Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.
MIT License
805
stars
190
forks
source link
Atomic Runner code - scripted attack emulation around the clock #116
Add the ability to read a list of atomics from a CSV file and execute them as a single emulation or continuously around the clock. This code adds a new Invoke-AtomicRunner function but doesn't change how Invoke-AtomicRedTeam functions using Invoke-AtomicTest.
Full documentation included on the wiki page here for basic usage and here for continuous, around the clock usage.
This Pull Request also includes a new SysLog logger option as described here
It also adds the process ID and process exit code to the execution log to aid in correlating with your telemetry and in determining if an atomic ran successfully.
🥇 Thank you to all of the authors of this functionality (@clr2of8, @dwhite9, @Andras32, @bagelsrgood4me, and @ge0var)
Add the ability to read a list of atomics from a CSV file and execute them as a single emulation or continuously around the clock. This code adds a new Invoke-AtomicRunner function but doesn't change how Invoke-AtomicRedTeam functions using
Invoke-AtomicTest.Full documentation included on the wiki page here for basic usage and here for continuous, around the clock usage.
This Pull Request also includes a new SysLog logger option as described here
It also adds the process ID and process exit code to the execution log to aid in correlating with your telemetry and in determining if an atomic ran successfully.
🥇 Thank you to all of the authors of this functionality (@clr2of8, @dwhite9, @Andras32, @bagelsrgood4me, and @ge0var)