This repository hosts default payloads collected by the OpenBAS datasets collector.
The first step is to create the payload in an OpenBAS Platform. Be sure to fill the description, associate with relevant MITRE ATT&CK TTPs and put any relevant tagging.
Please ensure that your payload is working in the supported environments by testing it using atomic testing or a more complex scenario if necessary.
Once tested, you can export your payload directly from the platform.
The downloaded ZIP file contain another ZIP file named with the payload name. This ZIP file should be extracted as a directory in the relevant folder of this repository.
In the example above, just take Activate Guest Account.zip
and extract it to create a folder Activate Guest Account
within this repository.
In a payload directory, you've only the payload.json
file and an optional attachments.zip
containing a potential malicious file (encrypted archive). Do not unzip this file, let it as it is.
Before opening your pull request, just run the Python script scripts/generate_manifest.py
.
$ python3 scripts/generate_manifest.py
You can just select the payload folder and create a ZIP file.
Then, just import the payload in OpenBAS.
Then, test the payload and validate it works before marging the pull request.
OpenBAS is a product designed and developed by the company Filigran.