updates
 2018-03-08 08:11:24 -06:00
Michael Haag 5078248ca1
Merge pull request #95 from TacoRocket/master 
Added Screen Capture from Keylogger to Collection
 2018-03-06 09:20:01 -06:00
caseysmithrc c3377e74d6
Merge pull request #86 from ahogue-atlassian/master 
Add Custom C2 Protocol - Bitbucket Snippets
 2018-03-06 07:45:05 -07:00
Michael Haag e6622d0021
Updated title 2018-03-06 08:43:51 -06:00
ahogue-atlassian 3aa4c528d9
Merge branch 'master' into master 2018-03-06 09:05:52 +11:00
Colby Farley fd1e413566 Adds a method to detect when extended attributes are used to hide files and folders. 2018-03-01 16:11:28 -06:00
caseysmithrc 41801d14ed
Merge pull request #98 from clong/persistence_rc.common 
Adding Mac rc.common persistence
 2018-03-01 07:48:59 -07:00
Chris Long 96ce9fbbbf Adding Mac rc.common persistence 2018-03-01 00:57:54 -08:00
caseysmithrc 05a16f250d
Merge pull request #97 from JeremyNGalloway/master 
created Credential_Access/Credentials_in_Files.md w/o stored payload
 2018-02-28 16:52:24 -07:00
JeremyNGalloway 75145a2766
updated readme with link to Credential_Access/Credentials_in_Files.md 2018-02-28 16:44:33 -06:00
JeremyNGalloway 21cdce9777
initial upload 2018-02-28 16:43:07 -06:00
Colby Farley a7ee6830f7 Removed PowerShell payload 2018-02-28 11:32:07 -06:00
Colby Farley dea84864fa Added screen capture discovery for Mac 2018-02-28 11:30:41 -06:00
caseysmithrc ed1dd3cea0
Merge pull request #93 from JeremyNGalloway/master 
added a Linux Defense Evasion entry for Rootkits
 2018-02-27 13:21:49 -07:00
Colby Farley ac4762e283 Changed filename and fixed remaining markdown issue 2018-02-27 12:30:32 -06:00
Colby Farley 28ac11f0a1 Should fix Markdown issue 2018-02-27 12:26:54 -06:00
Colby Farley 18a1a5521c Added a method to download and install PowerShell on Mac 2018-02-27 12:23:53 -06:00
JeremyNGalloway 7ff3fb1ee1
Update README.md 2018-02-27 11:14:56 -06:00
JeremyNGalloway 56ed971cdd
Update README.md 2018-02-27 11:14:29 -06:00
JeremyNGalloway ee8b642728
updated README with links to Rootkits 2018-02-27 11:13:15 -06:00
JeremyNGalloway 08de1f2ead
Initial upload 2018-02-27 11:07:04 -06:00
Alexander Hogue 4353a6719e Merge branch 'master' of github.com:ahogue-atlassian/atomic-red-team 2018-02-27 14:26:46 +11:00
Alexander Hogue 1cdbdc51bf Move scripts to Payloads directory 2018-02-27 14:24:06 +11:00