├── .circleci └── config.yml ├── .github ├── ISSUE_TEMPLATE │ ├── idea.md │ ├── new_atomic.md │ ├── problem_report.md │ └── website_change.md └── pull_request_template.md ├── .gitignore ├── ARTifacts ├── Adversary │ └── Dragons_Tail │ │ ├── DragonsTail.vba │ │ └── README.md ├── Atomic_Friday │ ├── 2020-05-01 │ │ ├── Atomic_Friday.md │ │ ├── BuildAtomicTest_ps1 │ │ └── Getting_Lateral.md │ ├── 2020-06-05 │ │ └── Atomic_Friday.md │ └── README.md ├── Chain_Reactions │ ├── README.md │ ├── atomic-hello │ ├── atomic-hello.c │ ├── atomic-hello.cs │ ├── atomic-hello.exe │ ├── atomic-hello.macos │ ├── chain_reaction_Argonaut.ps1 │ ├── chain_reaction_Cyclotron.bat │ ├── chain_reaction_DragonsTail.bat │ ├── chain_reaction_DragonsTail.ps1 │ ├── chain_reaction_Fission.bat │ ├── chain_reaction_Plutonium.bat │ ├── chain_reaction_Ranger.sh │ ├── chain_reaction_Reactor.bat │ ├── cookie-miner-backdoor-launchagent.plist │ ├── cookie-miner-payload-launchagent.plist │ ├── cookie-miner-stage-01.sh │ ├── cookie-miner-stage-02.py │ ├── dragonstail_benign.ps1 │ ├── mirai-reaction-stage-01.sh │ ├── qbot_infection_reaction.vbs │ ├── rocke-and-roll-stage-01.sh │ ├── rocke-and-roll-stage-02-base64.sh │ └── rocke-and-roll-stage-02-decoded.sh ├── Initial_Access │ ├── Atomic.doc │ ├── AtomicHTA.hta │ ├── Listener.md │ ├── Office_Macro_COM.md │ ├── Zipped_Malware.md │ ├── generate-macro.ps1 │ └── hta.md ├── Labs │ └── Webinar11062017-Labs.bat └── Misc │ ├── Discovery.bat │ └── flag.txt ├── CODE_OF_CONDUCT.md ├── Gemfile ├── Gemfile.lock ├── LICENSE.txt ├── README.md ├── atomic-red-team.gemspec ├── atomic_red_team ├── atomic_doc_template.md.erb ├── atomic_execution_template.html.erb ├── atomic_red_team.rb ├── atomic_test_template.yaml ├── attack_api.rb ├── enterprise-attack.json └── spec.yaml ├── atomics ├── Indexes │ ├── Attack-Navigator-Layers │ │ ├── art-navigator-layer-linux.json │ │ ├── art-navigator-layer-macos.json │ │ ├── art-navigator-layer-windows.json │ │ └── art-navigator-layer.json │ ├── Indexes-CSV │ │ ├── index.csv │ │ ├── linux-index.csv │ │ ├── macos-index.csv │ │ └── windows-index.csv │ ├── Indexes-Markdown │ │ ├── index.md │ │ ├── linux-index.md │ │ ├── macos-index.md │ │ └── windows-index.md │ ├── Matrices │ │ ├── linux-matrix.md │ │ ├── macos-matrix.md │ │ ├── matrix.md │ │ └── windows-matrix.md │ └── index.yaml ├── T1003.001 │ ├── T1003.001.md │ └── T1003.001.yaml ├── T1003.002 │ ├── T1003.002.md │ └── T1003.002.yaml ├── T1003.003 │ ├── T1003.003.md │ └── T1003.003.yaml ├── T1003.004 │ ├── T1003.004.md │ └── T1003.004.yaml ├── T1003 │ ├── T1003.md │ └── T1003.yaml ├── T1006 │ ├── T1006.md │ └── T1006.yaml ├── T1007 │ ├── T1007.md │ └── T1007.yaml ├── T1010 │ ├── T1010.md │ ├── T1010.yaml │ └── src │ │ └── T1010.cs ├── T1012 │ ├── T1012.md │ └── T1012.yaml ├── T1014 │ ├── T1014.md │ ├── T1014.yaml │ ├── bin │ │ └── puppetstrings.exe │ └── src │ │ └── Linux │ │ ├── Makefile │ │ └── T1014.c ├── T1016 │ ├── T1016.md │ ├── T1016.yaml │ └── src │ │ ├── qakbot.bat │ │ └── top-128.txt ├── T1018 │ ├── T1018.md │ └── T1018.yaml ├── T1020 │ ├── T1020.md │ └── T1020.yaml ├── T1021.001 │ ├── T1021.001.md │ └── T1021.001.yaml ├── T1021.002 │ ├── T1021.002.md │ └── T1021.002.yaml ├── T1021.003 │ ├── T1021.003.md │ └── T1021.003.yaml ├── T1021.006 │ ├── T1021.006.md │ └── T1021.006.yaml ├── T1027.001 │ ├── T1027.001.md │ └── T1027.001.yaml ├── T1027.002 │ ├── T1027.002.md │ ├── T1027.002.yaml │ ├── bin │ │ ├── darwin │ │ │ ├── test_upx │ │ │ └── test_upx_header_changed │ │ └── linux │ │ │ ├── test_upx │ │ │ └── test_upx_header_changed │ └── src │ │ ├── test.c │ │ └── test.h ├── T1027.004 │ ├── T1027.004.md │ ├── T1027.004.yaml │ ├── bin │ │ └── T1027.004_DynamicCompile.exe │ └── src │ │ ├── DynamicCompile.cs │ │ └── calc.cs ├── T1027 │ ├── T1027.md │ ├── T1027.yaml │ └── bin │ │ └── T1027.zip ├── T1030 │ ├── T1030.md │ └── T1030.yaml ├── T1033 │ ├── T1033.md │ └── T1033.yaml ├── T1036.003 │ ├── T1036.003.md │ ├── T1036.003.yaml │ ├── bin │ │ └── T1036.003.exe │ └── src │ │ ├── T1036.003.SED │ │ ├── T1036.003_masquerading.ps1 │ │ ├── T1036.003_masquerading.vbs │ │ └── T1036.003_test.bat ├── T1036.004 │ ├── T1036.004.md │ └── T1036.004.yaml ├── T1036.006 │ ├── T1036.006.md │ └── T1036.006.yaml ├── T1037.001 │ ├── T1037.001.md │ └── T1037.001.yaml ├── T1037.002 │ ├── T1037.002.md │ └── T1037.002.yaml ├── T1037.004 │ ├── T1037.004.md │ └── T1037.004.yaml ├── T1037.005 │ ├── T1037.005.md │ └── T1037.005.yaml ├── T1040 │ ├── T1040.md │ └── T1040.yaml ├── T1046 │ ├── T1046.md │ └── T1046.yaml ├── T1047 │ ├── T1047.md │ └── T1047.yaml ├── T1048.003 │ ├── T1048.003.md │ └── T1048.003.yaml ├── T1048 │ ├── T1048.md │ └── T1048.yaml ├── T1049 │ ├── T1049.md │ └── T1049.yaml ├── T1053.001 │ ├── T1053.001.md │ └── T1053.001.yaml ├── T1053.002 │ ├── T1053.002.md │ └── T1053.002.yaml ├── T1053.003 │ ├── T1053.003.md │ └── T1053.003.yaml ├── T1053.004 │ ├── T1053.004.md │ ├── T1053.004.yaml │ └── src │ │ └── atomicredteam_T1053_004.plist ├── T1053.005 │ ├── T1053.005.md │ └── T1053.005.yaml ├── T1055.004 │ ├── T1055.004.md │ ├── T1055.004.yaml │ ├── bin │ │ └── T1055.exe │ └── src │ │ ├── Linux │ │ └── T1055.c │ │ ├── T1055.cpp │ │ ├── T1055.cs │ │ ├── Win32 │ │ └── T1055.dll │ │ └── x64 │ │ └── T1055.dll ├── T1055.012 │ ├── T1055.012.md │ ├── T1055.012.yaml │ └── src │ │ └── Start-Hollow.ps1 ├── T1055 │ ├── T1055.md │ ├── T1055.yaml │ └── src │ │ ├── Linux │ │ └── T1055.c │ │ ├── T1055.cpp │ │ ├── T1055.cs │ │ ├── Win32 │ │ └── T1055.dll │ │ └── x64 │ │ └── T1055.dll ├── T1056.001 │ ├── T1056.001.md │ ├── T1056.001.yaml │ └── src │ │ └── Get-Keystrokes.ps1 ├── T1056.002 │ ├── T1056.002.md │ └── T1056.002.yaml ├── T1056.004 │ ├── T1056.004.md │ ├── T1056.004.yaml │ ├── bin │ │ ├── T1056.004x64.dll │ │ └── T1056.004x86.dll │ └── src │ │ ├── T1056.004.sln │ │ ├── T1056.004 │ │ ├── T1056.004.cpp │ │ ├── T1056.004.vcxproj │ │ ├── T1056.004.vcxproj.filters │ │ └── T1056.004.vcxproj.user │ │ ├── Win32 │ │ └── T1056.004.dll │ │ └── x64 │ │ └── T1056.004.dll ├── T1057 │ ├── T1057.md │ └── T1057.yaml ├── T1059.001 │ ├── T1059.001.md │ ├── T1059.001.yaml │ └── src │ │ ├── Invoke-DownloadCradle.ps1 │ │ ├── mshta.sct │ │ ├── test.ps1 │ │ ├── test.sct │ │ ├── test.xml │ │ └── test.xsl ├── T1059.002 │ ├── T1059.002.md │ └── T1059.002.yaml ├── T1059.003 │ ├── T1059.003.md │ └── T1059.003.yaml ├── T1059.004 │ ├── T1059.004.md │ ├── T1059.004.yaml │ └── src │ │ └── echo-art-fish.sh ├── T1059.005 │ ├── T1059.005.md │ ├── T1059.005.yaml │ └── src │ │ └── sys_info.vbs ├── T1069.001 │ ├── T1069.001.md │ └── T1069.001.yaml ├── T1069.002 │ ├── T1069.002.md │ └── T1069.002.yaml ├── T1069.003 │ └── T1069.003.yaml ├── T1070.001 │ ├── T1070.001.md │ └── T1070.001.yaml ├── T1070.002 │ ├── T1070.002.md │ └── T1070.002.yaml ├── T1070.003 │ ├── T1070.003.md │ └── T1070.003.yaml ├── T1070.004 │ ├── T1070.004.md │ └── T1070.004.yaml ├── T1070.005 │ ├── T1070.005.md │ └── T1070.005.yaml ├── T1070.006 │ ├── T1070.006.md │ └── T1070.006.yaml ├── T1070 │ ├── T1070.md │ └── T1070.yaml ├── T1071.001 │ ├── T1071.001.md │ └── T1071.001.yaml ├── T1071.004 │ ├── T1071.004.md │ ├── T1071.004.yaml │ └── src │ │ ├── T1071-dns-beacon.ps1 │ │ └── T1071-dns-domain-length.ps1 ├── T1074.001 │ ├── T1074.001.md │ ├── T1074.001.yaml │ ├── bin │ │ └── Folder_to_zip │ │ │ └── T1074.txt │ └── src │ │ ├── Discovery.bat │ │ └── Discovery.sh ├── T1078.001 │ ├── T1078.001.md │ └── T1078.001.yaml ├── T1082 │ ├── T1082.md │ └── T1082.yaml ├── T1083 │ ├── T1083.md │ └── T1083.yaml ├── T1087.001 │ ├── T1087.001.md │ └── T1087.001.yaml ├── T1087.002 │ ├── T1087.002.md │ ├── T1087.002.yaml │ └── src │ │ ├── AdFind.exe │ │ └── adcsv.pl ├── T1087.004 │ └── T1087.004.yaml ├── T1090.001 │ ├── T1090.001.md │ └── T1090.001.yaml ├── T1095 │ ├── T1095.md │ └── T1095.yaml ├── T1098.004 │ ├── T1098.004.md │ └── T1098.004.yaml ├── T1098 │ ├── T1098.md │ └── T1098.yaml ├── T1105 │ ├── T1105.md │ └── T1105.yaml ├── T1106 │ ├── T1106.md │ ├── T1106.yaml │ └── src │ │ └── CreateProcess.cs ├── T1110.001 │ ├── T1110.001.md │ └── T1110.001.yaml ├── T1110.002 │ ├── T1110.002.md │ ├── T1110.002.yaml │ └── src │ │ ├── password.lst │ │ └── sam.txt ├── T1110.003 │ ├── T1110.003.md │ ├── T1110.003.yaml │ └── src │ │ └── parse_net_users.bat ├── T1112 │ ├── T1112.md │ └── T1112.yaml ├── T1113 │ ├── T1113.md │ └── T1113.yaml ├── T1114.001 │ ├── T1114.001.md │ ├── T1114.001.yaml │ └── src │ │ └── Get-Inbox.ps1 ├── T1115 │ ├── T1115.md │ └── T1115.yaml ├── T1119 │ ├── T1119.md │ └── T1119.yaml ├── T1123 │ ├── T1123.md │ └── T1123.yaml ├── T1124 │ ├── T1124.md │ └── T1124.yaml ├── T1127.001 │ ├── T1127.001.md │ ├── T1127.001.yaml │ └── src │ │ └── T1127.001.csproj ├── T1132.001 │ ├── T1132.001.md │ └── T1132.001.yaml ├── T1134.001 │ ├── T1134.001.md │ └── T1134.001.yaml ├── T1134.004 │ ├── T1134.004.md │ ├── T1134.004.yaml │ ├── bin │ │ └── calc.dll │ └── src │ │ ├── PPID-Spoof.ps1 │ │ └── calc.c ├── T1135 │ ├── T1135.md │ └── T1135.yaml ├── T1136.001 │ ├── T1136.001.md │ └── T1136.001.yaml ├── T1136.002 │ ├── T1136.002.md │ └── T1136.002.yaml ├── T1136.003 │ └── T1136.003.yaml ├── T1137.002 │ ├── T1137.002.md │ └── T1137.002.yaml ├── T1140 │ ├── T1140.md │ └── T1140.yaml ├── T1176 │ ├── T1176.md │ ├── T1176.yaml │ └── src │ │ ├── inline.js │ │ └── manifest.json ├── T1197 │ ├── T1197.md │ └── T1197.yaml ├── T1201 │ ├── T1201.md │ └── T1201.yaml ├── T1202 │ ├── T1202.md │ └── T1202.yaml ├── T1204.002 │ ├── T1204.002.md │ └── T1204.002.yaml ├── T1207 │ ├── T1207.md │ └── T1207.yaml ├── T1216.001 │ ├── T1216.001.md │ ├── T1216.001.yaml │ └── src │ │ └── T1216.001.sct ├── T1216 │ ├── T1216.md │ └── T1216.yaml ├── T1217 │ ├── T1217.md │ └── T1217.yaml ├── T1218.001 │ ├── T1218.001.md │ ├── T1218.001.yaml │ └── src │ │ ├── T1218.001.chm │ │ ├── T1218.001.hhp │ │ └── T1218.001.html ├── T1218.002 │ ├── T1218.002.md │ ├── T1218.002.yaml │ ├── bin │ │ └── calc.cpl │ └── src │ │ └── calc.cpp ├── T1218.003 │ ├── T1218.003.md │ ├── T1218.003.yaml │ └── src │ │ ├── T1218.003.inf │ │ └── T1218.003_uacbypass.inf ├── T1218.004 │ ├── T1218.004.md │ ├── T1218.004.yaml │ └── src │ │ └── InstallUtilTestHarness.ps1 ├── T1218.005 │ ├── T1218.005.md │ ├── T1218.005.yaml │ └── src │ │ ├── T1218.005.hta │ │ ├── mshta.sct │ │ └── powershell.ps1 ├── T1218.007 │ ├── T1218.007.md │ ├── T1218.007.yaml │ └── src │ │ ├── T1218.cpp │ │ ├── Win32 │ │ └── T1218.msi │ │ └── x64 │ │ └── T1218.dll ├── T1218.008 │ ├── T1218.008.md │ ├── T1218.008.yaml │ └── src │ │ ├── T1218-2.cpp │ │ └── Win32 │ │ └── T1218-2.dll ├── T1218.009 │ ├── T1218.009.md │ ├── T1218.009.yaml │ └── src │ │ └── T1218.009.cs ├── T1218.010 │ ├── T1218.010.md │ ├── T1218.010.yaml │ ├── bin │ │ ├── AllTheThingsx64.dll │ │ └── AllTheThingsx86.dll │ └── src │ │ ├── AllTheThings.cs │ │ └── RegSvr32.sct ├── T1218.011 │ ├── T1218.011.md │ ├── T1218.011.yaml │ └── src │ │ ├── T1218.011.inf │ │ ├── T1218.011.sct │ │ └── T1218.011_DefaultInstall.inf ├── T1218 │ ├── T1218.md │ ├── T1218.yaml │ └── src │ │ ├── Infdefaultinstall.inf │ │ ├── T1218-2.cpp │ │ ├── T1218.cpp │ │ ├── T1218Test.docx │ │ ├── Win32 │ │ ├── T1218-2.dll │ │ └── T1218.dll │ │ └── x64 │ │ └── T1218.dll ├── T1219 │ ├── T1219.md │ └── T1219.yaml ├── T1220 │ ├── T1220.md │ ├── T1220.yaml │ └── src │ │ ├── msxslscript.xsl │ │ ├── msxslxmlfile.xml │ │ └── wmicscript.xsl ├── T1222.001 │ ├── T1222.001.md │ └── T1222.001.yaml ├── T1222.002 │ ├── T1222.002.md │ └── T1222.002.yaml ├── T1482 │ ├── T1482.md │ └── T1482.yaml ├── T1485 │ ├── T1485.md │ └── T1485.yaml ├── T1489 │ ├── T1489.md │ └── T1489.yaml ├── T1490 │ ├── T1490.md │ └── T1490.yaml ├── T1496 │ ├── T1496.md │ └── T1496.yaml ├── T1497.001 │ ├── T1497.001.md │ └── T1497.001.yaml ├── T1505.002 │ ├── T1505.002.md │ └── T1505.002.yaml ├── T1505.003 │ ├── T1505.003.md │ ├── T1505.003.yaml │ └── src │ │ ├── b.jsp │ │ ├── cmd.aspx │ │ └── tests.jsp ├── T1518.001 │ ├── T1518.001.md │ └── T1518.001.yaml ├── T1518 │ ├── T1518.md │ └── T1518.yaml ├── T1529 │ ├── T1529.md │ └── T1529.yaml ├── T1531 │ ├── T1531.md │ └── T1531.yaml ├── T1543.001 │ ├── T1543.001.md │ ├── T1543.001.yaml │ └── src │ │ └── atomicredteam_T1543_001.plist ├── T1543.002 │ ├── T1543.002.md │ └── T1543.002.yaml ├── T1543.003 │ ├── T1543.003.md │ ├── T1543.003.yaml │ ├── bin │ │ └── AtomicService.exe │ └── src │ │ └── AtomicService.cs ├── T1543.004 │ ├── T1543.004.md │ ├── T1543.004.yaml │ └── src │ │ └── atomicredteam_T1543_004.plist ├── T1546.001 │ ├── T1546.001.md │ └── T1546.001.yaml ├── T1546.002 │ ├── T1546.002.md │ └── T1546.002.yaml ├── T1546.003 │ ├── T1546.003.md │ └── T1546.003.yaml ├── T1546.004 │ ├── T1546.004.md │ └── T1546.004.yaml ├── T1546.005 │ ├── T1546.005.md │ ├── T1546.005.yaml │ └── src │ │ └── echo-art-fish.sh ├── T1546.007 │ ├── T1546.007.md │ └── T1546.007.yaml ├── T1546.008 │ ├── T1546.008.md │ └── T1546.008.yaml ├── T1546.010 │ ├── T1546.010.md │ ├── T1546.010.yaml │ ├── bin │ │ ├── T1546.010.dll │ │ └── T1546.010x86.dll │ └── src │ │ ├── T1546.010-cleanup.reg │ │ ├── T1546.010.dll.cpp │ │ └── T1546.010.reg ├── T1546.011 │ ├── T1546.011.md │ ├── T1546.011.yaml │ ├── bin │ │ ├── AtomicShimx86.sdb │ │ ├── AtomicTest.dll │ │ ├── AtomicTest.exe │ │ └── T1546.011CompatDatabase.sdb │ └── src │ │ ├── AtomicTest.cs │ │ └── AtomicTest.dll.cpp ├── T1546.012 │ ├── T1546.012.md │ └── T1546.012.yaml ├── T1546.013 │ ├── T1546.013.md │ └── T1546.013.yaml ├── T1546.014 │ ├── T1546.014.md │ ├── T1546.014.yaml │ └── src │ │ └── T1546.014_emond.plist ├── T1547.001 │ ├── T1547.001.md │ ├── T1547.001.yaml │ └── src │ │ ├── batstartup.bat │ │ ├── jsestartup.jse │ │ └── vbsstartup.vbs ├── T1547.004 │ ├── T1547.004.md │ └── T1547.004.yaml ├── T1547.005 │ ├── T1547.005.md │ └── T1547.005.yaml ├── T1547.006 │ ├── T1547.006.md │ ├── T1547.006.yaml │ └── src │ │ ├── Makefile │ │ └── T1547006.c ├── T1547.007 │ ├── T1547.007.md │ └── T1547.007.yaml ├── T1547.009 │ ├── T1547.009.md │ └── T1547.009.yaml ├── T1547.010 │ ├── T1547.010.yaml │ └── src │ │ ├── Win32 │ │ └── T1547.dll │ │ └── x64 │ │ └── T1547.dll ├── T1547.011 │ ├── T1547.011.md │ └── T1547.011.yaml ├── T1548.001 │ ├── T1548.001.md │ ├── T1548.001.yaml │ └── src │ │ └── hello.c ├── T1548.002 │ ├── T1548.002.md │ └── T1548.002.yaml ├── T1548.003 │ ├── T1548.003.md │ └── T1548.003.yaml ├── T1550.002 │ ├── T1550.002.md │ └── T1550.002.yaml ├── T1550.003 │ ├── T1550.003.md │ └── T1550.003.yaml ├── T1552.001 │ ├── T1552.001.md │ └── T1552.001.yaml ├── T1552.002 │ ├── T1552.002.md │ └── T1552.002.yaml ├── T1552.003 │ ├── T1552.003.md │ └── T1552.003.yaml ├── T1552.004 │ ├── T1552.004.md │ └── T1552.004.yaml ├── T1552.006 │ ├── T1552.006.md │ └── T1552.006.yaml ├── T1553.001 │ ├── T1553.001.md │ └── T1553.001.yaml ├── T1553.004 │ ├── T1553.004.md │ └── T1553.004.yaml ├── T1555.001 │ ├── T1555.001.md │ └── T1555.001.yaml ├── T1555.003 │ ├── T1555.003.md │ └── T1555.003.yaml ├── T1556.002 │ ├── T1556.002.md │ └── T1556.002.yaml ├── T1558.003 │ ├── T1558.003.md │ └── T1558.003.yaml ├── T1559.002 │ ├── T1559.002.md │ ├── T1559.002.yaml │ ├── bin │ │ └── DDE_Document.docx │ └── src │ │ └── PowerShell_Script_For_DDE_Document.ps1 ├── T1560.001 │ ├── T1560.001.md │ └── T1560.001.yaml ├── T1560 │ ├── T1560.md │ └── T1560.yaml ├── T1562.001 │ ├── T1562.001.md │ └── T1562.001.yaml ├── T1562.002 │ ├── T1562.002.md │ └── T1562.002.yaml ├── T1562.003 │ ├── T1562.003.md │ └── T1562.003.yaml ├── T1562.004 │ ├── T1562.004.md │ ├── T1562.004.yaml │ └── bin │ │ └── AtomicTest.exe ├── T1562.006 │ ├── T1562.006.md │ └── T1562.006.yaml ├── T1563.002 │ ├── T1563.002.md │ └── T1563.002.yaml ├── T1564.001 │ ├── T1564.001.md │ └── T1564.001.yaml ├── T1564.002 │ ├── T1564.002.md │ └── T1564.002.yaml ├── T1564.003 │ ├── T1564.003.md │ └── T1564.003.yaml ├── T1564.004 │ ├── T1564.004.md │ ├── T1564.004.yaml │ └── src │ │ └── test.ps1 ├── T1566.001 │ ├── T1566.001.md │ ├── T1566.001.yaml │ └── bin │ │ └── PhishingAttachment.xlsm ├── T1569.001 │ ├── T1569.001.md │ └── T1569.001.yaml ├── T1569.002 │ ├── T1569.002.md │ └── T1569.002.yaml ├── T1571 │ ├── T1571.md │ └── T1571.yaml ├── T1573 │ ├── T1573.md │ └── T1573.yaml ├── T1574.001 │ ├── T1574.001.md │ └── T1574.001.yaml ├── T1574.002 │ ├── T1574.002.md │ ├── T1574.002.yaml │ ├── bin │ │ ├── GUP.exe │ │ └── libcurl.dll │ └── src │ │ └── libcurl.c ├── T1574.006 │ ├── T1574.006.md │ ├── T1574.006.yaml │ └── src │ │ └── Linux │ │ └── T1574.006.c ├── T1574.009 │ ├── T1574.009.md │ ├── T1574.009.yaml │ └── bin │ │ └── WindowsServiceExample.exe ├── T1574.011 │ ├── T1574.011.md │ └── T1574.011.yaml ├── T1574.012 │ ├── T1574.012.md │ ├── T1574.012.yaml │ ├── bin │ │ └── T1574.012x64.dll │ └── src │ │ ├── atomicNotepad.sln │ │ ├── atomicNotepad │ │ ├── atomicNotepad.vcxproj │ │ ├── atomicNotepad.vcxproj.filters │ │ ├── atomicNotepad.vcxproj.user │ │ ├── dllmain.cpp │ │ ├── framework.h │ │ ├── pch.cpp │ │ └── pch.h │ │ └── x64 │ │ └── Release │ │ └── atomicNotepad.dll └── used_guids.txt ├── bin ├── generate-atomic-docs.rb ├── generate-guids.rb ├── new-atomic.rb └── validate-atomics.rb └── docs ├── CNAME ├── _config.yml ├── _layouts └── default.html ├── apis.md ├── assets ├── css │ └── style.scss ├── images │ ├── favicon.png │ ├── list-of-tests.png │ └── technique-md-example.png └── javascripts │ └── roll-the-dice.js ├── contributing.md ├── index.md ├── maintainers.md ├── related.md ├── roll-the-dice.md ├── testing.md └── use-cases.md /.circleci/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/.circleci/config.yml -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/idea.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/.github/ISSUE_TEMPLATE/idea.md -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/new_atomic.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/.github/ISSUE_TEMPLATE/new_atomic.md -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/problem_report.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/.github/ISSUE_TEMPLATE/problem_report.md -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/website_change.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/.github/ISSUE_TEMPLATE/website_change.md -------------------------------------------------------------------------------- /.github/pull_request_template.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/.github/pull_request_template.md -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/.gitignore -------------------------------------------------------------------------------- /ARTifacts/Adversary/Dragons_Tail/DragonsTail.vba: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Adversary/Dragons_Tail/DragonsTail.vba -------------------------------------------------------------------------------- /ARTifacts/Adversary/Dragons_Tail/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Adversary/Dragons_Tail/README.md -------------------------------------------------------------------------------- /ARTifacts/Atomic_Friday/2020-05-01/Atomic_Friday.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Atomic_Friday/2020-05-01/Atomic_Friday.md -------------------------------------------------------------------------------- /ARTifacts/Atomic_Friday/2020-05-01/BuildAtomicTest_ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Atomic_Friday/2020-05-01/BuildAtomicTest_ps1 -------------------------------------------------------------------------------- /ARTifacts/Atomic_Friday/2020-05-01/Getting_Lateral.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Atomic_Friday/2020-05-01/Getting_Lateral.md -------------------------------------------------------------------------------- /ARTifacts/Atomic_Friday/2020-06-05/Atomic_Friday.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Atomic_Friday/2020-06-05/Atomic_Friday.md -------------------------------------------------------------------------------- /ARTifacts/Atomic_Friday/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Atomic_Friday/README.md -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/README.md: -------------------------------------------------------------------------------- 1 | # Chain Reactions 2 | -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/atomic-hello: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/atomic-hello -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/atomic-hello.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/atomic-hello.c -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/atomic-hello.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/atomic-hello.cs -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/atomic-hello.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/atomic-hello.exe -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/atomic-hello.macos: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/atomic-hello.macos -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/chain_reaction_Argonaut.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/chain_reaction_Argonaut.ps1 -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/chain_reaction_Cyclotron.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/chain_reaction_Cyclotron.bat -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/chain_reaction_DragonsTail.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/chain_reaction_DragonsTail.bat -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/chain_reaction_DragonsTail.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/chain_reaction_DragonsTail.ps1 -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/chain_reaction_Fission.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/chain_reaction_Fission.bat -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/chain_reaction_Plutonium.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/chain_reaction_Plutonium.bat -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/chain_reaction_Ranger.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/chain_reaction_Ranger.sh -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/chain_reaction_Reactor.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/chain_reaction_Reactor.bat -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/cookie-miner-backdoor-launchagent.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/cookie-miner-backdoor-launchagent.plist -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/cookie-miner-payload-launchagent.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/cookie-miner-payload-launchagent.plist -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/cookie-miner-stage-01.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/cookie-miner-stage-01.sh -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/cookie-miner-stage-02.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/cookie-miner-stage-02.py -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/dragonstail_benign.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/dragonstail_benign.ps1 -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/mirai-reaction-stage-01.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/mirai-reaction-stage-01.sh -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/qbot_infection_reaction.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/qbot_infection_reaction.vbs -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/rocke-and-roll-stage-01.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/rocke-and-roll-stage-01.sh -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/rocke-and-roll-stage-02-base64.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/rocke-and-roll-stage-02-base64.sh -------------------------------------------------------------------------------- /ARTifacts/Chain_Reactions/rocke-and-roll-stage-02-decoded.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Chain_Reactions/rocke-and-roll-stage-02-decoded.sh -------------------------------------------------------------------------------- /ARTifacts/Initial_Access/Atomic.doc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Initial_Access/Atomic.doc -------------------------------------------------------------------------------- /ARTifacts/Initial_Access/AtomicHTA.hta: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Initial_Access/AtomicHTA.hta -------------------------------------------------------------------------------- /ARTifacts/Initial_Access/Listener.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Initial_Access/Listener.md -------------------------------------------------------------------------------- /ARTifacts/Initial_Access/Office_Macro_COM.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Initial_Access/Office_Macro_COM.md -------------------------------------------------------------------------------- /ARTifacts/Initial_Access/Zipped_Malware.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Initial_Access/Zipped_Malware.md -------------------------------------------------------------------------------- /ARTifacts/Initial_Access/generate-macro.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Initial_Access/generate-macro.ps1 -------------------------------------------------------------------------------- /ARTifacts/Initial_Access/hta.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Initial_Access/hta.md -------------------------------------------------------------------------------- /ARTifacts/Labs/Webinar11062017-Labs.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Labs/Webinar11062017-Labs.bat -------------------------------------------------------------------------------- /ARTifacts/Misc/Discovery.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/ARTifacts/Misc/Discovery.bat -------------------------------------------------------------------------------- /ARTifacts/Misc/flag.txt: -------------------------------------------------------------------------------- 1 | Downloaded Remote Content 2 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/Gemfile -------------------------------------------------------------------------------- /Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/Gemfile.lock -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/LICENSE.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/README.md -------------------------------------------------------------------------------- /atomic-red-team.gemspec: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomic-red-team.gemspec -------------------------------------------------------------------------------- /atomic_red_team/atomic_doc_template.md.erb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomic_red_team/atomic_doc_template.md.erb -------------------------------------------------------------------------------- /atomic_red_team/atomic_execution_template.html.erb: -------------------------------------------------------------------------------- 1 | TBD -------------------------------------------------------------------------------- /atomic_red_team/atomic_red_team.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomic_red_team/atomic_red_team.rb -------------------------------------------------------------------------------- /atomic_red_team/atomic_test_template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomic_red_team/atomic_test_template.yaml -------------------------------------------------------------------------------- /atomic_red_team/attack_api.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomic_red_team/attack_api.rb -------------------------------------------------------------------------------- /atomic_red_team/enterprise-attack.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomic_red_team/enterprise-attack.json -------------------------------------------------------------------------------- /atomic_red_team/spec.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomic_red_team/spec.yaml -------------------------------------------------------------------------------- /atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer-linux.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer-linux.json -------------------------------------------------------------------------------- /atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer-macos.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer-macos.json -------------------------------------------------------------------------------- /atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer-windows.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer-windows.json -------------------------------------------------------------------------------- /atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Attack-Navigator-Layers/art-navigator-layer.json -------------------------------------------------------------------------------- /atomics/Indexes/Indexes-CSV/index.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Indexes-CSV/index.csv -------------------------------------------------------------------------------- /atomics/Indexes/Indexes-CSV/linux-index.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Indexes-CSV/linux-index.csv -------------------------------------------------------------------------------- /atomics/Indexes/Indexes-CSV/macos-index.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Indexes-CSV/macos-index.csv -------------------------------------------------------------------------------- /atomics/Indexes/Indexes-CSV/windows-index.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Indexes-CSV/windows-index.csv -------------------------------------------------------------------------------- /atomics/Indexes/Indexes-Markdown/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Indexes-Markdown/index.md -------------------------------------------------------------------------------- /atomics/Indexes/Indexes-Markdown/linux-index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Indexes-Markdown/linux-index.md -------------------------------------------------------------------------------- /atomics/Indexes/Indexes-Markdown/macos-index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Indexes-Markdown/macos-index.md -------------------------------------------------------------------------------- /atomics/Indexes/Indexes-Markdown/windows-index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Indexes-Markdown/windows-index.md -------------------------------------------------------------------------------- /atomics/Indexes/Matrices/linux-matrix.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Matrices/linux-matrix.md -------------------------------------------------------------------------------- /atomics/Indexes/Matrices/macos-matrix.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Matrices/macos-matrix.md -------------------------------------------------------------------------------- /atomics/Indexes/Matrices/matrix.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Matrices/matrix.md -------------------------------------------------------------------------------- /atomics/Indexes/Matrices/windows-matrix.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/Matrices/windows-matrix.md -------------------------------------------------------------------------------- /atomics/Indexes/index.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/Indexes/index.yaml -------------------------------------------------------------------------------- /atomics/T1003.001/T1003.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1003.001/T1003.001.md -------------------------------------------------------------------------------- /atomics/T1003.001/T1003.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1003.001/T1003.001.yaml -------------------------------------------------------------------------------- /atomics/T1003.002/T1003.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1003.002/T1003.002.md -------------------------------------------------------------------------------- /atomics/T1003.002/T1003.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1003.002/T1003.002.yaml -------------------------------------------------------------------------------- /atomics/T1003.003/T1003.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1003.003/T1003.003.md -------------------------------------------------------------------------------- /atomics/T1003.003/T1003.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1003.003/T1003.003.yaml -------------------------------------------------------------------------------- /atomics/T1003.004/T1003.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1003.004/T1003.004.md -------------------------------------------------------------------------------- /atomics/T1003.004/T1003.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1003.004/T1003.004.yaml -------------------------------------------------------------------------------- /atomics/T1003/T1003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1003/T1003.md -------------------------------------------------------------------------------- /atomics/T1003/T1003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1003/T1003.yaml -------------------------------------------------------------------------------- /atomics/T1006/T1006.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1006/T1006.md -------------------------------------------------------------------------------- /atomics/T1006/T1006.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1006/T1006.yaml -------------------------------------------------------------------------------- /atomics/T1007/T1007.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1007/T1007.md -------------------------------------------------------------------------------- /atomics/T1007/T1007.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1007/T1007.yaml -------------------------------------------------------------------------------- /atomics/T1010/T1010.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1010/T1010.md -------------------------------------------------------------------------------- /atomics/T1010/T1010.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1010/T1010.yaml -------------------------------------------------------------------------------- /atomics/T1010/src/T1010.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1010/src/T1010.cs -------------------------------------------------------------------------------- /atomics/T1012/T1012.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1012/T1012.md -------------------------------------------------------------------------------- /atomics/T1012/T1012.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1012/T1012.yaml -------------------------------------------------------------------------------- /atomics/T1014/T1014.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1014/T1014.md -------------------------------------------------------------------------------- /atomics/T1014/T1014.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1014/T1014.yaml -------------------------------------------------------------------------------- /atomics/T1014/bin/puppetstrings.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1014/bin/puppetstrings.exe -------------------------------------------------------------------------------- /atomics/T1014/src/Linux/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1014/src/Linux/Makefile -------------------------------------------------------------------------------- /atomics/T1014/src/Linux/T1014.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1014/src/Linux/T1014.c -------------------------------------------------------------------------------- /atomics/T1016/T1016.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1016/T1016.md -------------------------------------------------------------------------------- /atomics/T1016/T1016.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1016/T1016.yaml -------------------------------------------------------------------------------- /atomics/T1016/src/qakbot.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1016/src/qakbot.bat -------------------------------------------------------------------------------- /atomics/T1016/src/top-128.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1016/src/top-128.txt -------------------------------------------------------------------------------- /atomics/T1018/T1018.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1018/T1018.md -------------------------------------------------------------------------------- /atomics/T1018/T1018.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1018/T1018.yaml -------------------------------------------------------------------------------- /atomics/T1020/T1020.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1020/T1020.md -------------------------------------------------------------------------------- /atomics/T1020/T1020.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1020/T1020.yaml -------------------------------------------------------------------------------- /atomics/T1021.001/T1021.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1021.001/T1021.001.md -------------------------------------------------------------------------------- /atomics/T1021.001/T1021.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1021.001/T1021.001.yaml -------------------------------------------------------------------------------- /atomics/T1021.002/T1021.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1021.002/T1021.002.md -------------------------------------------------------------------------------- /atomics/T1021.002/T1021.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1021.002/T1021.002.yaml -------------------------------------------------------------------------------- /atomics/T1021.003/T1021.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1021.003/T1021.003.md -------------------------------------------------------------------------------- /atomics/T1021.003/T1021.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1021.003/T1021.003.yaml -------------------------------------------------------------------------------- /atomics/T1021.006/T1021.006.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1021.006/T1021.006.md -------------------------------------------------------------------------------- /atomics/T1021.006/T1021.006.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1021.006/T1021.006.yaml -------------------------------------------------------------------------------- /atomics/T1027.001/T1027.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.001/T1027.001.md -------------------------------------------------------------------------------- /atomics/T1027.001/T1027.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.001/T1027.001.yaml -------------------------------------------------------------------------------- /atomics/T1027.002/T1027.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.002/T1027.002.md -------------------------------------------------------------------------------- /atomics/T1027.002/T1027.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.002/T1027.002.yaml -------------------------------------------------------------------------------- /atomics/T1027.002/bin/darwin/test_upx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.002/bin/darwin/test_upx -------------------------------------------------------------------------------- /atomics/T1027.002/bin/darwin/test_upx_header_changed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.002/bin/darwin/test_upx_header_changed -------------------------------------------------------------------------------- /atomics/T1027.002/bin/linux/test_upx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.002/bin/linux/test_upx -------------------------------------------------------------------------------- /atomics/T1027.002/bin/linux/test_upx_header_changed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.002/bin/linux/test_upx_header_changed -------------------------------------------------------------------------------- /atomics/T1027.002/src/test.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.002/src/test.c -------------------------------------------------------------------------------- /atomics/T1027.002/src/test.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.002/src/test.h -------------------------------------------------------------------------------- /atomics/T1027.004/T1027.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.004/T1027.004.md -------------------------------------------------------------------------------- /atomics/T1027.004/T1027.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.004/T1027.004.yaml -------------------------------------------------------------------------------- /atomics/T1027.004/bin/T1027.004_DynamicCompile.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.004/bin/T1027.004_DynamicCompile.exe -------------------------------------------------------------------------------- /atomics/T1027.004/src/DynamicCompile.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.004/src/DynamicCompile.cs -------------------------------------------------------------------------------- /atomics/T1027.004/src/calc.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027.004/src/calc.cs -------------------------------------------------------------------------------- /atomics/T1027/T1027.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027/T1027.md -------------------------------------------------------------------------------- /atomics/T1027/T1027.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027/T1027.yaml -------------------------------------------------------------------------------- /atomics/T1027/bin/T1027.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1027/bin/T1027.zip -------------------------------------------------------------------------------- /atomics/T1030/T1030.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1030/T1030.md -------------------------------------------------------------------------------- /atomics/T1030/T1030.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1030/T1030.yaml -------------------------------------------------------------------------------- /atomics/T1033/T1033.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1033/T1033.md -------------------------------------------------------------------------------- /atomics/T1033/T1033.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1033/T1033.yaml -------------------------------------------------------------------------------- /atomics/T1036.003/T1036.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1036.003/T1036.003.md -------------------------------------------------------------------------------- /atomics/T1036.003/T1036.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1036.003/T1036.003.yaml -------------------------------------------------------------------------------- /atomics/T1036.003/bin/T1036.003.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1036.003/bin/T1036.003.exe -------------------------------------------------------------------------------- /atomics/T1036.003/src/T1036.003.SED: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1036.003/src/T1036.003.SED -------------------------------------------------------------------------------- /atomics/T1036.003/src/T1036.003_masquerading.ps1: -------------------------------------------------------------------------------- 1 | Exit-PSSession -------------------------------------------------------------------------------- /atomics/T1036.003/src/T1036.003_masquerading.vbs: -------------------------------------------------------------------------------- 1 | Wscript.Quit -------------------------------------------------------------------------------- /atomics/T1036.003/src/T1036.003_test.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1036.003/src/T1036.003_test.bat -------------------------------------------------------------------------------- /atomics/T1036.004/T1036.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1036.004/T1036.004.md -------------------------------------------------------------------------------- /atomics/T1036.004/T1036.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1036.004/T1036.004.yaml -------------------------------------------------------------------------------- /atomics/T1036.006/T1036.006.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1036.006/T1036.006.md -------------------------------------------------------------------------------- /atomics/T1036.006/T1036.006.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1036.006/T1036.006.yaml -------------------------------------------------------------------------------- /atomics/T1037.001/T1037.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1037.001/T1037.001.md -------------------------------------------------------------------------------- /atomics/T1037.001/T1037.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1037.001/T1037.001.yaml -------------------------------------------------------------------------------- /atomics/T1037.002/T1037.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1037.002/T1037.002.md -------------------------------------------------------------------------------- /atomics/T1037.002/T1037.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1037.002/T1037.002.yaml -------------------------------------------------------------------------------- /atomics/T1037.004/T1037.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1037.004/T1037.004.md -------------------------------------------------------------------------------- /atomics/T1037.004/T1037.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1037.004/T1037.004.yaml -------------------------------------------------------------------------------- /atomics/T1037.005/T1037.005.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1037.005/T1037.005.md -------------------------------------------------------------------------------- /atomics/T1037.005/T1037.005.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1037.005/T1037.005.yaml -------------------------------------------------------------------------------- /atomics/T1040/T1040.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1040/T1040.md -------------------------------------------------------------------------------- /atomics/T1040/T1040.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1040/T1040.yaml -------------------------------------------------------------------------------- /atomics/T1046/T1046.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1046/T1046.md -------------------------------------------------------------------------------- /atomics/T1046/T1046.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1046/T1046.yaml -------------------------------------------------------------------------------- /atomics/T1047/T1047.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1047/T1047.md -------------------------------------------------------------------------------- /atomics/T1047/T1047.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1047/T1047.yaml -------------------------------------------------------------------------------- /atomics/T1048.003/T1048.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1048.003/T1048.003.md -------------------------------------------------------------------------------- /atomics/T1048.003/T1048.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1048.003/T1048.003.yaml -------------------------------------------------------------------------------- /atomics/T1048/T1048.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1048/T1048.md -------------------------------------------------------------------------------- /atomics/T1048/T1048.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1048/T1048.yaml -------------------------------------------------------------------------------- /atomics/T1049/T1049.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1049/T1049.md -------------------------------------------------------------------------------- /atomics/T1049/T1049.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1049/T1049.yaml -------------------------------------------------------------------------------- /atomics/T1053.001/T1053.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.001/T1053.001.md -------------------------------------------------------------------------------- /atomics/T1053.001/T1053.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.001/T1053.001.yaml -------------------------------------------------------------------------------- /atomics/T1053.002/T1053.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.002/T1053.002.md -------------------------------------------------------------------------------- /atomics/T1053.002/T1053.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.002/T1053.002.yaml -------------------------------------------------------------------------------- /atomics/T1053.003/T1053.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.003/T1053.003.md -------------------------------------------------------------------------------- /atomics/T1053.003/T1053.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.003/T1053.003.yaml -------------------------------------------------------------------------------- /atomics/T1053.004/T1053.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.004/T1053.004.md -------------------------------------------------------------------------------- /atomics/T1053.004/T1053.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.004/T1053.004.yaml -------------------------------------------------------------------------------- /atomics/T1053.004/src/atomicredteam_T1053_004.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.004/src/atomicredteam_T1053_004.plist -------------------------------------------------------------------------------- /atomics/T1053.005/T1053.005.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.005/T1053.005.md -------------------------------------------------------------------------------- /atomics/T1053.005/T1053.005.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1053.005/T1053.005.yaml -------------------------------------------------------------------------------- /atomics/T1055.004/T1055.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.004/T1055.004.md -------------------------------------------------------------------------------- /atomics/T1055.004/T1055.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.004/T1055.004.yaml -------------------------------------------------------------------------------- /atomics/T1055.004/bin/T1055.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.004/bin/T1055.exe -------------------------------------------------------------------------------- /atomics/T1055.004/src/Linux/T1055.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.004/src/Linux/T1055.c -------------------------------------------------------------------------------- /atomics/T1055.004/src/T1055.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.004/src/T1055.cpp -------------------------------------------------------------------------------- /atomics/T1055.004/src/T1055.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.004/src/T1055.cs -------------------------------------------------------------------------------- /atomics/T1055.004/src/Win32/T1055.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.004/src/Win32/T1055.dll -------------------------------------------------------------------------------- /atomics/T1055.004/src/x64/T1055.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.004/src/x64/T1055.dll -------------------------------------------------------------------------------- /atomics/T1055.012/T1055.012.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.012/T1055.012.md -------------------------------------------------------------------------------- /atomics/T1055.012/T1055.012.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.012/T1055.012.yaml -------------------------------------------------------------------------------- /atomics/T1055.012/src/Start-Hollow.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055.012/src/Start-Hollow.ps1 -------------------------------------------------------------------------------- /atomics/T1055/T1055.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055/T1055.md -------------------------------------------------------------------------------- /atomics/T1055/T1055.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055/T1055.yaml -------------------------------------------------------------------------------- /atomics/T1055/src/Linux/T1055.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055/src/Linux/T1055.c -------------------------------------------------------------------------------- /atomics/T1055/src/T1055.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055/src/T1055.cpp -------------------------------------------------------------------------------- /atomics/T1055/src/T1055.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055/src/T1055.cs -------------------------------------------------------------------------------- /atomics/T1055/src/Win32/T1055.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055/src/Win32/T1055.dll -------------------------------------------------------------------------------- /atomics/T1055/src/x64/T1055.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1055/src/x64/T1055.dll -------------------------------------------------------------------------------- /atomics/T1056.001/T1056.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.001/T1056.001.md -------------------------------------------------------------------------------- /atomics/T1056.001/T1056.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.001/T1056.001.yaml -------------------------------------------------------------------------------- /atomics/T1056.001/src/Get-Keystrokes.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.001/src/Get-Keystrokes.ps1 -------------------------------------------------------------------------------- /atomics/T1056.002/T1056.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.002/T1056.002.md -------------------------------------------------------------------------------- /atomics/T1056.002/T1056.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.002/T1056.002.yaml -------------------------------------------------------------------------------- /atomics/T1056.004/T1056.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/T1056.004.md -------------------------------------------------------------------------------- /atomics/T1056.004/T1056.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/T1056.004.yaml -------------------------------------------------------------------------------- /atomics/T1056.004/bin/T1056.004x64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/bin/T1056.004x64.dll -------------------------------------------------------------------------------- /atomics/T1056.004/bin/T1056.004x86.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/bin/T1056.004x86.dll -------------------------------------------------------------------------------- /atomics/T1056.004/src/T1056.004.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/src/T1056.004.sln -------------------------------------------------------------------------------- /atomics/T1056.004/src/T1056.004/T1056.004.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/src/T1056.004/T1056.004.cpp -------------------------------------------------------------------------------- /atomics/T1056.004/src/T1056.004/T1056.004.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/src/T1056.004/T1056.004.vcxproj -------------------------------------------------------------------------------- /atomics/T1056.004/src/T1056.004/T1056.004.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/src/T1056.004/T1056.004.vcxproj.filters -------------------------------------------------------------------------------- /atomics/T1056.004/src/T1056.004/T1056.004.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/src/T1056.004/T1056.004.vcxproj.user -------------------------------------------------------------------------------- /atomics/T1056.004/src/Win32/T1056.004.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/src/Win32/T1056.004.dll -------------------------------------------------------------------------------- /atomics/T1056.004/src/x64/T1056.004.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1056.004/src/x64/T1056.004.dll -------------------------------------------------------------------------------- /atomics/T1057/T1057.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1057/T1057.md -------------------------------------------------------------------------------- /atomics/T1057/T1057.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1057/T1057.yaml -------------------------------------------------------------------------------- /atomics/T1059.001/T1059.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.001/T1059.001.md -------------------------------------------------------------------------------- /atomics/T1059.001/T1059.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.001/T1059.001.yaml -------------------------------------------------------------------------------- /atomics/T1059.001/src/Invoke-DownloadCradle.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.001/src/Invoke-DownloadCradle.ps1 -------------------------------------------------------------------------------- /atomics/T1059.001/src/mshta.sct: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.001/src/mshta.sct -------------------------------------------------------------------------------- /atomics/T1059.001/src/test.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.001/src/test.ps1 -------------------------------------------------------------------------------- /atomics/T1059.001/src/test.sct: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.001/src/test.sct -------------------------------------------------------------------------------- /atomics/T1059.001/src/test.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.001/src/test.xml -------------------------------------------------------------------------------- /atomics/T1059.001/src/test.xsl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.001/src/test.xsl -------------------------------------------------------------------------------- /atomics/T1059.002/T1059.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.002/T1059.002.md -------------------------------------------------------------------------------- /atomics/T1059.002/T1059.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.002/T1059.002.yaml -------------------------------------------------------------------------------- /atomics/T1059.003/T1059.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.003/T1059.003.md -------------------------------------------------------------------------------- /atomics/T1059.003/T1059.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.003/T1059.003.yaml -------------------------------------------------------------------------------- /atomics/T1059.004/T1059.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.004/T1059.004.md -------------------------------------------------------------------------------- /atomics/T1059.004/T1059.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.004/T1059.004.yaml -------------------------------------------------------------------------------- /atomics/T1059.004/src/echo-art-fish.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.004/src/echo-art-fish.sh -------------------------------------------------------------------------------- /atomics/T1059.005/T1059.005.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.005/T1059.005.md -------------------------------------------------------------------------------- /atomics/T1059.005/T1059.005.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.005/T1059.005.yaml -------------------------------------------------------------------------------- /atomics/T1059.005/src/sys_info.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1059.005/src/sys_info.vbs -------------------------------------------------------------------------------- /atomics/T1069.001/T1069.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1069.001/T1069.001.md -------------------------------------------------------------------------------- /atomics/T1069.001/T1069.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1069.001/T1069.001.yaml -------------------------------------------------------------------------------- /atomics/T1069.002/T1069.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1069.002/T1069.002.md -------------------------------------------------------------------------------- /atomics/T1069.002/T1069.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1069.002/T1069.002.yaml -------------------------------------------------------------------------------- /atomics/T1069.003/T1069.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1069.003/T1069.003.yaml -------------------------------------------------------------------------------- /atomics/T1070.001/T1070.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.001/T1070.001.md -------------------------------------------------------------------------------- /atomics/T1070.001/T1070.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.001/T1070.001.yaml -------------------------------------------------------------------------------- /atomics/T1070.002/T1070.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.002/T1070.002.md -------------------------------------------------------------------------------- /atomics/T1070.002/T1070.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.002/T1070.002.yaml -------------------------------------------------------------------------------- /atomics/T1070.003/T1070.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.003/T1070.003.md -------------------------------------------------------------------------------- /atomics/T1070.003/T1070.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.003/T1070.003.yaml -------------------------------------------------------------------------------- /atomics/T1070.004/T1070.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.004/T1070.004.md -------------------------------------------------------------------------------- /atomics/T1070.004/T1070.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.004/T1070.004.yaml -------------------------------------------------------------------------------- /atomics/T1070.005/T1070.005.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.005/T1070.005.md -------------------------------------------------------------------------------- /atomics/T1070.005/T1070.005.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.005/T1070.005.yaml -------------------------------------------------------------------------------- /atomics/T1070.006/T1070.006.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.006/T1070.006.md -------------------------------------------------------------------------------- /atomics/T1070.006/T1070.006.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070.006/T1070.006.yaml -------------------------------------------------------------------------------- /atomics/T1070/T1070.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070/T1070.md -------------------------------------------------------------------------------- /atomics/T1070/T1070.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1070/T1070.yaml -------------------------------------------------------------------------------- /atomics/T1071.001/T1071.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1071.001/T1071.001.md -------------------------------------------------------------------------------- /atomics/T1071.001/T1071.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1071.001/T1071.001.yaml -------------------------------------------------------------------------------- /atomics/T1071.004/T1071.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1071.004/T1071.004.md -------------------------------------------------------------------------------- /atomics/T1071.004/T1071.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1071.004/T1071.004.yaml -------------------------------------------------------------------------------- /atomics/T1071.004/src/T1071-dns-beacon.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1071.004/src/T1071-dns-beacon.ps1 -------------------------------------------------------------------------------- /atomics/T1071.004/src/T1071-dns-domain-length.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1071.004/src/T1071-dns-domain-length.ps1 -------------------------------------------------------------------------------- /atomics/T1074.001/T1074.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1074.001/T1074.001.md -------------------------------------------------------------------------------- /atomics/T1074.001/T1074.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1074.001/T1074.001.yaml -------------------------------------------------------------------------------- /atomics/T1074.001/bin/Folder_to_zip/T1074.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /atomics/T1074.001/src/Discovery.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1074.001/src/Discovery.bat -------------------------------------------------------------------------------- /atomics/T1074.001/src/Discovery.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1074.001/src/Discovery.sh -------------------------------------------------------------------------------- /atomics/T1078.001/T1078.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1078.001/T1078.001.md -------------------------------------------------------------------------------- /atomics/T1078.001/T1078.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1078.001/T1078.001.yaml -------------------------------------------------------------------------------- /atomics/T1082/T1082.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1082/T1082.md -------------------------------------------------------------------------------- /atomics/T1082/T1082.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1082/T1082.yaml -------------------------------------------------------------------------------- /atomics/T1083/T1083.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1083/T1083.md -------------------------------------------------------------------------------- /atomics/T1083/T1083.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1083/T1083.yaml -------------------------------------------------------------------------------- /atomics/T1087.001/T1087.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1087.001/T1087.001.md -------------------------------------------------------------------------------- /atomics/T1087.001/T1087.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1087.001/T1087.001.yaml -------------------------------------------------------------------------------- /atomics/T1087.002/T1087.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1087.002/T1087.002.md -------------------------------------------------------------------------------- /atomics/T1087.002/T1087.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1087.002/T1087.002.yaml -------------------------------------------------------------------------------- /atomics/T1087.002/src/AdFind.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1087.002/src/AdFind.exe -------------------------------------------------------------------------------- /atomics/T1087.002/src/adcsv.pl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1087.002/src/adcsv.pl -------------------------------------------------------------------------------- /atomics/T1087.004/T1087.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1087.004/T1087.004.yaml -------------------------------------------------------------------------------- /atomics/T1090.001/T1090.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1090.001/T1090.001.md -------------------------------------------------------------------------------- /atomics/T1090.001/T1090.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1090.001/T1090.001.yaml -------------------------------------------------------------------------------- /atomics/T1095/T1095.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1095/T1095.md -------------------------------------------------------------------------------- /atomics/T1095/T1095.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1095/T1095.yaml -------------------------------------------------------------------------------- /atomics/T1098.004/T1098.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1098.004/T1098.004.md -------------------------------------------------------------------------------- /atomics/T1098.004/T1098.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1098.004/T1098.004.yaml -------------------------------------------------------------------------------- /atomics/T1098/T1098.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1098/T1098.md -------------------------------------------------------------------------------- /atomics/T1098/T1098.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1098/T1098.yaml -------------------------------------------------------------------------------- /atomics/T1105/T1105.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1105/T1105.md -------------------------------------------------------------------------------- /atomics/T1105/T1105.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1105/T1105.yaml -------------------------------------------------------------------------------- /atomics/T1106/T1106.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1106/T1106.md -------------------------------------------------------------------------------- /atomics/T1106/T1106.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1106/T1106.yaml -------------------------------------------------------------------------------- /atomics/T1106/src/CreateProcess.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1106/src/CreateProcess.cs -------------------------------------------------------------------------------- /atomics/T1110.001/T1110.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1110.001/T1110.001.md -------------------------------------------------------------------------------- /atomics/T1110.001/T1110.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1110.001/T1110.001.yaml -------------------------------------------------------------------------------- /atomics/T1110.002/T1110.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1110.002/T1110.002.md -------------------------------------------------------------------------------- /atomics/T1110.002/T1110.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1110.002/T1110.002.yaml -------------------------------------------------------------------------------- /atomics/T1110.002/src/password.lst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1110.002/src/password.lst -------------------------------------------------------------------------------- /atomics/T1110.002/src/sam.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1110.002/src/sam.txt -------------------------------------------------------------------------------- /atomics/T1110.003/T1110.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1110.003/T1110.003.md -------------------------------------------------------------------------------- /atomics/T1110.003/T1110.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1110.003/T1110.003.yaml -------------------------------------------------------------------------------- /atomics/T1110.003/src/parse_net_users.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1110.003/src/parse_net_users.bat -------------------------------------------------------------------------------- /atomics/T1112/T1112.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1112/T1112.md -------------------------------------------------------------------------------- /atomics/T1112/T1112.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1112/T1112.yaml -------------------------------------------------------------------------------- /atomics/T1113/T1113.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1113/T1113.md -------------------------------------------------------------------------------- /atomics/T1113/T1113.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1113/T1113.yaml -------------------------------------------------------------------------------- /atomics/T1114.001/T1114.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1114.001/T1114.001.md -------------------------------------------------------------------------------- /atomics/T1114.001/T1114.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1114.001/T1114.001.yaml -------------------------------------------------------------------------------- /atomics/T1114.001/src/Get-Inbox.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1114.001/src/Get-Inbox.ps1 -------------------------------------------------------------------------------- /atomics/T1115/T1115.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1115/T1115.md -------------------------------------------------------------------------------- /atomics/T1115/T1115.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1115/T1115.yaml -------------------------------------------------------------------------------- /atomics/T1119/T1119.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1119/T1119.md -------------------------------------------------------------------------------- /atomics/T1119/T1119.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1119/T1119.yaml -------------------------------------------------------------------------------- /atomics/T1123/T1123.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1123/T1123.md -------------------------------------------------------------------------------- /atomics/T1123/T1123.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1123/T1123.yaml -------------------------------------------------------------------------------- /atomics/T1124/T1124.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1124/T1124.md -------------------------------------------------------------------------------- /atomics/T1124/T1124.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1124/T1124.yaml -------------------------------------------------------------------------------- /atomics/T1127.001/T1127.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1127.001/T1127.001.md -------------------------------------------------------------------------------- /atomics/T1127.001/T1127.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1127.001/T1127.001.yaml -------------------------------------------------------------------------------- /atomics/T1127.001/src/T1127.001.csproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1127.001/src/T1127.001.csproj -------------------------------------------------------------------------------- /atomics/T1132.001/T1132.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1132.001/T1132.001.md -------------------------------------------------------------------------------- /atomics/T1132.001/T1132.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1132.001/T1132.001.yaml -------------------------------------------------------------------------------- /atomics/T1134.001/T1134.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1134.001/T1134.001.md -------------------------------------------------------------------------------- /atomics/T1134.001/T1134.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1134.001/T1134.001.yaml -------------------------------------------------------------------------------- /atomics/T1134.004/T1134.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1134.004/T1134.004.md -------------------------------------------------------------------------------- /atomics/T1134.004/T1134.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1134.004/T1134.004.yaml -------------------------------------------------------------------------------- /atomics/T1134.004/bin/calc.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1134.004/bin/calc.dll -------------------------------------------------------------------------------- /atomics/T1134.004/src/PPID-Spoof.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1134.004/src/PPID-Spoof.ps1 -------------------------------------------------------------------------------- /atomics/T1134.004/src/calc.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1134.004/src/calc.c -------------------------------------------------------------------------------- /atomics/T1135/T1135.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1135/T1135.md -------------------------------------------------------------------------------- /atomics/T1135/T1135.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1135/T1135.yaml -------------------------------------------------------------------------------- /atomics/T1136.001/T1136.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1136.001/T1136.001.md -------------------------------------------------------------------------------- /atomics/T1136.001/T1136.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1136.001/T1136.001.yaml -------------------------------------------------------------------------------- /atomics/T1136.002/T1136.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1136.002/T1136.002.md -------------------------------------------------------------------------------- /atomics/T1136.002/T1136.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1136.002/T1136.002.yaml -------------------------------------------------------------------------------- /atomics/T1136.003/T1136.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1136.003/T1136.003.yaml -------------------------------------------------------------------------------- /atomics/T1137.002/T1137.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1137.002/T1137.002.md -------------------------------------------------------------------------------- /atomics/T1137.002/T1137.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1137.002/T1137.002.yaml -------------------------------------------------------------------------------- /atomics/T1140/T1140.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1140/T1140.md -------------------------------------------------------------------------------- /atomics/T1140/T1140.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1140/T1140.yaml -------------------------------------------------------------------------------- /atomics/T1176/T1176.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1176/T1176.md -------------------------------------------------------------------------------- /atomics/T1176/T1176.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1176/T1176.yaml -------------------------------------------------------------------------------- /atomics/T1176/src/inline.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1176/src/inline.js -------------------------------------------------------------------------------- /atomics/T1176/src/manifest.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1176/src/manifest.json -------------------------------------------------------------------------------- /atomics/T1197/T1197.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1197/T1197.md -------------------------------------------------------------------------------- /atomics/T1197/T1197.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1197/T1197.yaml -------------------------------------------------------------------------------- /atomics/T1201/T1201.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1201/T1201.md -------------------------------------------------------------------------------- /atomics/T1201/T1201.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1201/T1201.yaml -------------------------------------------------------------------------------- /atomics/T1202/T1202.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1202/T1202.md -------------------------------------------------------------------------------- /atomics/T1202/T1202.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1202/T1202.yaml -------------------------------------------------------------------------------- /atomics/T1204.002/T1204.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1204.002/T1204.002.md -------------------------------------------------------------------------------- /atomics/T1204.002/T1204.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1204.002/T1204.002.yaml -------------------------------------------------------------------------------- /atomics/T1207/T1207.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1207/T1207.md -------------------------------------------------------------------------------- /atomics/T1207/T1207.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1207/T1207.yaml -------------------------------------------------------------------------------- /atomics/T1216.001/T1216.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1216.001/T1216.001.md -------------------------------------------------------------------------------- /atomics/T1216.001/T1216.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1216.001/T1216.001.yaml -------------------------------------------------------------------------------- /atomics/T1216.001/src/T1216.001.sct: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1216.001/src/T1216.001.sct -------------------------------------------------------------------------------- /atomics/T1216/T1216.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1216/T1216.md -------------------------------------------------------------------------------- /atomics/T1216/T1216.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1216/T1216.yaml -------------------------------------------------------------------------------- /atomics/T1217/T1217.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1217/T1217.md -------------------------------------------------------------------------------- /atomics/T1217/T1217.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1217/T1217.yaml -------------------------------------------------------------------------------- /atomics/T1218.001/T1218.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.001/T1218.001.md -------------------------------------------------------------------------------- /atomics/T1218.001/T1218.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.001/T1218.001.yaml -------------------------------------------------------------------------------- /atomics/T1218.001/src/T1218.001.chm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.001/src/T1218.001.chm -------------------------------------------------------------------------------- /atomics/T1218.001/src/T1218.001.hhp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.001/src/T1218.001.hhp -------------------------------------------------------------------------------- /atomics/T1218.001/src/T1218.001.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.001/src/T1218.001.html -------------------------------------------------------------------------------- /atomics/T1218.002/T1218.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.002/T1218.002.md -------------------------------------------------------------------------------- /atomics/T1218.002/T1218.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.002/T1218.002.yaml -------------------------------------------------------------------------------- /atomics/T1218.002/bin/calc.cpl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.002/bin/calc.cpl -------------------------------------------------------------------------------- /atomics/T1218.002/src/calc.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.002/src/calc.cpp -------------------------------------------------------------------------------- /atomics/T1218.003/T1218.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.003/T1218.003.md -------------------------------------------------------------------------------- /atomics/T1218.003/T1218.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.003/T1218.003.yaml -------------------------------------------------------------------------------- /atomics/T1218.003/src/T1218.003.inf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.003/src/T1218.003.inf -------------------------------------------------------------------------------- /atomics/T1218.003/src/T1218.003_uacbypass.inf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.003/src/T1218.003_uacbypass.inf -------------------------------------------------------------------------------- /atomics/T1218.004/T1218.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.004/T1218.004.md -------------------------------------------------------------------------------- /atomics/T1218.004/T1218.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.004/T1218.004.yaml -------------------------------------------------------------------------------- /atomics/T1218.004/src/InstallUtilTestHarness.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.004/src/InstallUtilTestHarness.ps1 -------------------------------------------------------------------------------- /atomics/T1218.005/T1218.005.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.005/T1218.005.md -------------------------------------------------------------------------------- /atomics/T1218.005/T1218.005.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.005/T1218.005.yaml -------------------------------------------------------------------------------- /atomics/T1218.005/src/T1218.005.hta: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.005/src/T1218.005.hta -------------------------------------------------------------------------------- /atomics/T1218.005/src/mshta.sct: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.005/src/mshta.sct -------------------------------------------------------------------------------- /atomics/T1218.005/src/powershell.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.005/src/powershell.ps1 -------------------------------------------------------------------------------- /atomics/T1218.007/T1218.007.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.007/T1218.007.md -------------------------------------------------------------------------------- /atomics/T1218.007/T1218.007.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.007/T1218.007.yaml -------------------------------------------------------------------------------- /atomics/T1218.007/src/T1218.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.007/src/T1218.cpp -------------------------------------------------------------------------------- /atomics/T1218.007/src/Win32/T1218.msi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.007/src/Win32/T1218.msi -------------------------------------------------------------------------------- /atomics/T1218.007/src/x64/T1218.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.007/src/x64/T1218.dll -------------------------------------------------------------------------------- /atomics/T1218.008/T1218.008.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.008/T1218.008.md -------------------------------------------------------------------------------- /atomics/T1218.008/T1218.008.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.008/T1218.008.yaml -------------------------------------------------------------------------------- /atomics/T1218.008/src/T1218-2.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.008/src/T1218-2.cpp -------------------------------------------------------------------------------- /atomics/T1218.008/src/Win32/T1218-2.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.008/src/Win32/T1218-2.dll -------------------------------------------------------------------------------- /atomics/T1218.009/T1218.009.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.009/T1218.009.md -------------------------------------------------------------------------------- /atomics/T1218.009/T1218.009.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.009/T1218.009.yaml -------------------------------------------------------------------------------- /atomics/T1218.009/src/T1218.009.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.009/src/T1218.009.cs -------------------------------------------------------------------------------- /atomics/T1218.010/T1218.010.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.010/T1218.010.md -------------------------------------------------------------------------------- /atomics/T1218.010/T1218.010.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.010/T1218.010.yaml -------------------------------------------------------------------------------- /atomics/T1218.010/bin/AllTheThingsx64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.010/bin/AllTheThingsx64.dll -------------------------------------------------------------------------------- /atomics/T1218.010/bin/AllTheThingsx86.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.010/bin/AllTheThingsx86.dll -------------------------------------------------------------------------------- /atomics/T1218.010/src/AllTheThings.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.010/src/AllTheThings.cs -------------------------------------------------------------------------------- /atomics/T1218.010/src/RegSvr32.sct: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.010/src/RegSvr32.sct -------------------------------------------------------------------------------- /atomics/T1218.011/T1218.011.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.011/T1218.011.md -------------------------------------------------------------------------------- /atomics/T1218.011/T1218.011.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.011/T1218.011.yaml -------------------------------------------------------------------------------- /atomics/T1218.011/src/T1218.011.inf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.011/src/T1218.011.inf -------------------------------------------------------------------------------- /atomics/T1218.011/src/T1218.011.sct: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.011/src/T1218.011.sct -------------------------------------------------------------------------------- /atomics/T1218.011/src/T1218.011_DefaultInstall.inf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218.011/src/T1218.011_DefaultInstall.inf -------------------------------------------------------------------------------- /atomics/T1218/T1218.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218/T1218.md -------------------------------------------------------------------------------- /atomics/T1218/T1218.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218/T1218.yaml -------------------------------------------------------------------------------- /atomics/T1218/src/Infdefaultinstall.inf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218/src/Infdefaultinstall.inf -------------------------------------------------------------------------------- /atomics/T1218/src/T1218-2.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218/src/T1218-2.cpp -------------------------------------------------------------------------------- /atomics/T1218/src/T1218.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218/src/T1218.cpp -------------------------------------------------------------------------------- /atomics/T1218/src/T1218Test.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218/src/T1218Test.docx -------------------------------------------------------------------------------- /atomics/T1218/src/Win32/T1218-2.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218/src/Win32/T1218-2.dll -------------------------------------------------------------------------------- /atomics/T1218/src/Win32/T1218.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218/src/Win32/T1218.dll -------------------------------------------------------------------------------- /atomics/T1218/src/x64/T1218.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1218/src/x64/T1218.dll -------------------------------------------------------------------------------- /atomics/T1219/T1219.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1219/T1219.md -------------------------------------------------------------------------------- /atomics/T1219/T1219.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1219/T1219.yaml -------------------------------------------------------------------------------- /atomics/T1220/T1220.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1220/T1220.md -------------------------------------------------------------------------------- /atomics/T1220/T1220.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1220/T1220.yaml -------------------------------------------------------------------------------- /atomics/T1220/src/msxslscript.xsl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1220/src/msxslscript.xsl -------------------------------------------------------------------------------- /atomics/T1220/src/msxslxmlfile.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1220/src/msxslxmlfile.xml -------------------------------------------------------------------------------- /atomics/T1220/src/wmicscript.xsl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1220/src/wmicscript.xsl -------------------------------------------------------------------------------- /atomics/T1222.001/T1222.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1222.001/T1222.001.md -------------------------------------------------------------------------------- /atomics/T1222.001/T1222.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1222.001/T1222.001.yaml -------------------------------------------------------------------------------- /atomics/T1222.002/T1222.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1222.002/T1222.002.md -------------------------------------------------------------------------------- /atomics/T1222.002/T1222.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1222.002/T1222.002.yaml -------------------------------------------------------------------------------- /atomics/T1482/T1482.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1482/T1482.md -------------------------------------------------------------------------------- /atomics/T1482/T1482.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1482/T1482.yaml -------------------------------------------------------------------------------- /atomics/T1485/T1485.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1485/T1485.md -------------------------------------------------------------------------------- /atomics/T1485/T1485.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1485/T1485.yaml -------------------------------------------------------------------------------- /atomics/T1489/T1489.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1489/T1489.md -------------------------------------------------------------------------------- /atomics/T1489/T1489.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1489/T1489.yaml -------------------------------------------------------------------------------- /atomics/T1490/T1490.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1490/T1490.md -------------------------------------------------------------------------------- /atomics/T1490/T1490.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1490/T1490.yaml -------------------------------------------------------------------------------- /atomics/T1496/T1496.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1496/T1496.md -------------------------------------------------------------------------------- /atomics/T1496/T1496.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1496/T1496.yaml -------------------------------------------------------------------------------- /atomics/T1497.001/T1497.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1497.001/T1497.001.md -------------------------------------------------------------------------------- /atomics/T1497.001/T1497.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1497.001/T1497.001.yaml -------------------------------------------------------------------------------- /atomics/T1505.002/T1505.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1505.002/T1505.002.md -------------------------------------------------------------------------------- /atomics/T1505.002/T1505.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1505.002/T1505.002.yaml -------------------------------------------------------------------------------- /atomics/T1505.003/T1505.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1505.003/T1505.003.md -------------------------------------------------------------------------------- /atomics/T1505.003/T1505.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1505.003/T1505.003.yaml -------------------------------------------------------------------------------- /atomics/T1505.003/src/b.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1505.003/src/b.jsp -------------------------------------------------------------------------------- /atomics/T1505.003/src/cmd.aspx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1505.003/src/cmd.aspx -------------------------------------------------------------------------------- /atomics/T1505.003/src/tests.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1505.003/src/tests.jsp -------------------------------------------------------------------------------- /atomics/T1518.001/T1518.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1518.001/T1518.001.md -------------------------------------------------------------------------------- /atomics/T1518.001/T1518.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1518.001/T1518.001.yaml -------------------------------------------------------------------------------- /atomics/T1518/T1518.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1518/T1518.md -------------------------------------------------------------------------------- /atomics/T1518/T1518.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1518/T1518.yaml -------------------------------------------------------------------------------- /atomics/T1529/T1529.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1529/T1529.md -------------------------------------------------------------------------------- /atomics/T1529/T1529.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1529/T1529.yaml -------------------------------------------------------------------------------- /atomics/T1531/T1531.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1531/T1531.md -------------------------------------------------------------------------------- /atomics/T1531/T1531.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1531/T1531.yaml -------------------------------------------------------------------------------- /atomics/T1543.001/T1543.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.001/T1543.001.md -------------------------------------------------------------------------------- /atomics/T1543.001/T1543.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.001/T1543.001.yaml -------------------------------------------------------------------------------- /atomics/T1543.001/src/atomicredteam_T1543_001.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.001/src/atomicredteam_T1543_001.plist -------------------------------------------------------------------------------- /atomics/T1543.002/T1543.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.002/T1543.002.md -------------------------------------------------------------------------------- /atomics/T1543.002/T1543.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.002/T1543.002.yaml -------------------------------------------------------------------------------- /atomics/T1543.003/T1543.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.003/T1543.003.md -------------------------------------------------------------------------------- /atomics/T1543.003/T1543.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.003/T1543.003.yaml -------------------------------------------------------------------------------- /atomics/T1543.003/bin/AtomicService.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.003/bin/AtomicService.exe -------------------------------------------------------------------------------- /atomics/T1543.003/src/AtomicService.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.003/src/AtomicService.cs -------------------------------------------------------------------------------- /atomics/T1543.004/T1543.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.004/T1543.004.md -------------------------------------------------------------------------------- /atomics/T1543.004/T1543.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.004/T1543.004.yaml -------------------------------------------------------------------------------- /atomics/T1543.004/src/atomicredteam_T1543_004.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1543.004/src/atomicredteam_T1543_004.plist -------------------------------------------------------------------------------- /atomics/T1546.001/T1546.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.001/T1546.001.md -------------------------------------------------------------------------------- /atomics/T1546.001/T1546.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.001/T1546.001.yaml -------------------------------------------------------------------------------- /atomics/T1546.002/T1546.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.002/T1546.002.md -------------------------------------------------------------------------------- /atomics/T1546.002/T1546.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.002/T1546.002.yaml -------------------------------------------------------------------------------- /atomics/T1546.003/T1546.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.003/T1546.003.md -------------------------------------------------------------------------------- /atomics/T1546.003/T1546.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.003/T1546.003.yaml -------------------------------------------------------------------------------- /atomics/T1546.004/T1546.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.004/T1546.004.md -------------------------------------------------------------------------------- /atomics/T1546.004/T1546.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.004/T1546.004.yaml -------------------------------------------------------------------------------- /atomics/T1546.005/T1546.005.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.005/T1546.005.md -------------------------------------------------------------------------------- /atomics/T1546.005/T1546.005.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.005/T1546.005.yaml -------------------------------------------------------------------------------- /atomics/T1546.005/src/echo-art-fish.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.005/src/echo-art-fish.sh -------------------------------------------------------------------------------- /atomics/T1546.007/T1546.007.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.007/T1546.007.md -------------------------------------------------------------------------------- /atomics/T1546.007/T1546.007.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.007/T1546.007.yaml -------------------------------------------------------------------------------- /atomics/T1546.008/T1546.008.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.008/T1546.008.md -------------------------------------------------------------------------------- /atomics/T1546.008/T1546.008.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.008/T1546.008.yaml -------------------------------------------------------------------------------- /atomics/T1546.010/T1546.010.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.010/T1546.010.md -------------------------------------------------------------------------------- /atomics/T1546.010/T1546.010.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.010/T1546.010.yaml -------------------------------------------------------------------------------- /atomics/T1546.010/bin/T1546.010.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.010/bin/T1546.010.dll -------------------------------------------------------------------------------- /atomics/T1546.010/bin/T1546.010x86.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.010/bin/T1546.010x86.dll -------------------------------------------------------------------------------- /atomics/T1546.010/src/T1546.010-cleanup.reg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.010/src/T1546.010-cleanup.reg -------------------------------------------------------------------------------- /atomics/T1546.010/src/T1546.010.dll.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.010/src/T1546.010.dll.cpp -------------------------------------------------------------------------------- /atomics/T1546.010/src/T1546.010.reg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.010/src/T1546.010.reg -------------------------------------------------------------------------------- /atomics/T1546.011/T1546.011.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.011/T1546.011.md -------------------------------------------------------------------------------- /atomics/T1546.011/T1546.011.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.011/T1546.011.yaml -------------------------------------------------------------------------------- /atomics/T1546.011/bin/AtomicShimx86.sdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.011/bin/AtomicShimx86.sdb -------------------------------------------------------------------------------- /atomics/T1546.011/bin/AtomicTest.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.011/bin/AtomicTest.dll -------------------------------------------------------------------------------- /atomics/T1546.011/bin/AtomicTest.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.011/bin/AtomicTest.exe -------------------------------------------------------------------------------- /atomics/T1546.011/bin/T1546.011CompatDatabase.sdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.011/bin/T1546.011CompatDatabase.sdb -------------------------------------------------------------------------------- /atomics/T1546.011/src/AtomicTest.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.011/src/AtomicTest.cs -------------------------------------------------------------------------------- /atomics/T1546.011/src/AtomicTest.dll.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.011/src/AtomicTest.dll.cpp -------------------------------------------------------------------------------- /atomics/T1546.012/T1546.012.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.012/T1546.012.md -------------------------------------------------------------------------------- /atomics/T1546.012/T1546.012.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.012/T1546.012.yaml -------------------------------------------------------------------------------- /atomics/T1546.013/T1546.013.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.013/T1546.013.md -------------------------------------------------------------------------------- /atomics/T1546.013/T1546.013.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.013/T1546.013.yaml -------------------------------------------------------------------------------- /atomics/T1546.014/T1546.014.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.014/T1546.014.md -------------------------------------------------------------------------------- /atomics/T1546.014/T1546.014.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.014/T1546.014.yaml -------------------------------------------------------------------------------- /atomics/T1546.014/src/T1546.014_emond.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1546.014/src/T1546.014_emond.plist -------------------------------------------------------------------------------- /atomics/T1547.001/T1547.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.001/T1547.001.md -------------------------------------------------------------------------------- /atomics/T1547.001/T1547.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.001/T1547.001.yaml -------------------------------------------------------------------------------- /atomics/T1547.001/src/batstartup.bat: -------------------------------------------------------------------------------- 1 | echo " T1547.001 Hello World Bat" 2 | -------------------------------------------------------------------------------- /atomics/T1547.001/src/jsestartup.jse: -------------------------------------------------------------------------------- 1 | WScript.Echo("T1547.001 Hello, World JSE!") 2 | -------------------------------------------------------------------------------- /atomics/T1547.001/src/vbsstartup.vbs: -------------------------------------------------------------------------------- 1 | WScript.Echo("T1547.001 Hello, World VBS!") 2 | -------------------------------------------------------------------------------- /atomics/T1547.004/T1547.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.004/T1547.004.md -------------------------------------------------------------------------------- /atomics/T1547.004/T1547.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.004/T1547.004.yaml -------------------------------------------------------------------------------- /atomics/T1547.005/T1547.005.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.005/T1547.005.md -------------------------------------------------------------------------------- /atomics/T1547.005/T1547.005.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.005/T1547.005.yaml -------------------------------------------------------------------------------- /atomics/T1547.006/T1547.006.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.006/T1547.006.md -------------------------------------------------------------------------------- /atomics/T1547.006/T1547.006.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.006/T1547.006.yaml -------------------------------------------------------------------------------- /atomics/T1547.006/src/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.006/src/Makefile -------------------------------------------------------------------------------- /atomics/T1547.006/src/T1547006.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.006/src/T1547006.c -------------------------------------------------------------------------------- /atomics/T1547.007/T1547.007.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.007/T1547.007.md -------------------------------------------------------------------------------- /atomics/T1547.007/T1547.007.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.007/T1547.007.yaml -------------------------------------------------------------------------------- /atomics/T1547.009/T1547.009.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.009/T1547.009.md -------------------------------------------------------------------------------- /atomics/T1547.009/T1547.009.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.009/T1547.009.yaml -------------------------------------------------------------------------------- /atomics/T1547.010/T1547.010.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.010/T1547.010.yaml -------------------------------------------------------------------------------- /atomics/T1547.010/src/Win32/T1547.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.010/src/Win32/T1547.dll -------------------------------------------------------------------------------- /atomics/T1547.010/src/x64/T1547.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.010/src/x64/T1547.dll -------------------------------------------------------------------------------- /atomics/T1547.011/T1547.011.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.011/T1547.011.md -------------------------------------------------------------------------------- /atomics/T1547.011/T1547.011.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1547.011/T1547.011.yaml -------------------------------------------------------------------------------- /atomics/T1548.001/T1548.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1548.001/T1548.001.md -------------------------------------------------------------------------------- /atomics/T1548.001/T1548.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1548.001/T1548.001.yaml -------------------------------------------------------------------------------- /atomics/T1548.001/src/hello.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1548.001/src/hello.c -------------------------------------------------------------------------------- /atomics/T1548.002/T1548.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1548.002/T1548.002.md -------------------------------------------------------------------------------- /atomics/T1548.002/T1548.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1548.002/T1548.002.yaml -------------------------------------------------------------------------------- /atomics/T1548.003/T1548.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1548.003/T1548.003.md -------------------------------------------------------------------------------- /atomics/T1548.003/T1548.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1548.003/T1548.003.yaml -------------------------------------------------------------------------------- /atomics/T1550.002/T1550.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1550.002/T1550.002.md -------------------------------------------------------------------------------- /atomics/T1550.002/T1550.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1550.002/T1550.002.yaml -------------------------------------------------------------------------------- /atomics/T1550.003/T1550.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1550.003/T1550.003.md -------------------------------------------------------------------------------- /atomics/T1550.003/T1550.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1550.003/T1550.003.yaml -------------------------------------------------------------------------------- /atomics/T1552.001/T1552.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1552.001/T1552.001.md -------------------------------------------------------------------------------- /atomics/T1552.001/T1552.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1552.001/T1552.001.yaml -------------------------------------------------------------------------------- /atomics/T1552.002/T1552.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1552.002/T1552.002.md -------------------------------------------------------------------------------- /atomics/T1552.002/T1552.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1552.002/T1552.002.yaml -------------------------------------------------------------------------------- /atomics/T1552.003/T1552.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1552.003/T1552.003.md -------------------------------------------------------------------------------- /atomics/T1552.003/T1552.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1552.003/T1552.003.yaml -------------------------------------------------------------------------------- /atomics/T1552.004/T1552.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1552.004/T1552.004.md -------------------------------------------------------------------------------- /atomics/T1552.004/T1552.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1552.004/T1552.004.yaml -------------------------------------------------------------------------------- /atomics/T1552.006/T1552.006.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1552.006/T1552.006.md -------------------------------------------------------------------------------- /atomics/T1552.006/T1552.006.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1552.006/T1552.006.yaml -------------------------------------------------------------------------------- /atomics/T1553.001/T1553.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1553.001/T1553.001.md -------------------------------------------------------------------------------- /atomics/T1553.001/T1553.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1553.001/T1553.001.yaml -------------------------------------------------------------------------------- /atomics/T1553.004/T1553.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1553.004/T1553.004.md -------------------------------------------------------------------------------- /atomics/T1553.004/T1553.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1553.004/T1553.004.yaml -------------------------------------------------------------------------------- /atomics/T1555.001/T1555.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1555.001/T1555.001.md -------------------------------------------------------------------------------- /atomics/T1555.001/T1555.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1555.001/T1555.001.yaml -------------------------------------------------------------------------------- /atomics/T1555.003/T1555.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1555.003/T1555.003.md -------------------------------------------------------------------------------- /atomics/T1555.003/T1555.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1555.003/T1555.003.yaml -------------------------------------------------------------------------------- /atomics/T1556.002/T1556.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1556.002/T1556.002.md -------------------------------------------------------------------------------- /atomics/T1556.002/T1556.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1556.002/T1556.002.yaml -------------------------------------------------------------------------------- /atomics/T1558.003/T1558.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1558.003/T1558.003.md -------------------------------------------------------------------------------- /atomics/T1558.003/T1558.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1558.003/T1558.003.yaml -------------------------------------------------------------------------------- /atomics/T1559.002/T1559.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1559.002/T1559.002.md -------------------------------------------------------------------------------- /atomics/T1559.002/T1559.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1559.002/T1559.002.yaml -------------------------------------------------------------------------------- /atomics/T1559.002/bin/DDE_Document.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1559.002/bin/DDE_Document.docx -------------------------------------------------------------------------------- /atomics/T1559.002/src/PowerShell_Script_For_DDE_Document.ps1: -------------------------------------------------------------------------------- 1 | echo "T1173" 2 | -------------------------------------------------------------------------------- /atomics/T1560.001/T1560.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1560.001/T1560.001.md -------------------------------------------------------------------------------- /atomics/T1560.001/T1560.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1560.001/T1560.001.yaml -------------------------------------------------------------------------------- /atomics/T1560/T1560.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1560/T1560.md -------------------------------------------------------------------------------- /atomics/T1560/T1560.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1560/T1560.yaml -------------------------------------------------------------------------------- /atomics/T1562.001/T1562.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.001/T1562.001.md -------------------------------------------------------------------------------- /atomics/T1562.001/T1562.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.001/T1562.001.yaml -------------------------------------------------------------------------------- /atomics/T1562.002/T1562.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.002/T1562.002.md -------------------------------------------------------------------------------- /atomics/T1562.002/T1562.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.002/T1562.002.yaml -------------------------------------------------------------------------------- /atomics/T1562.003/T1562.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.003/T1562.003.md -------------------------------------------------------------------------------- /atomics/T1562.003/T1562.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.003/T1562.003.yaml -------------------------------------------------------------------------------- /atomics/T1562.004/T1562.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.004/T1562.004.md -------------------------------------------------------------------------------- /atomics/T1562.004/T1562.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.004/T1562.004.yaml -------------------------------------------------------------------------------- /atomics/T1562.004/bin/AtomicTest.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.004/bin/AtomicTest.exe -------------------------------------------------------------------------------- /atomics/T1562.006/T1562.006.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.006/T1562.006.md -------------------------------------------------------------------------------- /atomics/T1562.006/T1562.006.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1562.006/T1562.006.yaml -------------------------------------------------------------------------------- /atomics/T1563.002/T1563.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1563.002/T1563.002.md -------------------------------------------------------------------------------- /atomics/T1563.002/T1563.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1563.002/T1563.002.yaml -------------------------------------------------------------------------------- /atomics/T1564.001/T1564.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1564.001/T1564.001.md -------------------------------------------------------------------------------- /atomics/T1564.001/T1564.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1564.001/T1564.001.yaml -------------------------------------------------------------------------------- /atomics/T1564.002/T1564.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1564.002/T1564.002.md -------------------------------------------------------------------------------- /atomics/T1564.002/T1564.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1564.002/T1564.002.yaml -------------------------------------------------------------------------------- /atomics/T1564.003/T1564.003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1564.003/T1564.003.md -------------------------------------------------------------------------------- /atomics/T1564.003/T1564.003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1564.003/T1564.003.yaml -------------------------------------------------------------------------------- /atomics/T1564.004/T1564.004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1564.004/T1564.004.md -------------------------------------------------------------------------------- /atomics/T1564.004/T1564.004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1564.004/T1564.004.yaml -------------------------------------------------------------------------------- /atomics/T1564.004/src/test.ps1: -------------------------------------------------------------------------------- 1 | Write-Host "Hello from T1096" -------------------------------------------------------------------------------- /atomics/T1566.001/T1566.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1566.001/T1566.001.md -------------------------------------------------------------------------------- /atomics/T1566.001/T1566.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1566.001/T1566.001.yaml -------------------------------------------------------------------------------- /atomics/T1566.001/bin/PhishingAttachment.xlsm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1566.001/bin/PhishingAttachment.xlsm -------------------------------------------------------------------------------- /atomics/T1569.001/T1569.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1569.001/T1569.001.md -------------------------------------------------------------------------------- /atomics/T1569.001/T1569.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1569.001/T1569.001.yaml -------------------------------------------------------------------------------- /atomics/T1569.002/T1569.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1569.002/T1569.002.md -------------------------------------------------------------------------------- /atomics/T1569.002/T1569.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1569.002/T1569.002.yaml -------------------------------------------------------------------------------- /atomics/T1571/T1571.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1571/T1571.md -------------------------------------------------------------------------------- /atomics/T1571/T1571.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1571/T1571.yaml -------------------------------------------------------------------------------- /atomics/T1573/T1573.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1573/T1573.md -------------------------------------------------------------------------------- /atomics/T1573/T1573.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1573/T1573.yaml -------------------------------------------------------------------------------- /atomics/T1574.001/T1574.001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.001/T1574.001.md -------------------------------------------------------------------------------- /atomics/T1574.001/T1574.001.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.001/T1574.001.yaml -------------------------------------------------------------------------------- /atomics/T1574.002/T1574.002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.002/T1574.002.md -------------------------------------------------------------------------------- /atomics/T1574.002/T1574.002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.002/T1574.002.yaml -------------------------------------------------------------------------------- /atomics/T1574.002/bin/GUP.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.002/bin/GUP.exe -------------------------------------------------------------------------------- /atomics/T1574.002/bin/libcurl.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.002/bin/libcurl.dll -------------------------------------------------------------------------------- /atomics/T1574.002/src/libcurl.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.002/src/libcurl.c -------------------------------------------------------------------------------- /atomics/T1574.006/T1574.006.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.006/T1574.006.md -------------------------------------------------------------------------------- /atomics/T1574.006/T1574.006.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.006/T1574.006.yaml -------------------------------------------------------------------------------- /atomics/T1574.006/src/Linux/T1574.006.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.006/src/Linux/T1574.006.c -------------------------------------------------------------------------------- /atomics/T1574.009/T1574.009.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.009/T1574.009.md -------------------------------------------------------------------------------- /atomics/T1574.009/T1574.009.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.009/T1574.009.yaml -------------------------------------------------------------------------------- /atomics/T1574.009/bin/WindowsServiceExample.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.009/bin/WindowsServiceExample.exe -------------------------------------------------------------------------------- /atomics/T1574.011/T1574.011.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.011/T1574.011.md -------------------------------------------------------------------------------- /atomics/T1574.011/T1574.011.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.011/T1574.011.yaml -------------------------------------------------------------------------------- /atomics/T1574.012/T1574.012.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/T1574.012.md -------------------------------------------------------------------------------- /atomics/T1574.012/T1574.012.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/T1574.012.yaml -------------------------------------------------------------------------------- /atomics/T1574.012/bin/T1574.012x64.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/bin/T1574.012x64.dll -------------------------------------------------------------------------------- /atomics/T1574.012/src/atomicNotepad.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/src/atomicNotepad.sln -------------------------------------------------------------------------------- /atomics/T1574.012/src/atomicNotepad/atomicNotepad.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/src/atomicNotepad/atomicNotepad.vcxproj -------------------------------------------------------------------------------- /atomics/T1574.012/src/atomicNotepad/atomicNotepad.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/src/atomicNotepad/atomicNotepad.vcxproj.filters -------------------------------------------------------------------------------- /atomics/T1574.012/src/atomicNotepad/atomicNotepad.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/src/atomicNotepad/atomicNotepad.vcxproj.user -------------------------------------------------------------------------------- /atomics/T1574.012/src/atomicNotepad/dllmain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/src/atomicNotepad/dllmain.cpp -------------------------------------------------------------------------------- /atomics/T1574.012/src/atomicNotepad/framework.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/src/atomicNotepad/framework.h -------------------------------------------------------------------------------- /atomics/T1574.012/src/atomicNotepad/pch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/src/atomicNotepad/pch.cpp -------------------------------------------------------------------------------- /atomics/T1574.012/src/atomicNotepad/pch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/src/atomicNotepad/pch.h -------------------------------------------------------------------------------- /atomics/T1574.012/src/x64/Release/atomicNotepad.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/T1574.012/src/x64/Release/atomicNotepad.dll -------------------------------------------------------------------------------- /atomics/used_guids.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/atomics/used_guids.txt -------------------------------------------------------------------------------- /bin/generate-atomic-docs.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/bin/generate-atomic-docs.rb -------------------------------------------------------------------------------- /bin/generate-guids.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/bin/generate-guids.rb -------------------------------------------------------------------------------- /bin/new-atomic.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/bin/new-atomic.rb -------------------------------------------------------------------------------- /bin/validate-atomics.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/bin/validate-atomics.rb -------------------------------------------------------------------------------- /docs/CNAME: -------------------------------------------------------------------------------- 1 | atomicredteam.io -------------------------------------------------------------------------------- /docs/_config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/_config.yml -------------------------------------------------------------------------------- /docs/_layouts/default.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/_layouts/default.html -------------------------------------------------------------------------------- /docs/apis.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/apis.md -------------------------------------------------------------------------------- /docs/assets/css/style.scss: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/assets/css/style.scss -------------------------------------------------------------------------------- /docs/assets/images/favicon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/assets/images/favicon.png -------------------------------------------------------------------------------- /docs/assets/images/list-of-tests.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/assets/images/list-of-tests.png -------------------------------------------------------------------------------- /docs/assets/images/technique-md-example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/assets/images/technique-md-example.png -------------------------------------------------------------------------------- /docs/assets/javascripts/roll-the-dice.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/assets/javascripts/roll-the-dice.js -------------------------------------------------------------------------------- /docs/contributing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/contributing.md -------------------------------------------------------------------------------- /docs/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/index.md -------------------------------------------------------------------------------- /docs/maintainers.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/maintainers.md -------------------------------------------------------------------------------- /docs/related.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/related.md -------------------------------------------------------------------------------- /docs/roll-the-dice.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/roll-the-dice.md -------------------------------------------------------------------------------- /docs/testing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/testing.md -------------------------------------------------------------------------------- /docs/use-cases.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/splunk/atomic-red-team/HEAD/docs/use-cases.md --------------------------------------------------------------------------------