swimlane / atomic-operator Goto Github PK
View Code? Open in Web Editor NEWA Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
License: MIT License
A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
License: MIT License
Describe the bug
I tried installing in CentOS 7 but failed.
Error message as follows:
File "setup.py", line 21, in
with open(os.path.join(here, 'atomic_operator', 'meta.py'), 'r') as f:
FileNotFoundError: [Errno 2] No such file or directory: '/root/atomic-operator/atomic_operator/meta.py'
To Reproduce
Steps to reproduce the behavior:
I used python3 instead of python
Expected behavior
"python3 setup.py install" command should be able to complete but it did not
I did a search on meta.py . There is no such file
File "setup.py", line 21, in <module>
with open(os.path.join(here, 'atomic_operator', '__meta__.py'), 'r') as f:
FileNotFoundError: [Errno 2] No such file or directory: '/root/atomic-operator/atomic_operator/__meta__.py'
When executing
atomic-operator.exe run --test_guid fe94a1c3-3e22-4dc9-9fdf-3a8bdbc10dc4 --check_preregs True --return_atomics True
I get listed all the atomic tests.
I would expect only the test(s) with the given guid. As the default for --techniques
is "all", I thought I try to disable it using['None']
or []
but those do not work. I only get the empty dict:
atomic-operator.exe run --techniques ['None'] --test_guid 89676ba1-b1f8-47ee-b940-2e1a113ebc71 --check_preregs True --return_atomics True
{}
Maybe I am using it wrong? What would be the recommended way to just execute a sub test via guid?
Is your feature request related to a problem? Please describe.
I would like to format the output returned from --return_atomics
flag
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
Provide the ability to execute MITRE/CTID Adversary Emulation Plans via execution framework.
Describe the solution you'd like
Ideally, these could be executed in a similar style to the existing "config" style execution; however these YAML files are more akin to a series of Atomic Tests than to the configs.
Describe alternatives you've considered
N/A
Additional context
Example Emulation Plan
Describe the bug
Installing using pip3 natively may not work on an ARM-based (M1) Mac for a wide variety of reasons (Python + ARM is fraught with sadness). So, you'll probably want to build from source.
Building from source will likely fail because of a dependency on setuptools_rust, which requires a Rust compiler.
To Reproduce
ModuleNotFoundError: No module named 'setuptools_rust'
Desktop (please complete the following information):
Additional context
This public Gist contains an alternate installation script that resolves this issue: https://gist.github.com/keithmccammon/5aa831e74abb74922404289d48ed1e29
Is your feature request related to a problem? Please describe.
It would be fantastic to be able to search for a specific test. Currently, I'm looking through the atomics for a good test to verify RC O365 integration, but going to the Slack and searching manually is taking a long time.
Describe the solution you'd like
A search function like searchsploit or atomic-operator -search "$keyword"
Describe alternatives you've considered
Going to the official Slack channel for advice, searching through https://atomicredteam.io/atomics/ myself
Additional context
None at this time
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
Describe the bug
src file as part of Atomic test is not copied over to remote host even with copy_source_files flag active. Atomic test then fails.
To Reproduce
Config:
self.operator.run(
test_guids=['437b2003-a20d-4ed8-834c-4964f24eec63',]
atomics_path='./atomics',
hosts = hosts,
username = 'ubuntu',
ssh_key_path='./mykey.pem',
copy_source_files=True,
cleanup=False,
command_timeout=20,
debug=True,
prompt_for_input_args=False)
Content of tmp Directory on remote host (no ./src/dump_heap.py file):
-rw-rw-r-- 1 ubuntu ubuntu 65 Jan 24 20:45 T1003.007.sh
Error:
INFO:Base.Runner.RemoteRunner:{'output': 'The password is T1003.007', 'error': "/usr/bin/python3: can't open file '/tmp/T1003.007/src/dump_heap.py': [Errno 2] No such file or directory\ngrep: /tmp/T1003.007.bin: No such file or directory"}
Expected behavior
File will be copied to host
Desktop (please complete the following information):
I've ran get-atomics but I can't run any technique wihthout getting the following type error pasted below. Any help would be greatly appreciated.
PS C:\Users\greg\Documents\GitHub\atomic-operator\redcanaryco-atomic-red-team-b044c49> atomic-operator run --techniques T1564.001 Traceback (most recent call last): File "<frozen runpy>", line 198, in _run_module_as_main File "<frozen runpy>", line 88, in _run_code File "C:\Users\greg\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\Scripts\atomic-operator.exe\__main__.py", line 7, in <module> File "C:\Users\greg\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\atomic_operator\__main__.py", line 6, in main fire.Fire({ File "C:\Users\greg\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\fire\core.py", line 141, in Fire component_trace = _Fire(component, args, parsed_flag_args, context, name) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "C:\Users\greg\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\fire\core.py", line 475, in _Fire component, remaining_args = _CallAndUpdateTrace( ^^^^^^^^^^^^^^^^^^^^ File "C:\Users\greg\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\fire\core.py", line 691, in _CallAndUpdateTrace component = fn(*varargs, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^ File "C:\Users\greg\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\atomic_operator\atomic_operator.py", line 333, in run self.__config_parser = ConfigParser( ^^^^^^^^^^^^^ File "C:\Users\greg\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\atomic_operator\configparser.py", line 67, in __init__ self._all_loaded_techniques = Loader().load_techniques() ^^^^^^^^^^^^^^^^^^^^^^^^^^ File "C:\Users\greg\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\atomic_operator\atomic\loader.py", line 84, in load_techniques self.__techniques[technique] = Atomic(**loaded_technique) ^^^^^^^^^^^^^^^^^^^^^^^^^^ File "<attrs generated init atomic_operator.atomic.atomic.Atomic>", line 7, in __init__ File "C:\Users\greg\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.11_qbz5n2kfra8p0\LocalCache\local-packages\Python311\site-packages\atomic_operator\atomic\atomic.py", line 24, in __attrs_post_init__ test_list.append(AtomicTest(**test)) ^^^^^^^^^^^^^^^^^^ TypeError: AtomicTest.__init__() missing 1 required positional argument: 'auto_generated_guid'
at first i would thank you ATOMIC/OPERATOR team.
have best times 🥇
Describe the bug
I got with ATOMIC tool today.
I installed the last version of atomic-operator via pip (python 3.9.10)
on Windows 10 and Debian 11 (on virtualbox 6).
I was trying to test and learn ATOMIC today. but I don't know the root cause of error below on Win and Linux:
INFO:Base.AtomicOperator:Running Process Discovery - ps test (4ff64f0b-aaf2-4866-b39d-38d9791407cc) for technique T1057
Traceback (most recent call last):
File "/usr/local/bin/atomic-operator", line 8, in <module>
sys.exit(main())
File "/usr/local/lib/python3.9/dist-packages/atomic_operator/__main__.py", line 6, in main
fire.Fire({
File "/usr/local/lib/python3.9/dist-packages/fire/core.py", line 141, in Fire
component_trace = _Fire(component, args, parsed_flag_args, context, name)
File "/usr/local/lib/python3.9/dist-packages/fire/core.py", line 466, in _Fire
component, remaining_args = _CallAndUpdateTrace(
File "/usr/local/lib/python3.9/dist-packages/fire/core.py", line 681, in _CallAndUpdateTrace
component = fn(*varargs, **kwargs)
File "/usr/local/lib/python3.9/dist-packages/atomic_operator/atomic_operator.py", line 261, in run
self.__run_technique(item)
File "/usr/local/lib/python3.9/dist-packages/atomic_operator/atomic_operator.py", line 135, in __run_technique
LocalRunner(test, technique.path).start()
File "/usr/local/lib/python3.9/dist-packages/atomic_operator/execution/localrunner.py", line 74, in start
return self.execute(executor=self._get_executor_command())
File "/usr/local/lib/python3.9/dist-packages/atomic_operator/execution/runner.py", line 91, in execute
response = self.execute_process(
TypeError: execute_process() got an unexpected keyword argument 'elevation_requred'
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
a windows image poc on imgur.com
a linux image poc on imgur.com
reademe says open issue for questions... Installed on my Mac - Monterey 12.0.1. Running remote to EC2 in AWS running Windows_Server-2019-English-Full-Base-2021.12.15 AMI. I'll occasionally get "Uknown Error's" & trying to figure out how to troubleshoot. Not sure if it's me or a legit issue. Console provides good info, but nothing to help with the Unknown Error. Setting --debug True didn't help. Can't find any logs on my Mac & takes forever to parse through powershell event logs on my target host to find anything, when I'm not sure what I'm looking for...
For example, I'll run:
atomic-operator run --atomics-path "redcanaryco-atomic-red-team-d39dc66" --techniques T1055,T1055.001,T1055.004 --hosts "1.2.3.4" --username "" --password "" --check_prereqs True
Results are T1055.001 (the last one) worked, and the rest didn't.
1c91e740-1729-4329-b779-feba6e71d048: {"1.2.3.4": {"command": {"error": "Uknown Error - Received an unknown error from host - 1.2.3.4 - Received AttributeError"}}, "technique_id": "T1055", "technique_name": "Process Injection"}
3203ad24-168e-4bec-be36-f79b13ef8a83: {"1.2.3.4": {"command": {"error": "Uknown Error - Received an unknown error from host - 1.2.3.4 - Received AttributeError"}}, "technique_id": "T1055", "technique_name": "Process Injection"}
611b39b7-e243-4c81-87a4-7145a90358b1: {"1.2.3.4": {"command": {"error": "Uknown Error - Received an unknown error from host - 1.2.3.4 - Received AttributeError"}}, "technique_id": "T1055.004", "technique_name": "Process Injection: Asynchronous Procedure Call"}
74496461-11a1-4982-b439-4d87a550d254: {"1.2.3.4": {"command": {}}, "technique_id": "T1055.001", "technique_name": "Process Injection: Dynamic-link Library Injection"}
Appreciate any pointers you can offer
Describe the bug
When attempting to run tests against a remote machine (Mac in this case), atomic operator appears to try to execute tests on localhost instead (Ubuntu Linux in this case).
To Reproduce
Here is my command:
atomic-operator run --config_file ./apa/test1.yml --hosts 'IP' --username myuser --password 'super secret password' --config_file_only --debug
And here is the contents of the config file:
atomic_tests:
- guid: b3e7510c-2d4c-4249-a33f-591a2bc83eef
- guid: 1864fdec-ff86-4452-8c30-f12507582a93
And here is the output:
DEBUG:Base.AtomicOperator:Checking technique T1562.001 (Impair Defenses: Disable or Modify Tools) for applicable tests.
INFO:Base:You provided a test (b3e7510c-2d4c-4249-a33f-591a2bc83eef) 'Stop and unload Crowdstrike Falcon on macOS' which is not supported on this platform. Skipping...
DEBUG:Base.AtomicOperator:Checking technique T1555.001 (Credentials from Password Stores: Keychain) for applicable tests.
INFO:Base:You provided a test (1864fdec-ff86-4452-8c30-f12507582a93) 'Keychain' which is not supported on this platform. Skipping...
b3e7510c-2d4c-4249-a33f-591a2bc83eef: {}
1864fdec-ff86-4452-8c30-f12507582a93: {}
Expected behavior
Tests should execute on remote machine
Note that I have successfully executed one-off tests successfully from the command line by passing in individual test UIDs, so I know there's nothing wrong with my connection parameters.
Hello,
Thanks for amazing work! Would it be possible to add option to run some test with sudo? For example tests T1003.007 are both failing because of permission denied. See Atomic test https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1003.007/T1003.007.md
Test#1:
INFO:Base.Runner.RemoteRunner:{'output': 'The password is T1003.007', 'error': "dd: failed to open '/proc/50754/mem': Permission denied\ngrep: /tmp/T1003.007.bin: No such file or directory"}
Test#2:
INFO:Base.Runner.RemoteRunner:{'output': 'The password is T1003.007', 'error': 'Traceback (most recent call last):\n File "/tmp/T1003.007/src/dump_heap.py", line 26, in \n with open("/proc/{}/mem".format(process_id), "rb") as mem_file:\nPermissionError: [Errno 13] Permission denied: '/proc/50668/mem'\ngrep: /tmp/T1003.007.bin: No such file or directory'}
[System information]
platform : Ubuntu 22.04-x64
python : 3.10.4
atomic-operator : 0.8.5
[Installation commands]
The first installation attempt was made, but an error occurred.
pip install atomic-operator
Installation completed using the command below
git clone https://github.com/swimlane/atomic-operator.git
cd atomic-operator
pip install -r requirements.txt
python setup.py install
[Problematic matter]
It is a normal user and is operated at the time.
However, if you execute with root authority, you will get an error
The cause has not been found and the solution has not been solved.
=======================================
[Add question]
↓ Should I apply it on my Victim PC? Or should I apply it to the Attacker PC?
And Do I have to run SSH client?
https://www.atomic-operator.com/0.8.5/windows-remote/
Describe the bug
Running with config_file is not applying custom input values, and instead uses the technique's default values.
To Reproduce
Steps to reproduce the behavior:
config.yml
atomic_tests:
- guid: 9fdd83fd-bd53-46e5-a716-9dec89c8ae8e
input_arguments:
project-id:
value: test-project
Run test locally:
atomic-operator run --config_file ./config.yml --config_file_only
Output:
INFO:Base.AtomicOperator:Running Creating GCP Service Account and Service Account Key test (9fdd83fd-bd53-46e5-a716-9dec89c8ae8e) for technique T1078.004
INFO:Base.Runner:
WARNING: You do not appear to have access to project [art-project-1] or it does not exist.
ERROR: (gcloud.iam.service-accounts.create) User [<REDACTED>] does not have permission to access projects instance [art-project-1] (or it may not exist): Permission 'iam.serviceAccounts.create' denied on resource (or it may not exist).
- '@type': type.googleapis.com/google.rpc.ErrorInfo
domain: iam.googleapis.com
metadata:
permission: iam.serviceAccounts.create
reason: IAM_PERMISSION_DENIED
ERROR: (gcloud.iam.service-accounts.keys.create) NOT_FOUND: Unknown service account
Note the atomic for T1078.004 in question was slightly modified to skip the login step (since it requires a prompt) in the sequence of test commands:
executor:
name: sh
elevation_required: false
command: |
#gcloud auth login --no-launch-browser
gcloud config set project #{project-id}
gcloud iam service-accounts create #{service-account-name}
gcloud iam service-accounts keys create #{output-key-file} --iam-account=#{service-account-email}
Expected behavior
Expected to apply the value test-project for input argument project-id
, and not the default value art-project-1 defined in technique atomic.
Desktop (please complete the following information):
More context:
Excerpt from T1078.004 atomic:
atomic_tests:
- name: Creating GCP Service Account and Service Account Key
auto_generated_guid: 9fdd83fd-bd53-46e5-a716-9dec89c8ae8e
description: |
GCP Service Accounts can be used to gain intial access as well as maintain persistence inside Google Cloud.
supported_platforms:
- google-workspace
- iaas:gcp
- linux
input_arguments:
project-id:
description: ID of the project, you want to create service account as well as service account key for
type: string
default: art-project-1
[...]
Describe the bug
At this path:
atomic_operator/execution/copier.py
The function "__copy_file_to_windows" function second argument is "desintation" instead of "destination".
The problem is it isn't only a typo.
When you call this function from the code at line 51 of the same file the call fails since the call variables are specified with their names:
self.__copy_file_to_windows(source=source, destination=destination).
Please replace all "destination" mentions in the code(3):
def __copy_file_to_windows(self, source, destination):
try:
command = f"New-Item -Path {os.path.dirname(destination)} -ItemType Directory"
if self.elevation_required:
command = f'Start-Process PowerShell -Verb RunAs; {command}'
output, streams, had_errors = self.windows_client.execute_ps(command)
response = self.windows_client.copy(source, destination)
except:
self.__logger.warning(f'Unable to execute copy of supporting file {source}')
self.__logger.warning(f'Output: {output}/nStreams: {streams}/nHad Errors: {had_errors}')
To Reproduce
Steps to reproduce the behavior:
Expected behaviour
The expected behaviour should be for it to run without any errors
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Describe the bug
If an atomic test has not been configured correctly, atomic-operator will not handle it gracefully, and exit. This requires the user to modify the atomic tests folder in order to be able to use the package, which is frustrating and slow.
To Reproduce
Download the most recent atomic red team folder. Try to run a test, it will fail beacuse of many tests missing GUIDs. Ref
Expected behavior
Ignore Atomic tests that fail to be loaded when itializing an Atomic object (ref). Or, gracefully handle the error and exit. The former seems easier from an end user perspective.
Is your feature request related to a problem? Please describe.
I want to be able to set up the lab and download the requirements in advance.
But need to run the test to get them with get_prereqs
Describe the solution you'd like
have another verb like set
: atomic-operator set --techniques T1234
Describe alternatives you've considered
have of norun
option for get_prereqs
: atomic-operator run --techniques T1234 --get_prereqs --norun
In https://github.com/swimlane/atomic-operator/blob/main/atomic_operator/base.py#L34, %temp%
is being replaced with $env:TEMP
for command_prompt
command executions. This breaks command_prompt
atomics that are expected to use %temp%
(such as T1036.003 c7fa0c3b-b57f-4cba-9118-863bf4e653fc) since the $env:TEMP
syntax is meant for powershell, not command prompt. Perhaps this is just a typo and it's only meant to do the replacement for powershell executions? But it also doesn't seem necessary as in my experience the atomics will use the correct temp variable in their commands to match their executor.
Is your feature request related to a problem? Please describe.
Currently, if you utilize the config_file
but only want to run the tests within that file, you have to also use a list of GUIDs in the test_guids
parameter. This can be problematic if you have many tests in a large config file.
Describe the solution you'd like
Ideally there would be a flag, which is only needed when config_file
is passed, that declares that only the tests in the config_file
should be run. (i.e. "--config_tests_only
")
Describe alternatives you've considered
N/A
Additional context
Example usage of this kind of parameter in atomic-unit-test.
Is your feature request related to a problem? Please describe.
Modify --check_prereq to only run prereq_command
Describe the bug
When executing atomic-operator on a windows 10 system, many tactics that are executed add additional white spaces and carriage returns to the commands. This can be observed in the output of the commands, or in the output logs.
To Reproduce
Steps to reproduce the behavior:
Screenshots
Please see screenshot for details related to added whitespace and carriage returns. Below in additional context area.
Desktop (please complete the following information):
Installation of Atomics into /opt/atomic
directory so I can start using the tool for testing a NGAV on a linux machine.
atomic-operator get_atomics
throws an error when defining the /opt/atomic
directory as destination.
Traceback (most recent call last):
File "/usr/local/bin/atomic-operator", line 8, in <module>
sys.exit(main())
File "/usr/local/lib/python3.8/dist-packages/atomic_operator/__main__.py", line 6, in main
fire.Fire({
File "/usr/local/lib/python3.8/dist-packages/fire/core.py", line 141, in Fire
component_trace = _Fire(component, args, parsed_flag_args, context, name)
File "/usr/local/lib/python3.8/dist-packages/fire/core.py", line 466, in _Fire
component, remaining_args = _CallAndUpdateTrace(
File "/usr/local/lib/python3.8/dist-packages/fire/core.py", line 681, in _CallAndUpdateTrace
component = fn(*varargs, **kwargs)
File "/usr/local/lib/python3.8/dist-packages/atomic_operator/atomic_operator.py", line 147, in get_atomics
folder_name = self.download_atomic_red_team_repo(desintation, **kwargs)
File "/usr/local/lib/python3.8/dist-packages/atomic_operator/base.py", line 47, in download_atomic_red_team_repo
response = requests.get(Base.ATOMIC_RED_TEAM_REPO, stream=True, **kwargs)
File "/usr/local/lib/python3.8/dist-packages/requests/api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "/usr/local/lib/python3.8/dist-packages/requests/api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
TypeError: request() got an unexpected keyword argument 'destination'
sudo su -
apt-get install python3
apt-get install python3-pip
pip install atomic-operator
/opt
with mkdir /opt/atomic
atomic-operator get_atomics --destination "/opt/atomic"
Version: 0.6.0
Platform: Ubuntu 20.04.3 LTS
Kernel Headers: linux-headers-5.4.0-90-generic/focal-updates,focal-security,now 5.4.0-90.101 amd64
Bug Description
If I instantiate a first AtomicOperator
object, run some tests and then I create a second AtomicOperator
object, when I call the run
method it will first execute the tests I ran on the first object and then the actual tests I want to run on this second object.
To Reproduce
Steps to reproduce the behavior:
pip install atomic-operator
python3
:from atomic_operator import AtomicOperator
print('=============== Operator 1 ===============')
operator_1 = AtomicOperator()
operator_1.get_atomics()
# Base64 decoding with Python
output_1 = operator_1.run(test_guids=['356dc0e8-684f-4428-bb94-9313998ad608'])
print('=============== Operator 2 ===============')
operator_2 = AtomicOperator()
# Hidden Files and Directories
output_2 = operator_2.run(techniques=['T1564.001'])
Expected behavior
Execute only the first tests, then execute only the second tests.
Actual behaviour
Execute only the first tests, then execute both the first and the second tests.
=============== Operator 1 ===============
INFO:Base.AtomicOperator:Running Base64 decoding with Python test (356dc0e8-684f-4428-bb94-9313998ad608) for technique T1140
INFO:Base.Runner:
Output: Hello from Atomic Red Team test T1140!
Hello from Atomic Red Team test T1140!
Hello from Atomic Red Team test T1140!
Hello from Atomic Red Team test T1140!
Hello from Atomic Red Team test T1140!
Hello from Atomic Red Team test T1140!
=============== Operator 2 ===============
INFO:Base.AtomicOperator:Running Base64 decoding with Python test (356dc0e8-684f-4428-bb94-9313998ad608) for technique T1140
INFO:Base.Runner:
Output: Hello from Atomic Red Team test T1140!
Hello from Atomic Red Team test T1140!
Hello from Atomic Red Team test T1140!
Hello from Atomic Red Team test T1140!
Hello from Atomic Red Team test T1140!
Hello from Atomic Red Team test T1140!
INFO:Base.AtomicOperator:Running Create a hidden file in a hidden directory test (61a782e5-9a19-40b5-8ba4-69a4b9f3d7be) for technique T1564.001
INFO:Base.Runner:
Output: mkdir: cannot create directory ‘/var/tmp/.hidden-directory’: File exists
INFO:Base:You provided a test (cddb9098-3b47-4e01-9d3b-6f5f323288a9) 'Mac Hidden file' which is not supported on this platform. Skipping...
INFO:Base:You provided a test (f70974c8-c094-4574-b542-2c545af95a32) 'Create Windows System File with Attrib' which is not supported on this platform. Skipping...
INFO:Base:You provided a test (dadb792e-4358-4d8d-9207-b771faa0daa5) 'Create Windows Hidden File with Attrib' which is not supported on this platform. Skipping...
INFO:Base:You provided a test (3b7015f2-3144-4205-b799-b05580621379) 'Hidden files' which is not supported on this platform. Skipping...
INFO:Base:You provided a test (b115ecaf-3b24-4ed2-aefe-2fcb9db913d3) 'Hide a Directory' which is not supported on this platform. Skipping...
INFO:Base:You provided a test (9a1ec7da-b892-449f-ad68-67066d04380c) 'Show all hidden files' which is not supported on this platform. Skipping...
Platform Specifications
Additional Notes
The particular tests performed or the values of the other parameters of the run
method are irrelevant, the bug will occurr anyway.
When you put two guids of tests from the same technique the second test won't be launched, the problem is with the ConfigParser build_run_list method returns an empty list
From what i saw that the temp.atomic_tests was overwritten the list of tests rin for that specific technique so when you use another test from the same technqiue you won't be able to get that test because the technqiue list of atomic tests contain only the first test guid
Launch tests using a config file containning guids that belongs to same technique
Atomic Operator should be able to find and launch all the test mentionned in the config file
Is your feature request related to a problem? Please describe.
I would like to be able to run atomic-operator run --technique T1003.001 {some test within that technique}
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.