Issac Briones (1d8)
Contributed Techniques
| Technique Name | Technique ID's | Categories | Snippet(s) | Rules(s) |
|---|---|---|---|---|
| WMI Event Subscriptions | U1353 |
|
||
| XBEL Recently Opened Files Check | U1352 |
|
||
| Default Windows Wallpaper Check | U1351 |
|
||
| Event Triggered Execution: Linux Inotify | U1245 T1546 |
|
||
| Replication Through Removable Media | U1012 T1091 |
|
||
| AppInit DLL Injection | U1244 T1546 |
|
||
| Impair Defenses: Impair Command History Logging | T1562.003 |
|
Contributed Code Snippets
| Technique | Language | OS | Creation Date |
|---|---|---|---|
| WMI Event Subscriptions | PowerShell |
|
1 year |
| XBEL Recently Opened Files Check | Python |
|
1 year, 3 months |
| Virtualization/Sandbox Evasion: User Activity Based Checks | Python |
|
1 year, 4 months |
| Default Windows Wallpaper Check | Golang |
|
1 year, 4 months |
| Event Triggered Execution: Linux Inotify | Python |
|
1 year, 4 months |
| Replication Through Removable Media | Python |
|
1 year, 5 months |
| AppInit DLL Injection | C |
|
1 year, 7 months |
| Hide Artifacts: Hidden Window | C |
|
1 year, 7 months |