security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1663bf7d524b6fc8a9a39104feb2949b36368dfc
atomic-red-team/atomics/T1049/T1049.yaml
T
Carrie Roberts 1bfefdacfc Add elevated (#542) 
* provide elevation_required attribute

* provide elevation_required attribute

* provide elevation_required attribute
2019-09-03 07:34:42 -06:00

48 lines
896 B
YAML
Raw Blame History

---
attack_technique: T1049
display_name: System Network Connections Discovery
atomic_tests:
- name: System Network Connections Discovery
description: |
Get a listing of network connections.
supported_platforms:
- windows
executor:
name: command_prompt
elevation_required: false
command: |
netstat
net use
net sessions
- name: System Network Connections Discovery with PowerShell
description: |
Get a listing of network connections.
supported_platforms:
- windows
executor:
name: powershell
elevation_required: false
command: |
Get-NetTCPConnection
- name: System Network Connections Discovery Linux & MacOS
description: |
Get a listing of network connections.
supported_platforms:
- linux
- macos
executor:
name: sh
elevation_required: false
command: |
netstat
who -a
Reference in New Issue View Git Blame Copy Permalink