Welcome to this month's edition of the Atomic Newsletter, a monthly email with updates and news about Atomic Red Team™ and its related projects such as MITRE ATT&CK®, Invoke-AtomicRedTeam, AtomicTestHarnesses, and more. Visit our website and join the community chat with us on Slack!

The latest from Atomic Red Team
It all started with SATAN...

In a new blog, one of Red Canary's incident handlers traced the origins of vulnerability scanning, pentesting, red/purple teaming, and more.

VIDEO: Proxy execution through rundll32

Watch maintainer Carrie Roberts as she walks through several Atomic Red Team tests associated with System Binary Proxy Execution: Rundll32 (T1218.011), a defense evasion tactic.

Tests for TA551 activity

Researcher "DragosLMalfoy" compiled this library of 16 Atomic Red Team tests to help you validate your detection coverage against activity associated with the TA551 threat actor group.

Open source in cybersecurity: a deep dive

On his "Venture in Security" blog, Ross Haleliuk considers the evolving role that open source infrastructure plays in the information security industry.


Top contributors

  • clr2of8
  • tlor89
  • MHaggis
  • TomFord3
  • patel-bhavin
  • frack113
  • msdlearn

New contributors

  • Narasimha2218
  • hunty-dumpy
  • 0xzeta
  • msdlearn
  • TomFord3
The Detection Series: AppleScript and the Open Scripting Architecture

On October 25, join our panel of Mac experts as they walk through how to observe, detect, and emulate suspicious and malicious scripting behavior on macOS.

  Twitter   LinkedIn   GitHub   YouTube   Slack