updating atomics count and guids [ci skip]
This commit is contained in:
publish bot
@@ -182,6 +182,7 @@ atomic_tests:
|
||||
dir \\#{computer_ip}\IPC$
|
||||
name: command_prompt
|
||||
- name: Enumerate All Network Shares with SharpShares
|
||||
auto_generated_guid: d1fa2a69-b0a2-4e8a-9112-529b00c19a41
|
||||
description: |
|
||||
SharpShares is a command line tool that can be integrated with Cobalt Strike's execute-assembly module, allowing for the enumeration of network shares.
|
||||
This technique has been utilized by various ransomware groups, including BianLian.
|
||||
|
||||
@@ -2,6 +2,7 @@ attack_technique: T1622
|
||||
display_name: Debugger Evasion
|
||||
atomic_tests:
|
||||
- name: Detect a Debugger Presence in the Machine
|
||||
auto_generated_guid: 58bd8c8d-3a1a-4467-a69c-439c75469b07
|
||||
description: Detecting a running debugger process or if the debugger is attached to a process via PowerShell
|
||||
supported_platforms:
|
||||
- windows
|
||||
|
||||
@@ -1593,3 +1593,4 @@ f3ad3c5b-1db1-45c1-81bf-d3370ebab6c8
|
||||
ed952f70-91d4-445a-b7ff-30966bfb1aff
|
||||
5bcefe5f-3f30-4f1c-a61a-8d7db3f4450c
|
||||
36657d95-d9d6-4fbf-8a31-f4085607bafd
|
||||
d1fa2a69-b0a2-4e8a-9112-529b00c19a4158bd8c8d-3a1a-4467-a69c-439c75469b07
|
||||
Reference in New Issue
Block a user