Skip to content

Commit 01a14ec

Browse files
patel-bhavinpatel-bhavin
authored
Merge pull request #1019 from CheraghiMilad/attack_data_forlinux_auditd_sysrq
added data source for new technique of attack
2 parents 25a47c3 + fc4538f commit 01a14ec

File tree

2 files changed

+16
-0
lines changed

2 files changed

+16
-0
lines changed

datasets/attack_techniques/T1529/linux_sysrq_abuse/linux_sysrq_abuse.log

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
version https://git-lfs.github.com/spec/v1
2+
oid sha256:62bbba78697c76bb460b5151e4afd88f8383ee179b0722055ef124589989dd74
3+
size 1198

datasets/attack_techniques/T1529/linux_sysrq_abuse/linux_sysrq_abuse.yml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
author: Milad Cheraghi
2+
id: b4b1271b-4529-4f36-9edc-d70765eaa4c0
3+
date: '2025-08-28'
4+
description: 'Sample of Linux auditd events showing potential abuse of the Magic SysRq key to manipulate or destabilize the system.'
5+
environment: custom
6+
directory: linux_sysrq_abuse
7+
mitre_technique:
8+
- T1529
9+
datasets:
10+
- name: linux-auditd
11+
path: /datasets/attack_techniques/T1529/linux_sysrq_abuse/linux_sysrq_abuse.log
12+
sourcetype: auditd
13+
source: auditd

0 commit comments

Comments
 (0)