Common Information
| Type | Value |
|---|---|
| Value |
Python - T1059.006 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may abuse Python commands and scripts for execution. Python is a very popular scripting/programming language, with capabilities to perform many functions. Python can be executed interactively from the command-line (via the <code>python.exe</code> interpreter) or via scripts (.py) that can be written and distributed to different systems. Python code can also be compiled into binary executables.(Citation: Zscaler APT31 Covid-19 October 2020) Python comes with many built-in packages to interact with the underlying system, such as file operations and device I/O. Adversaries can use these libraries to download and execute commands or other scripts as well as perform various malicious behaviors. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2754-08-03 | 37 | Virus Bulletin :: VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis native library | ||
| Details | Website | 2070-01-03 | 13 | 越狱 Llama-3.1-8B-Instruct | CTF导航 | ||
| Details | Website | 2044-04-01 | 13 | Attackers Repurposing existing Python-based Malware for Distribution on NPM | ||
| Details | Website | 2037-10-13 | 14 | Abusing IP camera's for red teaming: Obtaining the firmware | ||
| Details | Website | 2025-07-02 | 0 | Security Operations Analyst (Level 3) | Red Piranha | ||
| Details | Website | 2025-05-10 | 9 | Tool update: sigs.py - added check mode - SANS Internet Storm Center | ||
| Details | Website | 2025-04-05 | 15 | Shellcode Encoded in UUIDs - SANS Internet Storm Center | ||
| Details | Website | 2025-04-05 | 22 | Python Bot Delivered Through DLL Side-Loading - SANS Internet Storm Center | ||
| Details | Website | 2025-03-24 | 4 | Dropserver 漏洞可致攻击者绕过身份验证并获得完全控制权-安全KER - 安全资讯平台 | ||
| Details | Website | 2025-03-21 | 7 | CVE Alert: CVE-2025-0508 - RedPacket Security | ||
| Details | Website | 2025-03-21 | 0 | Attackers Leverage Weaponized CAPTCHAs to Execute PowerShell and Deploy Malware | ||
| Details | Website | 2025-03-21 | 3 | Researchers Uncover FIN7's Stealthy Python-Based Anubis Backdoor | ||
| Details | Website | 2025-03-21 | 2 | Prepping for post-quantum: a beginner’s guide to lattice cryptography | ||
| Details | Website | 2025-03-21 | 0 | GitHub Supply Chain Attack Raises Awareness Across The Cybersecurity Community - Cybersecurity Insiders | ||
| Details | Website | 2025-03-21 | 1 | Attackers Use Fake CAPTCHAs to Deploy Lumma Stealer RAT | ||
| Details | Website | 2025-03-21 | 9 | Скрытные тактики новейшего бэкдора Anubis от FIN7 - SEC-1275-1 | ||
| Details | Website | 2025-03-21 | 24 | 中科固源基于覆盖引导的 Fuzzing 神器登场,开源模糊测试迎来新技术迭代-安全KER - 安全资讯平台 | ||
| Details | Website | 2025-03-21 | 17 | When Python Is Poisoned | How Runtime Security Stops the tj-actions Attack | ||
| Details | Website | 2025-03-20 | 0 | Dark Web Profile: FSociety (Flocker) Ransomware - SOCRadar® Cyber Intelligence Inc. | ||
| Details | Website | 2025-03-20 | 2 | Dark Web Profile: FSociety (Flocker) Ransomware | ||
| Details | Website | 2025-03-20 | 3 | CVE-2025-24071 Windows File Explorer Spoofing Vulnerability Uncovered, Patch Now | ||
| Details | Website | 2025-03-20 | 12 | Unboxing Anubis: Exploring the Stealthy Tactics of FIN7's Latest Backdoor | ||
| Details | Website | 2025-03-20 | 0 | AWS SNS 被利用引发数据泄露及网络钓鱼危机 - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com | ||
| Details | Website | 2025-03-20 | 51 | UAT-5918 targets critical infrastructure entities in Taiwan | ||
| Details | Website | 2025-03-20 | 1 | Unboxing Anubis: Exploring the Stealthy Tactics of FIN7's Latest Backdoor |