WELCOME
 

Welcome to this month's edition of the Atomic Newsletter, a monthly email with updates and news about Atomic Red Team™ and its related projects such as MITRE ATT&CK®, Invoke-AtomicRedTeam, AtomicTestHarnesses, and more. Visit our website and join the community chat with us on Slack!
 
 
The latest from Atomic Red Team
 
 
 
post-thumbnail
 
Welcome new maintainer Paul Michaud!
 

The maintainers team welcomes Paul Michaud, a Principal Incident Handler at Red Canary who brings deep knowledge of Windows internals and firsthand perspective from years of experience responding to threats in customers’ environments.

 
post-thumbnail
 
VIDEO: Where Adversary Emulation and Testing Meet
 

Watch Adam Mashinchi’s top-rated talk, “Atomic Red Team: Where Adversary Emulation and EDR Testing Meet” from this year’s RSA conference.

 
Install atomic script without payloads
 

Invoke-Atomic's new -noPayloads option lets you download the YAML files from the atomic-install script without any of the /src and /bin files. You can then use getPrereqs to download only the payloads for which you are testing.

 
DLL added to password filter test
 

Thanks to maintainer Mike Haag, the test for T1556.002 now includes a DLL that will load into lsass.exe upon reboot when run successfully.

 
CONTRIBUTOR SUPPORT
 
 

Top contributors

  • frack113
  • arames13
  • MHaggis
  • cyberbuff
  • Leomon5

New contributors

  • xenoscr
  • 100687344
  • Mikoyan-Dee
  • Chronolator
  • scriptingislife
  • cyberbuff
  • rc-GeorgeAllen
  • gowthamarajr
  • Tenillekay
 
 
Weekly "Atomic Spotlight” on YouTube
 

Every Thursday, check out a new video from maintainer Carrie Roberts and AntiSyphon Training demonstrating an atomic test for a popular adversary technique.

 
SUBSCRIBE
 
 
  Twitter   LinkedIn   GitHub   YouTube   Slack