Issac Briones (1d8)
Contributed Techniques
Technique Name Technique ID's Snippet(s) Rules(s) OS
WMI Event Subscriptions U1353
XBEL Recently Opened Files Check U1352
Default Windows Wallpaper Check U1351
Event Triggered Execution: Linux Inotify U1245 T1546
Replication Through Removable Media U1012 T1091
Impair Defenses: Impair Command History Logging T1562.003
AppInit DLL Injection U1244 T1546
Contributed Code Snippets
Technique Language OS Creation Date
WMI Event Subscriptions PowerShell 7 months
XBEL Recently Opened Files Check Python 9 months, 3 weeks
Virtualization/Sandbox Evasion: User Activity Based Checks Python 10 months, 3 weeks
Default Windows Wallpaper Check Golang 10 months, 4 weeks
Event Triggered Execution: Linux Inotify Python 11 months, 2 weeks
Replication Through Removable Media Python 1 year
AppInit DLL Injection C 1 year, 2 months
Hide Artifacts: Hidden Window C 1 year, 2 months