Merge PR #5393 from @Koifman - Update VMware rules for MITREv17
update: proc_creation_lnx_esxcli_vm_kill.yml - updating MITRE to match v17 update: proc_creation_lnx_esxcli_vsan_discovery.yml - updating MITRE to match v17 update: proc_creation_lnx_esxcli_system_discovery.yml - updating MITRE to match v17 update: proc_creation_lnx_esxcli_network_discovery.yml - updating MITRE to match v17 update: proc_creation_lnx_esxcli_storage_discovery.yml - updating MITRE to match v17 update: proc_creation_lnx_esxcli_syslog_config_change.yml - updating MITRE to match v17 update: proc_creation_lnx_esxcli_user_account_creation.yml - updating MITRE to match v17 update: proc_creation_lnx_esxcli_permission_change_admin.yml - updating MITRE to match v17 update: proc_creation_lnx_esxcli_vm_discovery.yml - updating MITRE to match v17 --------- Co-authored-by: Koifman <primeless42@gmail.com> Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
This commit is contained in:
Koifman
@@ -9,8 +9,10 @@ author: Cedric Maurugeon
|
||||
date: 2023-09-04
|
||||
tags:
|
||||
- attack.discovery
|
||||
- attack.execution
|
||||
- attack.t1033
|
||||
- attack.t1007
|
||||
- attack.t1059.012
|
||||
logsource:
|
||||
category: process_creation
|
||||
product: linux
|
||||
|
||||
@@ -8,6 +8,9 @@ author: Nasreddine Bencherchali (Nextron Systems)
|
||||
date: 2023-09-04
|
||||
tags:
|
||||
- attack.execution
|
||||
- attack.privilege-escalation
|
||||
- attack.t1059.012
|
||||
- attack.t1098
|
||||
logsource:
|
||||
category: process_creation
|
||||
product: linux
|
||||
|
||||
@@ -10,8 +10,10 @@ author: Nasreddine Bencherchali (Nextron Systems), Cedric Maurugeon
|
||||
date: 2023-09-04
|
||||
tags:
|
||||
- attack.discovery
|
||||
- attack.execution
|
||||
- attack.t1033
|
||||
- attack.t1007
|
||||
- attack.t1059.012
|
||||
logsource:
|
||||
category: process_creation
|
||||
product: linux
|
||||
|
||||
@@ -9,8 +9,10 @@ author: Cedric Maurugeon
|
||||
date: 2023-09-04
|
||||
tags:
|
||||
- attack.defense-evasion
|
||||
- attack.execution
|
||||
- attack.t1562.001
|
||||
- attack.t1562.003
|
||||
- attack.t1059.012
|
||||
logsource:
|
||||
category: process_creation
|
||||
product: linux
|
||||
|
||||
@@ -9,8 +9,10 @@ author: Cedric Maurugeon
|
||||
date: 2023-09-04
|
||||
tags:
|
||||
- attack.discovery
|
||||
- attack.execution
|
||||
- attack.t1033
|
||||
- attack.t1007
|
||||
- attack.t1059.012
|
||||
logsource:
|
||||
category: process_creation
|
||||
product: linux
|
||||
|
||||
@@ -8,7 +8,9 @@ author: Cedric Maurugeon
|
||||
date: 2023-08-22
|
||||
tags:
|
||||
- attack.persistence
|
||||
- attack.execution
|
||||
- attack.t1136
|
||||
- attack.t1059.012
|
||||
logsource:
|
||||
category: process_creation
|
||||
product: linux
|
||||
|
||||
@@ -11,8 +11,10 @@ author: Cedric Maurugeon
|
||||
date: 2023-09-04
|
||||
tags:
|
||||
- attack.discovery
|
||||
- attack.execution
|
||||
- attack.t1033
|
||||
- attack.t1007
|
||||
- attack.t1059.012
|
||||
logsource:
|
||||
category: process_creation
|
||||
product: linux
|
||||
|
||||
@@ -11,6 +11,9 @@ author: Nasreddine Bencherchali (Nextron Systems), Cedric Maurugeon
|
||||
date: 2023-09-04
|
||||
tags:
|
||||
- attack.execution
|
||||
- attack.impact
|
||||
- attack.t1059.012
|
||||
- attack.t1529
|
||||
logsource:
|
||||
category: process_creation
|
||||
product: linux
|
||||
|
||||
@@ -10,8 +10,10 @@ author: Nasreddine Bencherchali (Nextron Systems), Cedric Maurugeon
|
||||
date: 2023-09-04
|
||||
tags:
|
||||
- attack.discovery
|
||||
- attack.execution
|
||||
- attack.t1033
|
||||
- attack.t1007
|
||||
- attack.t1059.012
|
||||
logsource:
|
||||
category: process_creation
|
||||
product: linux
|
||||
|
||||
Reference in New Issue
Block a user