-
Notifications
You must be signed in to change notification settings - Fork 201
Offline Installation
Carrie Roberts edited this page Oct 21, 2023
·
23 revisions
To prepare for offline installation you should install Atomic Red Team on an online system of the same OS version where the offline install is to be done. This allows you to easily grab all of the needed files from the online system and move them to the offline system. The instructions below are specific to Windows but you can adjust to make it work on Linux/macOS as well.
- Install Atomic Red Team on the online system as shown here.
- Get the prereqs for all tests so you can copy as many as possible to the offline system. Use
Invoke-AtomicTest All -GetPrereqs
(preferably with AV disabled). You can skip\cancel any of the application installs because those won't copy over to the offline system. - Copy the following 3 directories from the online system to the offline system:
-
C:\AtomicRedTeam
folder - PowerShell
powershell-yaml
folder ($HOME\Documents\PowerShell\Modules
or$env:ProgramFiles\PowerShell\Modules
) - We are in the process of standardizing atomics that have external dependencies to download them into the
AtomicRedTeam\ExternalPayloads
folder. This has be completed for the Windows atomics but not the Linux\macOS atomics. In the latter case, you may need to grab several of the prereqs from thetemp
directory.
Note: It is recommended that you add an AV exclusion for the C:\AtomicRedTeam
folder so that no files from the project are quarantined or deleted.
- Make sure the file paths of the folders are the same on the offline system as the online. You should have a
C:\AtomicRedTeam
folder with three folders in it (atomics
,ExternalPayloads
, andinvoke-atomicredteam
). You should have apowershell-yaml
folder at$HOME\Documents\PowerShell\Modules
or$env:ProgramFiles\PowerShell\Modules
- Import the Invoke-AtomicRedTeam module as described here.
Questions? Get connected to the community on the Atomic Red Team Slack channel.
- Installation
- Import the Module
- List Atomic Tests
- Check/Get Prerequisites for Atomic Tests
- Execute Atomic Tests (Local)
- Execute Atomic Tests (Remote)
- Specify Custom Input Arguments
- Cleanup after Executing Atomic Tests
- Execution Logging
- Adversary Emulation
- Continuous Atomic Testing
- Execution Hooks
- Helper Functions
- The Atomic GUI
- Uninstallation