Giters

joeavanzato / MalCommands

Documenting Suspicious Command Lines

Home Page:http://malcommands.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

MalCommands

Designed to document and present in an easily searchable and filter-capable manner commands often associated with malicious activity.

Commands are documented with the below attributes;

  • Commandline
  • Description
  • Cyber Killchain Phases
  • MITRE Tactics and Techniques
  • Applicable OS[s]
  • Reference[s]
  • Risk [Low, Medium, High, Critical]
  • Risk Reason
  • Fidelity [Low, Medium, High]
  • Fidelity Reason
  • Threat Actors with Associated References

Tools - included attributes

  • Tool Name
  • Tool Description
  • Common Arguments
  • Tool URL
  • Tool Operating Systems
  • ? - Threat Actor References

Kill-Chain Phases Used in Command Mapping

  • Reconnaissance
  • Weaponization
  • Delivery
  • Exploitation
  • Installation
  • Command and Control
  • Actions on Objectives

TO DOCUMENT STILL

  • Lots...

Project References and Credits

About

Documenting Suspicious Command Lines

http://malcommands.com

Languages

Language:HTML 65.2%Language:Python 21.0%Language:CSS 13.8%