Welcome to this month's edition of the Atomic Newsletter, a monthly email with updates and news about Atomic Red Team™ and its related projects such as MITRE ATT&CK®, Invoke-AtomicRedTeam, AtomicTestHarnesses, and more. Visit our website and join the community chat with us on Slack!

The latest from Atomic Red Team
Welcome new maintainer Paul Michaud!

The maintainers team welcomes Paul Michaud, a Principal Incident Handler at Red Canary who brings deep knowledge of Windows internals and firsthand perspective from years of experience responding to threats in customers’ environments.

VIDEO: Where Adversary Emulation and Testing Meet

Watch Adam Mashinchi’s top-rated talk, “Atomic Red Team: Where Adversary Emulation and EDR Testing Meet” from this year’s RSA conference.

Install atomic script without payloads

Invoke-Atomic's new -noPayloads option lets you download the YAML files from the atomic-install script without any of the /src and /bin files. You can then use getPrereqs to download only the payloads for which you are testing.

DLL added to password filter test

Thanks to maintainer Mike Haag, the test for T1556.002 now includes a DLL that will load into lsass.exe upon reboot when run successfully.


Top contributors

  • frack113
  • arames13
  • MHaggis
  • cyberbuff
  • Leomon5

New contributors

  • xenoscr
  • 100687344
  • Mikoyan-Dee
  • Chronolator
  • scriptingislife
  • cyberbuff
  • rc-GeorgeAllen
  • gowthamarajr
  • Tenillekay
Weekly "Atomic Spotlight” on YouTube

Every Thursday, check out a new video from maintainer Carrie Roberts and AntiSyphon Training demonstrating an atomic test for a popular adversary technique.

  Twitter   LinkedIn   GitHub   YouTube   Slack