43 строки
952 B
Markdown
43 строки
952 B
Markdown
|
|
# < Insert query name >
|
|
|
|
< Provide query description and usage tips >
|
|
|
|
## Query
|
|
|
|
```
|
|
< Insert query string here >
|
|
```
|
|
## Category
|
|
|
|
This query can be used to detect the following attack techniques and tactics ([see MITRE ATT&CK framework](https://attack.mitre.org/)) or security configuration states.
|
|
|
|
| Technique, tactic, or state | Covered? (v=yes) | Notes |
|
|
|------------------------|----------|-------|
|
|
| Initial access | | |
|
|
| Execution | | |
|
|
| Persistence | | |
|
|
| Privilege escalation | | |
|
|
| Defense evasion | | |
|
|
| Credential Access | | |
|
|
| Discovery | | |
|
|
| Lateral movement | | |
|
|
| Collection | | |
|
|
| Command and control | | |
|
|
| Exfiltration | | |
|
|
| Impact | | |
|
|
| Vulnerability | | |
|
|
| Misconfiguration | | |
|
|
| Malware, component | | |
|
|
|
|
|
|
## Contributor info
|
|
|
|
**Contributor:** < your name >
|
|
|
|
**GitHub alias:** < your github alias >
|
|
|
|
**Organization:** < your org >
|
|
|
|
**Contact info:** < email or website >
|