We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent ff5b252 commit 43c485cCopy full SHA for 43c485c
datasets/attack_techniques/T1003.003/credential-dumping-via-symlink/credential-dumping-via-symlink.yml
@@ -0,0 +1,13 @@
1
+author: PB
2
+id: 9ca2aaed-75f3-4cdf-a56b-dbb5fdd50f59
3
+date: '2025-11-05'
4
+description: Attack data for detection Credential Dumping via Symlink to Shadow Copy
5
+environment: attack_range
6
+directory: credential-dumping-via-symlink
7
+mitre_technique:
8
+- T1003.003
9
+datasets:
10
+- name: data
11
+ path: datasets/attack_techniques/T1003.003/credential-dumping-via-symlink/data.log
12
+ sourcetype: XmlWinEventLog
13
+ source: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
0 commit comments