Show in Graph
Common Information
Type Value
Value 
Command-Line Interface - T1059
Category Attack-Pattern
Type Mitre-Enterprise-Attack-Attack-Pattern
Misp Type Cluster
Description Command-line interfaces provide a way of interacting with computer systems and is a common feature across many types of operating system platforms. (Citation: Wikipedia Command-Line Interface) One example command-line interface on Windows systems is cmd, which can be used to perform a number of tasks including execution of other software. Command-line interfaces can be interacted with locally or remotely via a remote desktop application, reverse shell session, etc. Commands that are executed run with the current permission level of the command-line interface process unless the command includes process invocation that changes permissions context for that execution (e.g. Scheduled Task). Adversaries may use command-line interfaces to interact with systems and execute other software during the course of an operation. Detection: Command-line interface activities can be captured through proper logging of process execution with command-line arguments. This information can be useful in gaining additional insight to adversaries' actions through how they use native processes or custom tools. Platforms: Linux, Windows, macOS Data Sources: Process command-line parameters, Process monitoring Permissions Required: Administrator, SYSTEM, User Remote Support: No
Details Published Attributes CTI Title
Details Website 2024-11-17 15 CTF Write-up: Sigma 101 (Certified Cyber Defenders)
Details Website 2024-11-16 0 Understanding Hacking, Virtual Machines, Linux, and Networking: A Comprehensive Guide
Details Website 2024-11-15 38 Dark Web Profile: Cadet Blizzard
Details Website 2024-11-15 33 DONOT's Attack On Maritime & Defense Manufacturing
Details Website 2024-11-14 72 Weekly Intelligence Report - 15 Nov 2024 | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-11-14 24 Major cyber attacks and data breaches of 2024
Details Website 2024-11-14 6 MalwareFortress EP14: Stop Malware in Its Tracks: A Step-by-Step Guide to Track, Test, and…
Details Website 2024-11-13 23 T.A. — RansomHub
Details Website 2024-11-12 0 The Most Powerful Android Penetration Testing Tool: A Deep Dive into Drozer
Details Website 2024-11-12 0 Is Arch Linux Worth All the Pain? My Descent into the Rabbit Hole
Details Website 2024-11-12 8 An In-Depth Guide to the Penetration Testing Framework
Details Website 2024-11-12 26 Dissecting A Multi-Stage PowerShell Campaign Using Chisel
Details Website 2024-11-11 39 Kaspersky discovers new Ymir ransomware used together with RustyStealer | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
Details Website 2024-11-11 47 Ymir: new stealthy ransomware in the wild
Details Website 2024-11-11 47 Kaspersky discovers new Ymir ransomware used together with RustyStealer
Details Website 2024-11-10 4 Nmap: A Tool for Network Discovery and Security Auditing
Details Website 2024-11-08 25 Dark Web Profile: CosmicBeetle (NoName) Ransomware - SOCRadar® Cyber Intelligence Inc.
Details Website 2024-11-08 7 How I Combined WHOIS, DNS, and Shodan in One Powerful Python Script
Details Website 2024-11-07 63 Weekly Intelligence Report - 08 Nov 2024 | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-11-07 9 Dark Web Profile: KillSec - SOCRadar® Cyber Intelligence Inc.
Details Website 2024-11-07 11 Dark Web Profile: KillSec
Details Website 2024-11-07 33 Malicious Inauthentic Falcon Crash Reporter Installer Delivers Malware Named Ciro
Details Website 2024-11-07 14 AQUATIC PANDA in Possession of Log4Shell Exploit Tools | CrowdStrike
Details Website 2024-11-06 13 Practical usage of Sysdig OSS
Details Website 2024-11-06 26 Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign