Accelerating the Analysis of Offensive Security Techniques Using DetectionLab
Common Information
| Type | Value |
|---|---|
| UUID | 865f8a47-c35e-40c3-9c78-37062ab3ac37 |
| Fingerprint | 2993f2582c4d966d5ae5c02cae37a7927c4dfb7c3c2799e39adad8515bdd286a |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 13, 2021, 6 p.m. |
| Added to db | March 12, 2024, 7:42 p.m. |
| Last updated | Aug. 31, 2024, 5:07 a.m. |
| Headline | Accelerating the Analysis of Offensive Security Techniques Using DetectionLab |
| Title | Accelerating the Analysis of Offensive Security Techniques Using DetectionLab |
| Detected Hints/Tags/Attributes | 57/3/39 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://jsac.jpcert.or.jp/archive/2021/pdf/JSAC2021_102_chris_en.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 2 | clo.ng |
|
| Details | Domain | 2 | detectionlab.network |
|
| Details | Domain | 28 | www.splunk.com |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 58 | redcanary.com |
|
| Details | Domain | 30 | adsecurity.org |
|
| Details | Domain | 101 | www.elastic.co |
|
| Details | Domain | 768 | www.youtube.com |
|
| Details | Domain | 154 | youtu.be |
|
| Details | File | 1 | agenda.txt |
|
| Details | File | 1 | 2016.json |
|
| Details | File | 1 | server2016.iso |
|
| Details | File | 1 | 10.json |
|
| Details | File | 1 | windows10.iso |
|
| Details | File | 1 | splunk-fundamentals-1.html |
|
| Details | File | 1 | include_lsass_access.xml |
|
| Details | File | 478 | lsass.exe |
|
| Details | File | 76 | mimikatz.exe |
|
| Details | File | 1 | sysconfig.exe |
|
| Details | File | 13 | mimidrv.sys |
|
| Details | File | 15 | windows.sys |
|
| Details | File | 1 | get-injectedthread.ps1 |
|
| Details | Github username | 1 | clong |
|
| Details | Github username | 1 | palantir |
|
| Details | Github username | 6 | olafhartong |
|
| Details | Url | 1 | https://github.com/clong |
|
| Details | Url | 1 | https://clo.ng |
|
| Details | Url | 2 | https://detectionlab.network |
|
| Details | Url | 1 | https://www.splunk.com/en_us/training/fr |
|
| Details | Url | 1 | https://github.com/palantir/windows-event-forwarding |
|
| Details | Url | 1 | https://github.com/olafhartong/sysmon-modular/blob/master/10_process_access/include_lsass_access.xml |
|
| Details | Url | 2 | https://github.com/olafhartong/sysmon-modular |
|
| Details | Url | 1 | https://twitter.com/markrussinovich/status/1340737856201879552 |
|
| Details | Url | 1 | https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process |
|
| Details | Url | 1 | https://redcanary.com/threat-detection-report/techniques/process-injection |
|
| Details | Url | 1 | https://adsecurity.org/?p=2207 |
|
| Details | Url | 1 | https://www.elastic.co/blog/ten-process- |
|
| Details | Url | 1 | https://www.youtube.com/watch?v=uql8i |