Skip to content

Commit

Permalink
Merge pull request #893 from nterl0k/nterl0k-t1036-lolbas
Browse files Browse the repository at this point in the history 
Nterl0k t1036 lolbas
  • Loading branch information
@patel-bhavin
patel-bhavin authored Jul 23, 2024
2 parents 38aa83d + 3c803e1 commit 87d3efc
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 0 deletions.
3 changes: 3 additions & 0 deletions datasets/attack_techniques/T1036/cmd_lolbas_usage/cmd_lolbas_usage.log
View file
Git LFS file not shown
13 changes: 13 additions & 0 deletions datasets/attack_techniques/T1036/cmd_lolbas_usage/cmd_lolbas_usage.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
author: Steven Dick
id: 8c54662e-a3c8-456c-a8bb-928e6c13b641
date: '2024-5-3'
description: 'Some simple T1036.003 and T1036.005 tests using moved/renamed cmd.exe'
environment: attack_range
dataset:
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1036/cmd_lolbas_usage/cmd_lolbas_usage.log
sourcetypes:
- xmlwineventlog
references:
- https://attack.mitre.org/techniques/T1036/
- https://attack.mitre.org/techniques/T1036/003/
- https://attack.mitre.org/techniques/T1036/005/

0 comments on commit 87d3efc

Please sign in to comment.