AtomicTestHarnesses

1.9.0.0

A module to facilitate the testing of attack techniques and their corresponding procedures.

Minimum PowerShell version

5.0

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name AtomicTestHarnesses -RequiredVersion 1.9.0.0

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

Install-PSResource -Name AtomicTestHarnesses -Version 1.9.0.0

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

redcanary

Copyright

Package Details

Author(s)

Mike Haag Jesse Brown Matt Graeber Jonathan Johnson

Functions

Get-ATHDriverService Get-ATHMSI Invoke-ATHHTMLApplication Invoke-ATHCompiledHelp Invoke-ATHCORProfiler Invoke-ATHCreateProcessWithToken Invoke-ATHInjectedThread Invoke-ATHMSBuild Invoke-ATHRemoteFXvGPUDisablementCommand Invoke-ATHTokenImpersonation New-ATHDriverService Invoke-ATHMSI New-ATHMSI Out-ATHPowerShellCommandLineParameter Remove-ATHDriverService Start-ATHProcessHerpaderp Start-ATHProcessUnderSpecificParent

Dependencies

This module has no dependencies.

Release Notes

1.9.0
-----
Added:
* New-ATHMSI
* Get-ATHMSI
* Invoke-ATHMSI

1.8.0
-----
Added:
* Invoke-ATHTokenImpersonation
* Invoke-ATHCreateProcessWithToken

1.7.0
-----
Added:
* New-ATHDriverService
* Get-ATHDriverService
* Remove-ATHDriverService

1.6.0
-----
Added:
* Invoke-ATHCorProfiler

1.5.0
-----
Added:
* Invoke-ATHInjectedThread

1.4.0
-----
Added:
* Invoke-ATHMSBuild

Improvements:
* Invoke-ATHCompiledHelp was returning the wrong MITRE technique ID. Thanks, Mike Haag (@M_haggis) for pointing out the issue and supplying the fix!
* Invoke-ATHCompiledHelp Pester tests were extracting the incorrect MITRE technique ID.

1.3.0
-----
Added:
* Start-ATHProcessHerpaderp

1.2.0
-----
Added:
* Invoke-ATHRemoteFXvGPUDisablementCommand

1.1.1
-----
Added:
* Out-ATHPowerShellCommandLineParameter

Improvements:
* Added tags to each individual Pester test so that tags are surfaced when Invoke-Pester is run with -PassThru.
* Tweaked an error handler in Start-ATHProcessUnderSpecificParent to have less aggressive handling logic.

1.0.0
-----
Added:
* Invoke-ATHHTMLApplication
* Invoke-ATHCompiledHelp
* Start-ATHProcessUnderSpecificParent

FileList

Version History

Version	Downloads	Last updated
1.12.0.0	51,623	12/13/2022
1.11.0.0	43	12/9/2022
1.9.0.0 (current version)	2,777	5/18/2022
1.8.0.0	1,745	11/22/2021
1.7.0.0	1,950	7/22/2021
1.6.0.0	472	6/4/2021
1.5.0.0	142	5/24/2021
1.4.0.0	720	3/2/2021
1.3.0.0	242	1/18/2021
1.2.0.0	142	12/7/2020
1.1.1.0	132	11/9/2020
1.0.0.0	113	10/22/2020