open-menu
closeme
Potential Shell via Web Server
calendar
May 5, 2023
·
Elastic
Host
Linux
Threat Detection
Persistence
Investigation Guide
Elastic Endgame
·
Share on:
twitter
facebook
linkedin
copy
Strace Process Activity
calendar
Jul 29, 2022
·
Elastic
Host
Linux
Threat Detection
Privilege Escalation
·
Share on:
twitter
facebook
linkedin
copy
Attempt to Disable IPTables or Firewall
calendar
Jul 26, 2022
·
Elastic
Host
Linux
Threat Detection
Defense Evasion
·
Share on:
twitter
facebook
linkedin
copy
Auditd Login Attempt at Forbidden Time
calendar
Jul 26, 2022
·
Elastic
Host
Linux
Threat Detection
Initial Access
·
Share on:
twitter
facebook
linkedin
copy
Auditd Login from Forbidden Location
calendar
Jul 26, 2022
·
Elastic
Host
Linux
Threat Detection
Initial Access
·
Share on:
twitter
facebook
linkedin
copy
Auditd Max Failed Login Attempts
calendar
Jul 26, 2022
·
Elastic
Host
Linux
Threat Detection
Initial Access
·
Share on:
twitter
facebook
linkedin
copy
Auditd Max Login Sessions
calendar
Jul 26, 2022
·
Elastic
Host
Linux
Threat Detection
Initial Access
·
Share on:
twitter
facebook
linkedin
copy
Unusual Process Execution - Temp
calendar
Jul 26, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via apt/apt-get Changelog Escape
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via awk Commands
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via busybox Shell Evasion
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via c89/c99 Shell evasion
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via cpulimit Shell Evasion
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via crash Shell evasion
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via env Shell Evasion
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via flock Shell evasion
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via the expect command
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via the find command
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via the gcc command
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via the mysql command
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via the SSH command
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Linux Restricted Shell Breakout via the vi command
calendar
May 25, 2022
·
Elastic
Host
Linux
Threat Detection
Execution
GTFOBins
·
Share on:
twitter
facebook
linkedin
copy
Base64 Encoding/Decoding Activity
calendar
Apr 21, 2021
·
Elastic
Host
Linux
Threat Detection
Defense Evasion
·
Share on:
twitter
facebook
linkedin
copy
Hex Encoding/Decoding Activity
calendar
Apr 21, 2021
·
Elastic
Host
Linux
Threat Detection
Defense Evasion
·
Share on:
twitter
facebook
linkedin
copy
Mknod Process Activity
calendar
Apr 21, 2021
·
Elastic
Host
Linux
Threat Detection
·
Share on:
twitter
facebook
linkedin
copy
Network Sniffing via Tcpdump
calendar
Apr 21, 2021
·
Elastic
Host
Linux
Threat Detection
Credential Access
·
Share on:
twitter
facebook
linkedin
copy
Nmap Process Activity
calendar
Apr 21, 2021
·
Elastic
Host
Linux
Threat Detection
·
Share on:
twitter
facebook
linkedin
copy
Persistence via Kernel Module Modification
calendar
Apr 21, 2021
·
Elastic
Host
Linux
Threat Detection
Persistence
·
Share on:
twitter
facebook
linkedin
copy
Potential Persistence via Cron Job
calendar
Apr 21, 2021
·
Elastic
Host
Linux
macOS
Threat Detection
Persistence
·
Share on:
twitter
facebook
linkedin
copy
Socat Process Activity
calendar
Apr 21, 2021
·
Elastic
Host
Linux
Threat Detection
·
Share on:
twitter
facebook
linkedin
copy
User Discovery via Whoami
calendar
Apr 21, 2021
·
Elastic
Host
Linux
Threat Detection
Discovery
·
Share on:
twitter
facebook
linkedin
copy
Setgid Bit Set via chmod
calendar
Mar 17, 2021
·
Elastic
Host
Linux
Threat Detection
Privilege Escalation
·
Share on:
twitter
facebook
linkedin
copy
to-top