AtomicTestHarnesses
1.9.0.0
A module to facilitate the testing of attack techniques and their corresponding procedures.
Minimum PowerShell version
5.0
Installation Options
Owners
Copyright
2021 Red Canary, Inc. All rights reserved.
Package Details
Author(s)
- Mike Haag Jesse Brown Matt Graeber Jonathan Johnson
Tags
Functions
Get-ATHDriverService Get-ATHMSI Invoke-ATHHTMLApplication Invoke-ATHCompiledHelp Invoke-ATHCORProfiler Invoke-ATHCreateProcessWithToken Invoke-ATHInjectedThread Invoke-ATHMSBuild Invoke-ATHRemoteFXvGPUDisablementCommand Invoke-ATHTokenImpersonation New-ATHDriverService Invoke-ATHMSI New-ATHMSI Out-ATHPowerShellCommandLineParameter Remove-ATHDriverService Start-ATHProcessHerpaderp Start-ATHProcessUnderSpecificParent
Dependencies
This module has no dependencies.
Release Notes
1.9.0
-----
Added:
* New-ATHMSI
* Get-ATHMSI
* Invoke-ATHMSI
1.8.0
-----
Added:
* Invoke-ATHTokenImpersonation
* Invoke-ATHCreateProcessWithToken
1.7.0
-----
Added:
* New-ATHDriverService
* Get-ATHDriverService
* Remove-ATHDriverService
1.6.0
-----
Added:
* Invoke-ATHCorProfiler
1.5.0
-----
Added:
* Invoke-ATHInjectedThread
1.4.0
-----
Added:
* Invoke-ATHMSBuild
Improvements:
* Invoke-ATHCompiledHelp was returning the wrong MITRE technique ID. Thanks, Mike Haag (@M_haggis) for pointing out the issue and supplying the fix!
* Invoke-ATHCompiledHelp Pester tests were extracting the incorrect MITRE technique ID.
1.3.0
-----
Added:
* Start-ATHProcessHerpaderp
1.2.0
-----
Added:
* Invoke-ATHRemoteFXvGPUDisablementCommand
1.1.1
-----
Added:
* Out-ATHPowerShellCommandLineParameter
Improvements:
* Added tags to each individual Pester test so that tags are surfaced when Invoke-Pester is run with -PassThru.
* Tweaked an error handler in Start-ATHProcessUnderSpecificParent to have less aggressive handling logic.
1.0.0
-----
Added:
* Invoke-ATHHTMLApplication
* Invoke-ATHCompiledHelp
* Start-ATHProcessUnderSpecificParent
FileList
- AtomicTestHarnesses.nuspec
- TestHarnesses\T1134.002_CreateProcessWithToken\CreateProcessWithToken.Tests.ps1
- AtomicTestHarnesses.psd1
- TestHarnesses\T1134.004_ParentPIDSpoofing\PPIDSpoof.ps1
- AtomicTestHarnesses.psm1
- TestHarnesses\T1134.004_ParentPIDSpoofing\PPIDSpoof.Tests.ps1
- LICENSE
- TestHarnesses\T1218.001_CompiledHTMLFile\InvokeCompiledHTMLFile.ps1
- Readme.md
- TestHarnesses\T1218.001_CompiledHTMLFile\InvokeCompiledHTMLFile.Tests.ps1
- .github\CODEOWNERS
- TestHarnesses\T1218.005_Mshta\InvokeHTMLApplication.ps1
- Tests\Module.Tests.ps1
- TestHarnesses\T1218.005_Mshta\InvokeHTMLApplication.Tests.ps1
- TestHarnesses\T1055.002_PortableExecutableInjection\InvokeThread.ps1
- TestHarnesses\T1218.007_Msiexec\InvokeMSI.ps1
- TestHarnesses\T1055.002_PortableExecutableInjection\InvokeThread.Tests.ps1
- TestHarnesses\T1218.007_Msiexec\InvokeMSI.Tests.ps1
- TestHarnesses\T1055_ProcessInjection\ProcessHerpderp.ps1
- TestHarnesses\T1218_SignedBinaryProxyExecution\InvokeRemoteFXvGPUDisablementCommand.ps1
- TestHarnesses\T1055_ProcessInjection\ProcessHerpderp.Tests.ps1
- TestHarnesses\T1218_SignedBinaryProxyExecution\InvokeRemoteFXvGPUDisablementCommand.Tests.ps1
- TestHarnesses\T1059.001_PowerShell\OutPowerShellCommandLineParameter.ps1
- TestHarnesses\T1543.003_WindowsService\DriverInstaller.ps1
- TestHarnesses\T1059.001_PowerShell\OutPowerShellCommandLineParameter.Tests.ps1
- TestHarnesses\T1543.003_WindowsService\DriverInstaller.Tests.ps1
- TestHarnesses\T1127.001_MSBuild\InvokeMSBuild.ps1
- TestHarnesses\T1574.012_COR_PROFILER\LoadCORProfiler.ps1
- TestHarnesses\T1127.001_MSBuild\InvokeMSBuild.Tests.ps1
- TestHarnesses\T1574.012_COR_PROFILER\LoadCORProfiler.Tests.ps1
- TestHarnesses\T1134.001_TokenImpersonation\TokenImpersonation.ps1
- TestHarnesses\T1218.007_Msiexec\Dependencies\LICENSE.TXT
- TestHarnesses\T1134.001_TokenImpersonation\TokenImpersonation.Tests.ps1
- TestHarnesses\T1218.007_Msiexec\Dependencies\Microsoft.Deployment.WindowsInstaller.dll
- TestHarnesses\T1134.002_CreateProcessWithToken\CreateProcessWithToken.ps1
Version History
Version | Downloads | Last updated |
---|---|---|
1.12.0.0 | 33,632 | 12/13/2022 |
1.11.0.0 | 40 | 12/9/2022 |
1.9.0.0 (current version) | 2,766 | 5/18/2022 |
1.8.0.0 | 1,745 | 11/22/2021 |
1.7.0.0 | 1,950 | 7/22/2021 |
1.6.0.0 | 472 | 6/4/2021 |
1.5.0.0 | 142 | 5/24/2021 |
1.4.0.0 | 720 | 3/2/2021 |
1.3.0.0 | 242 | 1/18/2021 |
1.2.0.0 | 142 | 12/7/2020 |
1.1.1.0 | 132 | 11/9/2020 |
1.0.0.0 | 113 | 10/22/2020 |