Issac Briones (1d8)
Contributed Techniques
Technique Name Technique ID's Snippet(s) Rules(s) OS
WMI Event Subscriptions U1353
XBEL Recently Opened Files Check U1352
Default Windows Wallpaper Check U1351
Event Triggered Execution: Linux Inotify U1245 T1546
Replication Through Removable Media U1012 T1091
Impair Defenses: Impair Command History Logging T1562.003
AppInit DLL Injection U1244 T1546
Contributed Code Snippets
Technique Language OS Creation Date
WMI Event Subscriptions PowerShell 1 month, 1 week
XBEL Recently Opened Files Check Python 4 months
Virtualization/Sandbox Evasion: User Activity Based Checks Python 5 months
Default Windows Wallpaper Check Golang 5 months, 1 week
Event Triggered Execution: Linux Inotify Python 5 months, 3 weeks
Replication Through Removable Media Python 6 months, 3 weeks
AppInit DLL Injection C 8 months, 3 weeks
Hide Artifacts: Hidden Window C 8 months, 3 weeks