infosecn1nja
/
atomic-red-team
mirror of https://github.com/infosecn1nja/atomic-red-team.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
53 Commits
14 Branches
0 Tags
1.8 MiB
Commit Graph

29 Commits (61d4797e64718b31cc282a00e8046532f9213790)

Author SHA1 Message Date
Michael Haag 26854f24b0 System Network Configuration Discovery 
+ Added System Network Configuration Discovery
 2017-11-13 05:01:03 -08:00
Michael Haag 705f7d4dcf Powershell - Bloodhound 
Added single command to download and execute Bloodhound.
 2017-11-10 13:52:27 -08:00
Brian Beyer 3b03b3e9b8
Rename Windows.md to README.md 2017-11-04 15:36:03 -04:00
caseysmithrc 666594cf6e
Merge pull request #14 from redcanaryco/dev-mh 
GPP and bat fix
 2017-11-03 11:42:13 -06:00
Michael Haag d61e743c41 Discovery bat fix 
Removed a basic thing and made it even more basic
 2017-11-03 09:56:44 -07:00
Michael Haag e22d823c4b Credentials in Files 
+ Credentials in Files
+ add Get-GPPPassword.ps1
+ Update matrix
 2017-11-02 11:53:28 -07:00
caseysmithrc 2096d7d969
Merge pull request #13 from redcanaryco/dev-mh 
11-1-2017
 2017-11-01 17:38:33 -06:00
Michael Haag b48f9e5f22 Deobfuscate_Decode_Files_Or_Information 
Defense Evasion/Deobfuscate_Decode_Files_Or_Information Add
 2017-11-01 16:28:57 -07:00
Michael Haag a12f456ce3 remove ds 
dsstore goen
 2017-11-01 16:25:53 -07:00
caseysmithrc 06b210f766 certutil fix 2017-11-01 17:11:21 -06:00
Michael Haag 976f3ba40f Adds 
Security software discovery
system time discovery
 2017-11-01 16:02:40 -07:00
caseysmithrc 1e1ae19a33 certutil encode/decode 2017-11-01 16:52:46 -06:00
Michael Haag be85bb6afe Discovery bat 
+ Added reg queries to payload.
 2017-10-31 12:58:40 -07:00
Michael Haag 66c37e8b53 Evasion and exfil 
+ Added wevtutil and fsutil per what was used recently by BadBuddy Ransomware.
+ Added 2 ways to compress data with Powershell and rar.
 2017-10-31 12:56:52 -07:00
Michael Haag b144a64e43 Merge pull request #6 from redcanaryco/Collection 
Updated Windows Matrix
 2017-10-17 15:11:19 -07:00
Michael Haag 59722275f6 Updated Windows Matrix 
+ Added Clipboard Data
 2017-10-17 15:09:43 -07:00
caseysmithrc 0ad43f6b67 Merge pull request #5 from redcanaryco/Collection 
Windows - Collection
 2017-10-17 13:46:05 -06:00
Michael Haag cf3f201c94 Fix 
+ Line breaks
 2017-10-17 11:55:57 -07:00
Michael Haag 3c17d14b37 Fixed Clipboard 
+ Missing clip and made it completely compatible with powershell only now. No need to be in cmd.exe to start this.
 2017-10-16 13:19:20 -07:00
Matthew Green cfa399357b small change 2017-10-13 23:26:09 +11:00
Michael Haag 34dd80d94b Initial Commit 
+ Audio Capture
+ Automated Collection
+ Input Capture
+ collection bat
+ Payload
+ Updated Matrix
 2017-10-12 15:05:28 -07:00
Michael Haag 87743faf73 Discovery 
+ Added a Discovery bat file to run all the things at once. Generally, none of this activity is deemed "evil" as it is recon activity. Seeing it all run at once should be suspect to anyone.
+ Updates to two discovery files.
 2017-10-12 10:35:44 -07:00
caseysmithrc 086c43c191 Update Windows.md 2017-10-12 08:05:08 -07:00
Roman 09a3c0b2e5 Broken links 
due to typos
 2017-10-12 11:21:14 +02:00
Michael Haag 4d6d676be5 Cleanup 
Small adds and changes
 2017-10-11 20:27:24 -07:00
caseysmithrc 623ba37c58 Update Windows.md 2017-10-11 10:47:01 -07:00
caseysmithrc 479acc3aa8 Update Windows.md 2017-10-11 10:46:12 -07:00
caseysmithrc 07c4d38ce7 Update Windows.md 2017-10-11 10:44:33 -07:00
caseysmithrc ac8dd2cfec Initial Commit 
Initial Checkin
 2017-10-11 10:35:17 -07:00