![]() Pre-requisite, clone, create virtual env and install python deps: There are two main simple ways to ingest it. ![]() Most datasets generated will be raw log files. The most common environment for most datasets will be the attack_range since this is the tool that used to generate attack data sets automatically. At this moment there are no specific restrictions, although we do have a simple template a user can start with here. WinEventLog:Microsoft-Windows-PowerShell/OperationalĮnvironments are a description of where the dataset was collected. XmlWinEventLog:Microsoft-Windows-Sysmon/Operational Offline Credential Theft With Mimikatz Return value unclear for test T1003.001-7 Using ProcDump Return value unclear for test T1003.001-3 Dump LSASS.exe Memory usingĬomsvcs.dll Successful Execution of test T1003.001-4 Dump LSASS.exe Memory usingĭirect system calls and API unhooking Return value unclear for test T1003.001-6 Description: 'Atomic Test Results: Successful Execution of test T1003.001-1 WindowsĬredential Editor Successful Execution of test T1003.001-2 Dump LSASS.exe Memory
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |