mitre-attack / car

Example:

car/analytics/CAR-2014-11-007.yaml

Line 16 in 8edc8a8

    
             As described in ATT&CK, an adversary can use [Windows Management Instrumentation](https://attack.mitre.org/techniques/T1047) (WMI) to view or manipulate objects on a remote host. It can be used to remotely edit configuration, start services, query files, and anything that can be done with a WMI class. When remote WMI requests are over RPC ([CAR-2014-05-001](CAR-2014-05-001)), it connects to a DCOM interface within the RPC group netsvcs. To detect this activity, a sensor is needed at the network level that can decode RPC traffic or on the host where the communication can be detected more natively, such as [Event Tracing for Windows](https://msdn.microsoft.com/en-us/library/windows/desktop/bb968803.aspx). Using wireshark/tshark decoders, the WMI interfaces can be extracted so that WMI activity over RPC can be detected.

Because of the trailing slash redirect, the link becomes https://car.mitre.org/analytics/CAR-2014-11-007/CAR-2014-05-001 instead of https://car.mitre.org/analytics/CAR-2014-05-001

@rw-access thanks for the report! These internal links should be fixed now.

[Bug] Links between analytics are broken