search

redcanaryco / invoke-atomicredteam

Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.
MIT License
831 stars 195 forks source link

Output into Vectr json - Multiple Use cases #153

Closed arishwani closed 1 year ago

arishwani commented 1 year ago

Hi, Is there way I can get some help. I would like to output result of all use cases test into a json file in the folder I would run using ATTiRe logging for VECTR import

"$techniques = gci C:\AtomicRedTeam\atomics* -Recurse -Include T*.yaml | Get-AtomicTechnique

foreach ($technique in $techniques) { foreach ($atomic in $technique.atomic_tests) { if ($atomic.supported_platforms.contains("windows") -and ($atomic.executor -ne "manual")) {

Get Prereqs for test

        Invoke-AtomicTest $technique.attack_technique -TestGuids $atomic.auto_generated_guid -GetPrereqs
        # Invoke
        Invoke-AtomicTest $technique.attack_technique -TestGuids $atomic.auto_generated_guid
        # Sleep then cleanup
        Start-Sleep 3
        Invoke-AtomicTest  $technique.attack_technique -TestGuids $atomic.auto_generated_guid -Cleanup
    }
}

}"

Could you please edit the powershell script above to output the result into a json file for vectr import?

Thank you