Issac Briones (1d8)
Contributed Techniques
Technique Name Technique ID's Snippet(s) Rules(s) OS
WMI Event Subscriptions U1353
XBEL Recently Opened Files Check U1352
Default Windows Wallpaper Check U1351
Event Triggered Execution: Linux Inotify U1245 T1546
Replication Through Removable Media U1012 T1091
Impair Defenses: Impair Command History Logging T1562.003
AppInit DLL Injection U1244 T1546
Contributed Code Snippets
Technique Language OS Creation Date
WMI Event Subscriptions PowerShell 1 month, 4 weeks
XBEL Recently Opened Files Check Python 4 months, 3 weeks
Virtualization/Sandbox Evasion: User Activity Based Checks Python 5 months, 3 weeks
Default Windows Wallpaper Check Golang 5 months, 4 weeks
Event Triggered Execution: Linux Inotify Python 6 months, 2 weeks
Replication Through Removable Media Python 7 months, 2 weeks
AppInit DLL Injection C 9 months, 2 weeks
Hide Artifacts: Hidden Window C 9 months, 2 weeks