Detection Strategies
ATT&CK Detection Strategies
Authors
| Authors and/or Contributors |
|---|
| MITRE |
User Execution – Malicious Image (containers & IaaS) – pull/run → start → anomalous behavior (T1204.003) - DET0248
Internal MISP references
UUID ee7bd8ff-fbfd-4bb2-9d23-cf3f6ed342c7 which can be used as unique global reference for User Execution – Malicious Image (containers & IaaS) – pull/run → start → anomalous behavior (T1204.003) - DET0248 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0248 |
Related clusters
To see the related clusters, click here.
User Execution – Malicious Copy & Paste (browser/email → shell with obfuscated one-liner) – T1204.004 - DET0340
Internal MISP references
UUID 0dabfa5e-9c35-48ec-b825-ff1cce7a3d00 which can be used as unique global reference for User Execution – Malicious Copy & Paste (browser/email → shell with obfuscated one-liner) – T1204.004 - DET0340 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0340 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection for T1132.001 Data Encoding: Standard Encoding (Base64/Hex/MIME) across Windows, Linux, macOS, ESXi - DET0124
Internal MISP references
UUID 1f6a450a-fd29-4e5c-9708-1ae4616c28c3 which can be used as unique global reference for Behavior-chain detection for T1132.001 Data Encoding: Standard Encoding (Base64/Hex/MIME) across Windows, Linux, macOS, ESXi - DET0124 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0124 |
Related clusters
To see the related clusters, click here.
User Execution – Malicious Link (click → suspicious egress → download/write → follow-on activity) - DET0066
Internal MISP references
UUID b977bf63-8fe2-4538-b4f2-0098fe26d67b which can be used as unique global reference for User Execution – Malicious Link (click → suspicious egress → download/write → follow-on activity) - DET0066 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0066 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Netsh Helper DLL Persistence via Registry and Child Process Monitoring (Windows) - DET0575
Internal MISP references
UUID 8d407bff-f721-4b74-a593-1e55c14c5263 which can be used as unique global reference for Detection Strategy for Netsh Helper DLL Persistence via Registry and Child Process Monitoring (Windows) - DET0575 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0575 |
Related clusters
To see the related clusters, click here.
Detecting Protocol or Service Impersonation via Anomalous TLS, HTTP Header, and Port Mismatch Correlation - DET0470
Internal MISP references
UUID 776a998c-481d-4193-934e-c0af3968c392 which can be used as unique global reference for Detecting Protocol or Service Impersonation via Anomalous TLS, HTTP Header, and Port Mismatch Correlation - DET0470 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0470 |
Related clusters
To see the related clusters, click here.
User Execution – multi-surface behavior chain (documents/links → helper/unpacker → LOLBIN/child → egress) - DET0478
Internal MISP references
UUID 70c9f174-2e96-4086-b59c-d2358e434f8e which can be used as unique global reference for User Execution – multi-surface behavior chain (documents/links → helper/unpacker → LOLBIN/child → egress) - DET0478 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0478 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection for T1132.002 Data Encoding: Non-Standard Encoding across Windows, Linux, macOS, ESXi - DET0326
Internal MISP references
UUID 8bcafe59-0a4b-4314-988b-085bf5cdf7a9 which can be used as unique global reference for Behavior-chain detection for T1132.002 Data Encoding: Non-Standard Encoding across Windows, Linux, macOS, ESXi - DET0326 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0326 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1136.003 - Cloud Account Creation across IaaS, IdP, SaaS, Office - DET0319
Internal MISP references
UUID 7ad75a00-94f0-4deb-8642-df227a2a8ac6 which can be used as unique global reference for Detection Strategy for T1136.003 - Cloud Account Creation across IaaS, IdP, SaaS, Office - DET0319 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0319 |
Related clusters
To see the related clusters, click here.
Detect browser session hijacking via privilege, handle access, and remote thread into browsers - DET0507
Internal MISP references
UUID 759a29fb-8697-46f7-baa3-a891b28c064e which can be used as unique global reference for Detect browser session hijacking via privilege, handle access, and remote thread into browsers - DET0507 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0507 |
Related clusters
To see the related clusters, click here.
Post-Credential Dump Password Cracking Detection via Suspicious File Access and Hash Analysis Tools - DET0105
Internal MISP references
UUID ee07e9eb-8438-4c7c-8260-88a09fbe98de which can be used as unique global reference for Post-Credential Dump Password Cracking Detection via Suspicious File Access and Hash Analysis Tools - DET0105 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0105 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow using Path Interception by PATH Environment Variable. - DET0004
Internal MISP references
UUID 4b2bc278-fc80-4ff8-87a3-a6843a9e683a which can be used as unique global reference for Detection Strategy for Hijack Execution Flow using Path Interception by PATH Environment Variable. - DET0004 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0004 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Impair Defenses via Impair Command History Logging across OS platforms. - DET0563
Internal MISP references
UUID 8577b89d-01e2-4423-8657-caff7ed22737 which can be used as unique global reference for Detection Strategy for Impair Defenses via Impair Command History Logging across OS platforms. - DET0563 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0563 |
Related clusters
To see the related clusters, click here.
Detect Local Email Collection via Outlook Data File Access and Command Line Tooling - DET0047
Internal MISP references
UUID 8fb1967e-478f-4a83-9fb9-3da1015b8a26 which can be used as unique global reference for Detect Local Email Collection via Outlook Data File Access and Command Line Tooling - DET0047 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0047 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Native API Invocation via Unusual DLL Loads and Direct Syscalls - DET0529
Internal MISP references
UUID 36654ec6-5019-4e79-b299-1fbf3a03e064 which can be used as unique global reference for Behavioral Detection of Native API Invocation via Unusual DLL Loads and Direct Syscalls - DET0529 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0529 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow using Path Interception by Search Order Hijacking - DET0564
Internal MISP references
UUID 9050bfb8-840d-4464-b4e8-7a0dbdece715 which can be used as unique global reference for Detection Strategy for Hijack Execution Flow using Path Interception by Search Order Hijacking - DET0564 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0564 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection for T1610 Deploy Container across Docker & Kubernetes control/node planes - DET0249
Internal MISP references
UUID 994c7fc6-ad85-47e6-9079-fb872ec7e541 which can be used as unique global reference for Behavior-chain detection for T1610 Deploy Container across Docker & Kubernetes control/node planes - DET0249 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0249 |
Related clusters
To see the related clusters, click here.
Detect Default File Association Hijack via Registry & Execution Correlation on Windows - DET0061
Internal MISP references
UUID 61585647-dcc0-4c46-9333-c59796997826 which can be used as unique global reference for Detect Default File Association Hijack via Registry & Execution Correlation on Windows - DET0061 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0061 |
Related clusters
To see the related clusters, click here.
Hardware Supply Chain Compromise Detection via Host Status & Boot Integrity Checks - DET0368
Internal MISP references
UUID 4dfcf95f-0bbb-4ae7-8bd5-91e3e6c51809 which can be used as unique global reference for Hardware Supply Chain Compromise Detection via Host Status & Boot Integrity Checks - DET0368 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0368 |
Related clusters
To see the related clusters, click here.
Behavior-chain, platform-aware detection strategy for T1127 Trusted Developer Utilities Proxy Execution (Windows) - DET0172
Internal MISP references
UUID f47cb8dc-2120-4541-9306-95053218ba8a which can be used as unique global reference for Behavior-chain, platform-aware detection strategy for T1127 Trusted Developer Utilities Proxy Execution (Windows) - DET0172 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0172 |
Related clusters
To see the related clusters, click here.
Exploit Public-Facing Application – multi-signal correlation (request → error → post-exploit process/egress) - DET0080
Internal MISP references
UUID dd8477c8-2aad-4db3-b810-fe0d2f605fa8 which can be used as unique global reference for Exploit Public-Facing Application – multi-signal correlation (request → error → post-exploit process/egress) - DET0080 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0080 |
Related clusters
To see the related clusters, click here.
Traffic Signaling (Port-knock / magic-packet → firewall or service activation) – T1205 - DET0524
Internal MISP references
UUID 1e601759-c5d1-45cc-97a1-972967426794 which can be used as unique global reference for Traffic Signaling (Port-knock / magic-packet → firewall or service activation) – T1205 - DET0524 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0524 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection strategy for T1127.002 Trusted Developer Utilities Proxy Execution: ClickOnce (Windows) - DET0191
Internal MISP references
UUID ec75b064-d8f1-40a7-832c-0ef0bb40214d which can be used as unique global reference for Behavior-chain detection strategy for T1127.002 Trusted Developer Utilities Proxy Execution: ClickOnce (Windows) - DET0191 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0191 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection strategy for T1127.001 Trusted Developer Utilities Proxy Execution: MSBuild (Windows) - DET0556
Internal MISP references
UUID 5fb0bb0d-cc9c-47aa-86f2-567b4ee642ff which can be used as unique global reference for Behavior-chain detection strategy for T1127.001 Trusted Developer Utilities Proxy Execution: MSBuild (Windows) - DET0556 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0556 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection strategy for T1127.003 Trusted Developer Utilities Proxy Execution: JamPlus (Windows) - DET0585
Internal MISP references
UUID 680956cb-d8c6-447c-99b4-82865fb89255 which can be used as unique global reference for Behavior-chain detection strategy for T1127.003 Trusted Developer Utilities Proxy Execution: JamPlus (Windows) - DET0585 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0585 |
Related clusters
To see the related clusters, click here.
Behavioral detection for Supply Chain Compromise (package/update tamper → install → first-run) - DET0537
Internal MISP references
UUID 18c9199f-d6b6-4efe-ac90-9a1b7b8c6f36 which can be used as unique global reference for Behavioral detection for Supply Chain Compromise (package/update tamper → install → first-run) - DET0537 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0537 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1547.010 – Port Monitor DLL Persistence via spoolsv.exe (Windows) - DET0204
Internal MISP references
UUID a62dbd10-5b61-489c-a465-8f792792778e which can be used as unique global reference for Detection Strategy for T1547.010 – Port Monitor DLL Persistence via spoolsv.exe (Windows) - DET0204 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0204 |
Related clusters
To see the related clusters, click here.
Behavioral Detection Strategy for Use Alternate Authentication Material: Application Access Token (T1550.001) - DET0185
Internal MISP references
UUID afdf49f9-905d-49e4-9e42-5726f35e87e4 which can be used as unique global reference for Behavioral Detection Strategy for Use Alternate Authentication Material: Application Access Token (T1550.001) - DET0185 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0185 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Asynchronous Procedure Call (APC) Injection via Remote Thread Queuing - DET0100
Internal MISP references
UUID 4554ad15-dc0a-44f8-92b6-b8e7dc64385e which can be used as unique global reference for Behavioral Detection of Asynchronous Procedure Call (APC) Injection via Remote Thread Queuing - DET0100 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0100 |
Related clusters
To see the related clusters, click here.
Detect Access and Decryption of Group Policy Preference (GPP) Credentials in SYSVOL - DET0381
Internal MISP references
UUID 69b08c7a-c2ab-4e56-935d-ec28143372de which can be used as unique global reference for Detect Access and Decryption of Group Policy Preference (GPP) Credentials in SYSVOL - DET0381 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0381 |
Related clusters
To see the related clusters, click here.
Detection Strategy for HTML Smuggling via JavaScript Blob + Dynamic File Drop - DET0313
Internal MISP references
UUID a8067c32-46d5-426e-9c1a-e91d360be83d which can be used as unique global reference for Detection Strategy for HTML Smuggling via JavaScript Blob + Dynamic File Drop - DET0313 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0313 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection for T1133 External Remote Services across Windows, Linux, macOS, Containers - DET0354
Internal MISP references
UUID e9833c3c-b5ec-421b-bab4-91f74c2b6bd1 which can be used as unique global reference for Behavior-chain detection for T1133 External Remote Services across Windows, Linux, macOS, Containers - DET0354 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0354 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection for T1135 Network Share Discovery across Windows, Linux, and macOS - DET0182
Internal MISP references
UUID e7870b55-7420-444a-9751-99fb5fbf4cd9 which can be used as unique global reference for Behavior-chain detection for T1135 Network Share Discovery across Windows, Linux, and macOS - DET0182 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0182 |
Related clusters
To see the related clusters, click here.
Multi-hop Proxy Behavior via Relay Node Chaining, Onion Routing, and Network Tunneling - DET0359
Internal MISP references
UUID 407286ed-c904-412a-9f2d-7426ea7304a4 which can be used as unique global reference for Multi-hop Proxy Behavior via Relay Node Chaining, Onion Routing, and Network Tunneling - DET0359 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0359 |
Related clusters
To see the related clusters, click here.
Detect Excessive or Unauthorized Bandwidth Usage for Botnet, Proxyjacking, or Scanning Purposes - DET0028
Internal MISP references
UUID c0a23061-c4f3-4003-9e81-e81d50b6d1e2 which can be used as unique global reference for Detect Excessive or Unauthorized Bandwidth Usage for Botnet, Proxyjacking, or Scanning Purposes - DET0028 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0028 |
Related clusters
To see the related clusters, click here.
Detection of Web Session Cookie Theft via File, Memory, and Network Artifacts - DET0509
Internal MISP references
UUID 26fdbcb2-abc1-4844-8e5d-2c6039336cb7 which can be used as unique global reference for Detection of Web Session Cookie Theft via File, Memory, and Network Artifacts - DET0509 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0509 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Compile After Delivery - Source Code to Executable Transformation - DET0501
Internal MISP references
UUID 48d80184-842f-419a-ab84-01030f866bd4 which can be used as unique global reference for Detection Strategy for Compile After Delivery - Source Code to Executable Transformation - DET0501 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0501 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Subvert Trust Controls using SIP and Trust Provider Hijacking. - DET0442
Internal MISP references
UUID 541f2335-1046-4621-9829-1a4a305069c5 which can be used as unique global reference for Detection Strategy for Subvert Trust Controls using SIP and Trust Provider Hijacking. - DET0442 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0442 |
Related clusters
To see the related clusters, click here.
Detection of Impair Defenses through Disabled or Modified Tools across OS Platforms. - DET0497
Internal MISP references
UUID a21019ad-f6d2-4806-be7b-01ba27c63147 which can be used as unique global reference for Detection of Impair Defenses through Disabled or Modified Tools across OS Platforms. - DET0497 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0497 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Network Share Connection Removal via CLI and SMB Disconnects - DET0103
Internal MISP references
UUID 00060b87-7f99-45aa-9553-a4d94139195c which can be used as unique global reference for Behavioral Detection of Network Share Connection Removal via CLI and SMB Disconnects - DET0103 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0103 |
Related clusters
To see the related clusters, click here.
Detection of Lifecycle Policy Modifications for Triggered Deletion in IaaS Cloud Storage - DET0041
Internal MISP references
UUID cfdf2a13-7059-4532-9d1c-f9129b0e3f7b which can be used as unique global reference for Detection of Lifecycle Policy Modifications for Triggered Deletion in IaaS Cloud Storage - DET0041 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0041 |
Related clusters
To see the related clusters, click here.
Detection of Domain or Tenant Policy Modifications via AD and Identity Provider - DET0270
Internal MISP references
UUID 3eb428c7-5192-4ae2-a5a3-022ca9695ec8 which can be used as unique global reference for Detection of Domain or Tenant Policy Modifications via AD and Identity Provider - DET0270 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0270 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Accessibility Feature Hijacking via Binary Replacement or Registry Modification - DET0033
Internal MISP references
UUID 05cb564b-df98-44d8-8982-176136eef26d which can be used as unique global reference for Detection Strategy for Accessibility Feature Hijacking via Binary Replacement or Registry Modification - DET0033 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0033 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Traffic Duplication via Mirroring in IaaS and Network Devices - DET0403
Internal MISP references
UUID 69c06a1c-5b36-432c-871b-813957b3c678 which can be used as unique global reference for Detection Strategy for Traffic Duplication via Mirroring in IaaS and Network Devices - DET0403 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0403 |
Related clusters
To see the related clusters, click here.
Detection of Group Policy Modifications via AD Object Changes and File Activity - DET0305
Internal MISP references
UUID 7aa7d45f-64da-4f16-a905-b4881da82c62 which can be used as unique global reference for Detection of Group Policy Modifications via AD Object Changes and File Activity - DET0305 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0305 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow using Executable Installer File Permissions Weakness - DET0038
Internal MISP references
UUID 07b1eb42-4f7b-4420-972e-2f28f17c0fa0 which can be used as unique global reference for Detection Strategy for Hijack Execution Flow using Executable Installer File Permissions Weakness - DET0038 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0038 |
Related clusters
To see the related clusters, click here.
Detect Winlogon Helper DLL Abuse via Registry and Process Artifacts on Windows - DET0404
Internal MISP references
UUID 63135c50-7c7a-4a44-a053-28abd2388f21 which can be used as unique global reference for Detect Winlogon Helper DLL Abuse via Registry and Process Artifacts on Windows - DET0404 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0404 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow through Path Interception by Unquoted Path - DET0064
Internal MISP references
UUID 26a281d7-c49e-4e36-ab51-26a757559cf0 which can be used as unique global reference for Detection Strategy for Hijack Execution Flow through Path Interception by Unquoted Path - DET0064 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0064 |
Related clusters
To see the related clusters, click here.
Detect WMI Event Subscription for Persistence via WmiPrvSE Process and MOF Compilation - DET0086
Internal MISP references
UUID 99e60eb7-f2fa-4423-8c51-29832cd6e7ef which can be used as unique global reference for Detect WMI Event Subscription for Persistence via WmiPrvSE Process and MOF Compilation - DET0086 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0086 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Disk Wipe via Direct Disk Access and Destructive Commands - DET0137
Internal MISP references
UUID da01afef-b769-4d31-964d-901fabaf6a8f which can be used as unique global reference for Detection Strategy for Disk Wipe via Direct Disk Access and Destructive Commands - DET0137 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0137 |
Related clusters
To see the related clusters, click here.
Detection of Data Destruction Across Platforms via Mass Overwrite and Deletion Patterns - DET0146
Internal MISP references
UUID c54fdf95-c7ac-4ca4-bd99-273e56da20a5 which can be used as unique global reference for Detection of Data Destruction Across Platforms via Mass Overwrite and Deletion Patterns - DET0146 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0146 |
Related clusters
To see the related clusters, click here.
Detecting Bulk or Anomalous Access to Private Code Repositories via SaaS Platforms - DET0263
Internal MISP references
UUID 574968c5-ca49-4005-958f-c3ea5a78cfbc which can be used as unique global reference for Detecting Bulk or Anomalous Access to Private Code Repositories via SaaS Platforms - DET0263 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0263 |
Related clusters
To see the related clusters, click here.
Detection Strategy for MFA Interception via Input Capture and Smart Card Proxying - DET0246
Internal MISP references
UUID 6df13a5a-7d2b-4c9d-8c6e-d57ca850fe15 which can be used as unique global reference for Detection Strategy for MFA Interception via Input Capture and Smart Card Proxying - DET0246 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0246 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Thread Execution Hijacking via Thread Suspension and Context Switching - DET0295
Internal MISP references
UUID 47dd679b-1bd4-4bb7-a946-5d77fd49a939 which can be used as unique global reference for Behavioral Detection of Thread Execution Hijacking via Thread Suspension and Context Switching - DET0295 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0295 |
Related clusters
To see the related clusters, click here.
Detection of Credential Dumping from LSASS Memory via Access and Dump Sequence - DET0363
Internal MISP references
UUID 793c70fb-bc7a-4a77-95aa-7b0c583f10b4 which can be used as unique global reference for Detection of Credential Dumping from LSASS Memory via Access and Dump Sequence - DET0363 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0363 |
Related clusters
To see the related clusters, click here.
Detect persistent or elevated container services via container runtime or cluster manipulation - DET0473
Internal MISP references
UUID 81ac26e4-c4f6-4368-842f-50033ca8522b which can be used as unique global reference for Detect persistent or elevated container services via container runtime or cluster manipulation - DET0473 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0473 |
Related clusters
To see the related clusters, click here.
Detect Suspicious Access to Private Key Files and Export Attempts Across Platforms - DET0549
Internal MISP references
UUID 84b5d372-eedb-4b69-bf78-9d4815e2b2b7 which can be used as unique global reference for Detect Suspicious Access to Private Key Files and Export Attempts Across Platforms - DET0549 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0549 |
Related clusters
To see the related clusters, click here.
Detection Strategy for TLS Callback Injection via PE Memory Modification and Hollowing - DET0467
Internal MISP references
UUID a14db1ea-e57e-4bc4-83bb-94a6e7da87b0 which can be used as unique global reference for Detection Strategy for TLS Callback Injection via PE Memory Modification and Hollowing - DET0467 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0467 |
Related clusters
To see the related clusters, click here.
Detect Bidirectional Web Service C2 Channels via Process & Network Correlation - DET0035
Internal MISP references
UUID dcf2474e-0774-40da-b7e6-f4b60d0ea62f which can be used as unique global reference for Detect Bidirectional Web Service C2 Channels via Process & Network Correlation - DET0035 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0035 |
Related clusters
To see the related clusters, click here.
Detect User Activity Based Sandbox Evasion via Input & Artifact Probing - DET0420
Internal MISP references
UUID 5463d676-c300-4ab8-9980-d3ed37ac4723 which can be used as unique global reference for Detect User Activity Based Sandbox Evasion via Input & Artifact Probing - DET0420 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0420 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection for T1134.004 Access Token Manipulation: Parent PID Spoofing (Windows) - DET0489
Internal MISP references
UUID eb751740-80cd-4ec1-a989-8691bf7f2039 which can be used as unique global reference for Behavior-chain detection for T1134.004 Access Token Manipulation: Parent PID Spoofing (Windows) - DET0489 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0489 |
Related clusters
To see the related clusters, click here.
Linux Python Startup Hook Persistence via .pth and Customize Files (T1546.018) - DET0258
Internal MISP references
UUID 6034b1c9-84df-4349-b34f-957ad8ec34d3 which can be used as unique global reference for Linux Python Startup Hook Persistence via .pth and Customize Files (T1546.018) - DET0258 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0258 |
Related clusters
To see the related clusters, click here.
User Execution – Malicious File via download/open → spawn chain (T1204.002) - DET0294
Internal MISP references
UUID e2023eb5-d813-4a08-985e-e8c998672037 which can be used as unique global reference for User Execution – Malicious File via download/open → spawn chain (T1204.002) - DET0294 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0294 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Application Shimming via sdbinst.exe and Registry Artifacts (Windows) - DET0017
Internal MISP references
UUID 22fe898e-3b53-468c-b2b2-dd59abc83297 which can be used as unique global reference for Detection Strategy for Application Shimming via sdbinst.exe and Registry Artifacts (Windows) - DET0017 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0017 |
Related clusters
To see the related clusters, click here.
Detection of Adversary Use of Unused or Unsupported Cloud Regions (IaaS) - DET0247
Internal MISP references
UUID ec3e5f66-a2b8-48ae-9adf-eb4f5014ba70 which can be used as unique global reference for Detection of Adversary Use of Unused or Unsupported Cloud Regions (IaaS) - DET0247 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0247 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Rogue Domain Controller (DCShadow) Registration and Replication Abuse - DET0276
Internal MISP references
UUID f012e122-9f78-4370-a481-d2efaa181359 which can be used as unique global reference for Detection Strategy for Rogue Domain Controller (DCShadow) Registration and Replication Abuse - DET0276 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0276 |
Related clusters
To see the related clusters, click here.
Detection of Domain Trust Discovery via API, Script, and CLI Enumeration - DET0007
Internal MISP references
UUID 3414f3b8-17a2-438c-8bbc-a261a04da8bc which can be used as unique global reference for Detection of Domain Trust Discovery via API, Script, and CLI Enumeration - DET0007 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0007 |
Related clusters
To see the related clusters, click here.
Behavioral Detection Strategy for T1123 Audio Capture Across Windows, Linux, macOS - DET0221
Internal MISP references
UUID c7471b0b-ac10-4eac-aae6-cfa821e707dd which can be used as unique global reference for Behavioral Detection Strategy for T1123 Audio Capture Across Windows, Linux, macOS - DET0221 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0221 |
Related clusters
To see the related clusters, click here.
Detect Subversion of Trust Controls via Certificate, Registry, and Attribute Manipulation - DET0452
Internal MISP references
UUID 73cde34a-247f-4ebc-87a5-ab6a9c400f40 which can be used as unique global reference for Detect Subversion of Trust Controls via Certificate, Registry, and Attribute Manipulation - DET0452 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0452 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Fileless Storage via Registry, WMI, and Shared Memory - DET0344
Internal MISP references
UUID aea09aae-c0c3-4453-aa44-ea0153e5cb8c which can be used as unique global reference for Detection Strategy for Fileless Storage via Registry, WMI, and Shared Memory - DET0344 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0344 |
Related clusters
To see the related clusters, click here.
Detect abuse of Windows BITS Jobs for download, execution and persistence - DET0098
Internal MISP references
UUID de9fde27-426b-4cb1-afcd-dbe1f7d4273f which can be used as unique global reference for Detect abuse of Windows BITS Jobs for download, execution and persistence - DET0098 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0098 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Indicator Removal from Tools - Post-AV Evasion Modification - DET0189
Internal MISP references
UUID 6ab338c4-9ed3-4f63-9462-b13cea5a68b0 which can be used as unique global reference for Detection Strategy for Indicator Removal from Tools - Post-AV Evasion Modification - DET0189 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0189 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection for T1134.001 Access Token Manipulation: Token Impersonation/Theft on Windows - DET0482
Internal MISP references
UUID 0b06e42c-ab1c-4fb7-834b-10293e904173 which can be used as unique global reference for Behavior-chain detection for T1134.001 Access Token Manipulation: Token Impersonation/Theft on Windows - DET0482 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0482 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1546.016 - Event Triggered Execution via Installer Packages - DET0330
Internal MISP references
UUID 04f3b20d-e208-4ca3-b1e5-9e996013bc8a which can be used as unique global reference for Detection Strategy for T1546.016 - Event Triggered Execution via Installer Packages - DET0330 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0330 |
Related clusters
To see the related clusters, click here.
Multi-Platform Shutdown or Reboot Detection via Execution and Host Status Events - DET0559
Internal MISP references
UUID 2a464ecb-46ef-41f0-8ab6-a97a99ad0559 which can be used as unique global reference for Multi-Platform Shutdown or Reboot Detection via Execution and Host Status Events - DET0559 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0559 |
Related clusters
To see the related clusters, click here.
Detection of Malicious Control Panel Item Execution via control.exe or Rundll32 - DET0194
Internal MISP references
UUID 012e526a-dacd-4019-a019-bc68733395d2 which can be used as unique global reference for Detection of Malicious Control Panel Item Execution via control.exe or Rundll32 - DET0194 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0194 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow through the AppDomainManager on Windows. - DET0517
Internal MISP references
UUID 387ae9f0-0b8b-49b9-ab85-8f325a583d24 which can be used as unique global reference for Detection Strategy for Hijack Execution Flow through the AppDomainManager on Windows. - DET0517 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0517 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow through Service Registry Premission Weakness. - DET0427
Internal MISP references
UUID a44e6677-25d9-495a-91fd-e2611dac9477 which can be used as unique global reference for Detection Strategy for Hijack Execution Flow through Service Registry Premission Weakness. - DET0427 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0427 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow through Services File Permissions Weakness. - DET0436
Internal MISP references
UUID 7e71997a-80b5-4d0d-807e-472116b46b77 which can be used as unique global reference for Detection Strategy for Hijack Execution Flow through Services File Permissions Weakness. - DET0436 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0436 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow through the KernelCallbackTable on Windows. - DET0577
Internal MISP references
UUID 7ee8426e-2b65-44ed-b6d4-3800b92adf2e which can be used as unique global reference for Detection Strategy for Hijack Execution Flow through the KernelCallbackTable on Windows. - DET0577 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0577 |
Related clusters
To see the related clusters, click here.
Detection Strategy for SVG Smuggling with Script Execution and Delivery Behavior - DET0510
Internal MISP references
UUID 6c59d987-c339-4743-bdb0-0eb21285deb7 which can be used as unique global reference for Detection Strategy for SVG Smuggling with Script Execution and Delivery Behavior - DET0510 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0510 |
Related clusters
To see the related clusters, click here.
Detect LSA Authentication Package Persistence via Registry and LSASS DLL Load - DET0207
Internal MISP references
UUID 1525b951-a0fb-42ac-97b7-05ac6f412020 which can be used as unique global reference for Detect LSA Authentication Package Persistence via Registry and LSASS DLL Load - DET0207 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0207 |
Related clusters
To see the related clusters, click here.
Internal Website and System Content Defacement via UI or Messaging Modifications - DET0082
Internal MISP references
UUID c8b4a2e4-386f-45b3-b32a-8ca4113e5592 which can be used as unique global reference for Internal Website and System Content Defacement via UI or Messaging Modifications - DET0082 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0082 |
Related clusters
To see the related clusters, click here.
Credential Dumping from SAM via Registry Dump and Local File Access - DET0085
Internal MISP references
UUID 13c88a68-15e3-45e5-958b-82fe7b948561 which can be used as unique global reference for Credential Dumping from SAM via Registry Dump and Local File Access - DET0085 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0085 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of T1498 – Network Denial of Service Across Platforms - DET0518
Internal MISP references
UUID 8103189e-83c8-4246-a56c-193e19c98182 which can be used as unique global reference for Behavioral Detection of T1498 – Network Denial of Service Across Platforms - DET0518 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0518 |
Related clusters
To see the related clusters, click here.
Detection of Masqueraded Tasks or Services with Suspicious Naming and Execution - DET0117
Internal MISP references
UUID 45665335-5bf0-4553-9398-ea40d550cbff which can be used as unique global reference for Detection of Masqueraded Tasks or Services with Suspicious Naming and Execution - DET0117 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0117 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Cloud Group Enumeration via API and CLI Access - DET0251
Internal MISP references
UUID 55e10a13-d18d-4ce5-a773-c4ec6bd68d52 which can be used as unique global reference for Behavioral Detection of Cloud Group Enumeration via API and CLI Access - DET0251 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0251 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Masquerading Across Platforms via Metadata and Execution Discrepancy - DET0127
Internal MISP references
UUID 408aedab-4a23-41ad-809d-fe9c3805b7f6 which can be used as unique global reference for Behavioral Detection of Masquerading Across Platforms via Metadata and Execution Discrepancy - DET0127 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0127 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Encrypted Channel via Symmetric Cryptography across OS Platforms - DET0143
Internal MISP references
UUID 32c549cd-a06b-41f2-8063-8937ba7feab6 which can be used as unique global reference for Detection Strategy for Encrypted Channel via Symmetric Cryptography across OS Platforms - DET0143 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0143 |
Related clusters
To see the related clusters, click here.
Detection of Cached Domain Credential Dumping via Local Hash Cache Access - DET0513
Internal MISP references
UUID 90b5ad4f-44bf-46e2-ac66-6e81e573e3fb which can be used as unique global reference for Detection of Cached Domain Credential Dumping via Local Hash Cache Access - DET0513 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0513 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Disk Content Wipe via Direct Access and Overwrite - DET0316
Internal MISP references
UUID 3a016ed2-47e0-414b-b90e-a44d1437354e which can be used as unique global reference for Detection Strategy for Disk Content Wipe via Direct Access and Overwrite - DET0316 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0316 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Resource Hijacking: SMS Pumping via SaaS Application Logs - DET0156
Internal MISP references
UUID 9c36b7a8-22bb-4420-a8ac-8e46ddef5674 which can be used as unique global reference for Detection Strategy for Resource Hijacking: SMS Pumping via SaaS Application Logs - DET0156 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0156 |
Related clusters
To see the related clusters, click here.
Domain Fronting Behavior via Mismatched TLS SNI and HTTP Host Headers - DET0196
Internal MISP references
UUID 92203cb2-b7bd-4bc3-ab6f-9859a9856efc which can be used as unique global reference for Domain Fronting Behavior via Mismatched TLS SNI and HTTP Host Headers - DET0196 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0196 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Weaken Encryption: Reduce Key Space on Network Devices - DET0243
Internal MISP references
UUID bcddd949-40be-40dd-949e-8f69f893360b which can be used as unique global reference for Detection Strategy for Weaken Encryption: Reduce Key Space on Network Devices - DET0243 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0243 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Modify Cloud Compute Infrastructure: Modify Cloud Compute Configurations - DET0492
Internal MISP references
UUID d4586276-d188-44e7-a782-dded12dd352e which can be used as unique global reference for Detection Strategy for Modify Cloud Compute Infrastructure: Modify Cloud Compute Configurations - DET0492 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0492 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Encrypted Channel via Asymmetric Cryptography across OS Platforms - DET0543
Internal MISP references
UUID e5448ab8-39d6-4364-ae7f-0459687251f7 which can be used as unique global reference for Detection Strategy for Encrypted Channel via Asymmetric Cryptography across OS Platforms - DET0543 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0543 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Weaken Encryption: Disable Crypto Hardware on Network Devices - DET0494
Internal MISP references
UUID 2fed2eb7-2b3e-494f-9154-b996090b5a1e which can be used as unique global reference for Detection Strategy for Weaken Encryption: Disable Crypto Hardware on Network Devices - DET0494 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0494 |
Related clusters
To see the related clusters, click here.
Detection of Abused or Compromised Cloud Accounts for Access and Persistence - DET0546
Internal MISP references
UUID a1a9e316-145a-4744-a594-7decc23c543d which can be used as unique global reference for Detection of Abused or Compromised Cloud Accounts for Access and Persistence - DET0546 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0546 |
Related clusters
To see the related clusters, click here.
Detecting Unauthorized Collection from Messaging Applications in SaaS and Office Environments - DET0567
Internal MISP references
UUID c69d915c-0cbf-479e-b0b5-bebd7eb7e728 which can be used as unique global reference for Detecting Unauthorized Collection from Messaging Applications in SaaS and Office Environments - DET0567 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0567 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Steganographic Abuse in File & Script Execution - DET0119
Internal MISP references
UUID a57c9ffb-8b18-4178-a07f-e596abe389bd which can be used as unique global reference for Detection Strategy for Steganographic Abuse in File & Script Execution - DET0119 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0119 |
Related clusters
To see the related clusters, click here.
Detection of File Transfer Protocol-Based C2 (FTP, FTPS, SMB, TFTP) - DET0416
Internal MISP references
UUID 1fba9af9-8087-4958-90c0-ecdd8c887f6f which can be used as unique global reference for Detection of File Transfer Protocol-Based C2 (FTP, FTPS, SMB, TFTP) - DET0416 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0416 |
Related clusters
To see the related clusters, click here.
Backup Software Discovery via CLI, Registry, and Process Inspection (T1518.002) - DET0088
Internal MISP references
UUID a3bdd6e2-92d3-45db-a486-9f051c68672b which can be used as unique global reference for Backup Software Discovery via CLI, Registry, and Process Inspection (T1518.002) - DET0088 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0088 |
Related clusters
To see the related clusters, click here.
Socket-filter trigger → on-host raw-socket activity → reverse connection (T1205.002) - DET0162
Internal MISP references
UUID b4cdf164-9cb7-4cad-bdc3-81b5574f364a which can be used as unique global reference for Socket-filter trigger → on-host raw-socket activity → reverse connection (T1205.002) - DET0162 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0162 |
Related clusters
To see the related clusters, click here.
Detect Mark-of-the-Web (MOTW) Bypass via Container and Disk Image Files - DET0257
Internal MISP references
UUID 2556841e-474a-45c0-b827-4f5db6dcca31 which can be used as unique global reference for Detect Mark-of-the-Web (MOTW) Bypass via Container and Disk Image Files - DET0257 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0257 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection for T1134.005 Access Token Manipulation: SID-History Injection (Windows) - DET0136
Internal MISP references
UUID d32792e2-f927-492b-91bf-ac478cf64868 which can be used as unique global reference for Behavior-chain detection for T1134.005 Access Token Manipulation: SID-History Injection (Windows) - DET0136 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0136 |
Related clusters
To see the related clusters, click here.
Exploitation for Client Execution – cross-platform behavior chain (browser/Office/3rd-party apps) - DET0287
Internal MISP references
UUID 1894c2d7-ce4f-4cfd-8644-decb1e14f0c5 which can be used as unique global reference for Exploitation for Client Execution – cross-platform behavior chain (browser/Office/3rd-party apps) - DET0287 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0287 |
Related clusters
To see the related clusters, click here.
Detect abuse of Trusted Relationships (third-party and delegated admin access) - DET0488
Internal MISP references
UUID 2f7a5ebd-e025-4822-aed2-46fc3ec1a0a9 which can be used as unique global reference for Detect abuse of Trusted Relationships (third-party and delegated admin access) - DET0488 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0488 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1505.005 – Terminal Services DLL Modification (Windows) - DET0212
Internal MISP references
UUID d9073646-f875-4c38-9b37-e9ac11c40188 which can be used as unique global reference for Detection Strategy for T1505.005 – Terminal Services DLL Modification (Windows) - DET0212 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0212 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1548.002 – Bypass User Account Control (UAC) - DET0388
Internal MISP references
UUID d6619253-10cd-4b90-84b5-364c418d2484 which can be used as unique global reference for Detection Strategy for T1548.002 – Bypass User Account Control (UAC) - DET0388 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0388 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Extra Window Memory (EWM) Injection on Windows - DET0217
Internal MISP references
UUID 1a8d87f1-48ca-4929-a5cc-2b2a03983f12 which can be used as unique global reference for Detection Strategy for Extra Window Memory (EWM) Injection on Windows - DET0217 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0217 |
Related clusters
To see the related clusters, click here.
Detect unauthorized LSASS driver persistence via LSA plugin abuse (Windows) - DET0225
Internal MISP references
UUID fbac07bf-65d5-4222-88bb-0ef798417ebb which can be used as unique global reference for Detect unauthorized LSASS driver persistence via LSA plugin abuse (Windows) - DET0225 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0225 |
Related clusters
To see the related clusters, click here.
Detect Abuse of vSphere Installation Bundles (VIBs) for Persistent Access - DET0535
Internal MISP references
UUID 000d7b6f-0bb5-4144-a3eb-1aa822433da1 which can be used as unique global reference for Detect Abuse of vSphere Installation Bundles (VIBs) for Persistent Access - DET0535 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0535 |
Related clusters
To see the related clusters, click here.
Detecting Steganographic Command and Control via File + Network Correlation - DET0235
Internal MISP references
UUID 0aa86929-f232-4fa7-bdc9-120f917a3509 which can be used as unique global reference for Detecting Steganographic Command and Control via File + Network Correlation - DET0235 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0235 |
Related clusters
To see the related clusters, click here.
Direct Network Flood Detection across IaaS, Linux, Windows, and macOS - DET0343
Internal MISP references
UUID 6e1ea095-9f21-4544-8e9b-4fab2668033e which can be used as unique global reference for Direct Network Flood Detection across IaaS, Linux, Windows, and macOS - DET0343 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0343 |
Related clusters
To see the related clusters, click here.
Detection of Web Protocol-Based C2 Over HTTP, HTTPS, or WebSockets - DET0027
Internal MISP references
UUID e6496b9b-2458-4616-9712-a7c0da7fd3bc which can be used as unique global reference for Detection of Web Protocol-Based C2 Over HTTP, HTTPS, or WebSockets - DET0027 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0027 |
Related clusters
To see the related clusters, click here.
Detect Time-Based Evasion via Sleep, Timer Loops, and Delayed Execution - DET0141
Internal MISP references
UUID 90b6ef43-3f63-47c5-af59-ed4f95cc9c87 which can be used as unique global reference for Detect Time-Based Evasion via Sleep, Timer Loops, and Delayed Execution - DET0141 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0141 |
Related clusters
To see the related clusters, click here.
Detect Office Startup-Based Persistence via Macros, Forms, and Registry Hooks - DET0398
Internal MISP references
UUID 71a8576b-c9ef-4485-b461-d706fd757a67 which can be used as unique global reference for Detect Office Startup-Based Persistence via Macros, Forms, and Registry Hooks - DET0398 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0398 |
Related clusters
To see the related clusters, click here.
Detection of Msiexec Abuse for Local, Network, and DLL Execution - DET0158
Internal MISP references
UUID 0602b47a-d37c-4eee-ac4b-b464060945ab which can be used as unique global reference for Detection of Msiexec Abuse for Local, Network, and DLL Execution - DET0158 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0158 |
Related clusters
To see the related clusters, click here.
Multi-event Detection Strategy for RDP-Based Remote Logins and Post-Access Activity - DET0327
Internal MISP references
UUID 722d2e3d-c3ad-4878-bcef-ca3161465342 which can be used as unique global reference for Multi-event Detection Strategy for RDP-Based Remote Logins and Post-Access Activity - DET0327 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0327 |
Related clusters
To see the related clusters, click here.
Windows Detection Strategy for T1547.012 - Print Processor DLL Persistence - DET0026
Internal MISP references
UUID b661f959-953f-4329-a43a-f1b060e7626b which can be used as unique global reference for Windows Detection Strategy for T1547.012 - Print Processor DLL Persistence - DET0026 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0026 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Dynamic API Resolution via Hash-Based Function Lookups - DET0091
Internal MISP references
UUID 063eac3f-9c2a-429a-ad7c-ae7f49158bb2 which can be used as unique global reference for Detection Strategy for Dynamic API Resolution via Hash-Based Function Lookups - DET0091 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0091 |
Related clusters
To see the related clusters, click here.
Behavioral Detection Strategy for Exfiltration Over Symmetric Encrypted Non-C2 Protocol - DET0503
Internal MISP references
UUID 5d368ccf-2946-4a01-bfae-c18064b6187a which can be used as unique global reference for Behavioral Detection Strategy for Exfiltration Over Symmetric Encrypted Non-C2 Protocol - DET0503 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0503 |
Related clusters
To see the related clusters, click here.
Cross-Platform Detection of Cron Job Abuse for Persistence and Execution - DET0290
Internal MISP references
UUID 6bab4067-9bfc-4e7f-b7fc-e578acd81e6a which can be used as unique global reference for Cross-Platform Detection of Cron Job Abuse for Persistence and Execution - DET0290 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0290 |
Related clusters
To see the related clusters, click here.
Detecting Mshta-based Proxy Execution via Suspicious HTA or Script Invocation - DET0506
Internal MISP references
UUID 8d06728f-5b50-4925-a05c-4d56b17ba5d2 which can be used as unique global reference for Detecting Mshta-based Proxy Execution via Suspicious HTA or Script Invocation - DET0506 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0506 |
Related clusters
To see the related clusters, click here.
Detection Strategy for LC_LOAD_DYLIB Modification in Mach-O Binaries on macOS - DET0216
Internal MISP references
UUID 4f95fef5-3b5e-435a-ad00-33d2d9765640 which can be used as unique global reference for Detection Strategy for LC_LOAD_DYLIB Modification in Mach-O Binaries on macOS - DET0216 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0216 |
Related clusters
To see the related clusters, click here.
Detection of Cloud Service Dashboard Usage via GUI-Based Cloud Access - DET0291
Internal MISP references
UUID e2bf0a76-b5e4-4a23-adbb-024454f5dbdc which can be used as unique global reference for Detection of Cloud Service Dashboard Usage via GUI-Based Cloud Access - DET0291 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0291 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Mailbox Data and Log Deletion for Anti-Forensics - DET0266
Internal MISP references
UUID 08633541-0006-480a-a2d9-e1c81952cc71 which can be used as unique global reference for Behavioral Detection of Mailbox Data and Log Deletion for Anti-Forensics - DET0266 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0266 |
Related clusters
To see the related clusters, click here.
Behavioral Detection Strategy for Remote Service Logins and Post-Access Activity - DET0269
Internal MISP references
UUID d33ffd4e-6328-4b10-84c0-7ad4a241b02d which can be used as unique global reference for Behavioral Detection Strategy for Remote Service Logins and Post-Access Activity - DET0269 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0269 |
Related clusters
To see the related clusters, click here.
Detect Network Logon Script Abuse via Multi-Event Correlation on Windows - DET0367
Internal MISP references
UUID 2f20791a-0c97-40c1-a09e-7925321f6f66 which can be used as unique global reference for Detect Network Logon Script Abuse via Multi-Event Correlation on Windows - DET0367 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0367 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Remote SSH Logins Followed by Post-Login Execution - DET0596
Internal MISP references
UUID 5367273a-2f30-413e-a961-1dbd323be5b0 which can be used as unique global reference for Behavioral Detection of Remote SSH Logins Followed by Post-Login Execution - DET0596 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0596 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Subvert Trust Controls via Install Root Certificate. - DET0056
Internal MISP references
UUID d9e95391-5ea4-49af-a525-31655a72e470 which can be used as unique global reference for Detection Strategy for Subvert Trust Controls via Install Root Certificate. - DET0056 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0056 |
Related clusters
To see the related clusters, click here.
Detection of Disabled or Modified System Firewalls across OS Platforms. - DET0145
Internal MISP references
UUID acb9a314-aa08-4a0f-b3ba-201d87fa4cc8 which can be used as unique global reference for Detection of Disabled or Modified System Firewalls across OS Platforms. - DET0145 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0145 |
Related clusters
To see the related clusters, click here.
Detect Access and Parsing of .bash_history Files for Credential Harvesting - DET0385
Internal MISP references
UUID 653b555a-590f-40e4-9400-f14d0ed92252 which can be used as unique global reference for Detect Access and Parsing of .bash_history Files for Credential Harvesting - DET0385 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0385 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow using the Windows COR_PROFILER. - DET0479
Internal MISP references
UUID 8276f61b-0147-4e72-94fb-7cdd47dc60ec which can be used as unique global reference for Detection Strategy for Hijack Execution Flow using the Windows COR_PROFILER. - DET0479 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0479 |
Related clusters
To see the related clusters, click here.
Detect Forced SMB/WebDAV Authentication via lure files and outbound NTLM - DET0022
Internal MISP references
UUID b45310bb-d520-43b3-8758-e9d5a9738429 which can be used as unique global reference for Detect Forced SMB/WebDAV Authentication via lure files and outbound NTLM - DET0022 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0022 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Poisoned Pipeline Execution via SaaS CI/CD Workflows - DET0533
Internal MISP references
UUID cad3cfb6-1838-4fa3-abfc-aa590f613436 which can be used as unique global reference for Detection Strategy for Poisoned Pipeline Execution via SaaS CI/CD Workflows - DET0533 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0533 |
Related clusters
To see the related clusters, click here.
Detecting OS Credential Dumping via /proc Filesystem Access on Linux - DET0593
Internal MISP references
UUID dc017318-98a3-450b-b903-fe1e7d988197 which can be used as unique global reference for Detecting OS Credential Dumping via /proc Filesystem Access on Linux - DET0593 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0593 |
Related clusters
To see the related clusters, click here.
Detect Conditional Access Policy Modification in Identity and Cloud Platforms - DET0030
Internal MISP references
UUID 4cd84c0e-b125-4576-9441-57c1664bf014 which can be used as unique global reference for Detect Conditional Access Policy Modification in Identity and Cloud Platforms - DET0030 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0030 |
Related clusters
To see the related clusters, click here.
Detecting Abnormal SharePoint Data Mining by Privileged or Rare Users - DET0500
Internal MISP references
UUID 960d6663-6a7f-4f95-affe-a28d71afc7d9 which can be used as unique global reference for Detecting Abnormal SharePoint Data Mining by Privileged or Rare Users - DET0500 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0500 |
Related clusters
To see the related clusters, click here.
Renamed Legitimate Utility Execution with Metadata Mismatch and Suspicious Path - DET0005
Internal MISP references
UUID c2648552-806d-40ec-8ea7-59f4e44983eb which can be used as unique global reference for Renamed Legitimate Utility Execution with Metadata Mismatch and Suspicious Path - DET0005 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0005 |
Related clusters
To see the related clusters, click here.
Removable Media Execution Chain Detection via File and Process Activity - DET0301
Internal MISP references
UUID 8225c396-cbf9-499a-b94d-bdc7a1f07458 which can be used as unique global reference for Removable Media Execution Chain Detection via File and Process Activity - DET0301 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0301 |
Related clusters
To see the related clusters, click here.
Invalid Code Signature Execution Detection via Metadata and Behavioral Context - DET0031
Internal MISP references
UUID fbf8f0b2-3587-45c3-be8d-d495384075be which can be used as unique global reference for Invalid Code Signature Execution Detection via Metadata and Behavioral Context - DET0031 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0031 |
Related clusters
To see the related clusters, click here.
Detection Strategy for File Creation or Modification of Boot Files - DET0150
Internal MISP references
UUID 74252ca3-585e-466f-8020-ed77ebda3369 which can be used as unique global reference for Detection Strategy for File Creation or Modification of Boot Files - DET0150 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0150 |
Related clusters
To see the related clusters, click here.
Detection of Proxy Execution via Trusted Signed Binaries Across Platforms - DET0081
Internal MISP references
UUID ce0b969a-1411-4b6f-a6aa-c31ef6fe6727 which can be used as unique global reference for Detection of Proxy Execution via Trusted Signed Binaries Across Platforms - DET0081 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0081 |
Related clusters
To see the related clusters, click here.
Behavioral Detection Strategy for Abuse of Sudo and Sudo Caching - DET0052
Internal MISP references
UUID 31f41970-898c-4c64-b018-e03eabb81916 which can be used as unique global reference for Behavioral Detection Strategy for Abuse of Sudo and Sudo Caching - DET0052 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0052 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Log File Clearing on Linux and macOS - DET0520
Internal MISP references
UUID 20d79eae-0c09-410a-b99a-f8cb6ec9153c which can be used as unique global reference for Behavioral Detection of Log File Clearing on Linux and macOS - DET0520 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0520 |
Related clusters
To see the related clusters, click here.
Detect Persistence via Outlook Custom Forms Triggered by Malicious Email - DET0029
Internal MISP references
UUID 75281b94-735d-4051-b400-a42205783af9 which can be used as unique global reference for Detect Persistence via Outlook Custom Forms Triggered by Malicious Email - DET0029 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0029 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Endpoint DoS via Application or System Exploitation - DET0304
Internal MISP references
UUID 28d6ebc3-3b01-45e1-b48e-6491364d23e9 which can be used as unique global reference for Detection Strategy for Endpoint DoS via Application or System Exploitation - DET0304 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0304 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of User Discovery via Local and Remote Enumeration - DET0093
Internal MISP references
UUID 050d236f-745a-4801-add6-50cb58248615 which can be used as unique global reference for Behavioral Detection of User Discovery via Local and Remote Enumeration - DET0093 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0093 |
Related clusters
To see the related clusters, click here.
Detection of Local Account Abuse for Initial Access and Persistence - DET0407
Internal MISP references
UUID b045b89e-3095-41c3-a04d-d40075f14cd8 which can be used as unique global reference for Detection of Local Account Abuse for Initial Access and Persistence - DET0407 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0407 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Modify Cloud Compute Infrastructure: Delete Cloud Instance - DET0084
Internal MISP references
UUID ceac3cb0-d9eb-4466-810f-4acbf793e980 which can be used as unique global reference for Detection Strategy for Modify Cloud Compute Infrastructure: Delete Cloud Instance - DET0084 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0084 |
Related clusters
To see the related clusters, click here.
Detect Remote Email Collection via Abnormal Login and Programmatic Access - DET0048
Internal MISP references
UUID 00a515dc-e3be-4349-9c61-65a5c0ce815d which can be used as unique global reference for Detect Remote Email Collection via Abnormal Login and Programmatic Access - DET0048 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0048 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Spearphishing via a Service across OS Platforms - DET0115
Internal MISP references
UUID dd232215-bb7f-461f-ac3f-e7cf5612e396 which can be used as unique global reference for Detection Strategy for Spearphishing via a Service across OS Platforms - DET0115 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0115 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Data Transfer Size Limits and Chunked Exfiltration - DET0213
Internal MISP references
UUID d96f78ad-21cd-45dc-940a-63b348894728 which can be used as unique global reference for Detection Strategy for Data Transfer Size Limits and Chunked Exfiltration - DET0213 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0213 |
Related clusters
To see the related clusters, click here.
Detection of Suspicious Scheduled Task Creation and Execution on Windows - DET0441
Internal MISP references
UUID c7bdd7d7-19dc-4042-8565-5e0cf4656102 which can be used as unique global reference for Detection of Suspicious Scheduled Task Creation and Execution on Windows - DET0441 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0441 |
Related clusters
To see the related clusters, click here.
Windows COM Hijacking Detection via Registry and DLL Load Correlation - DET0481
Internal MISP references
UUID 78340b60-535e-4f2e-a376-c6fcc53a3c4a which can be used as unique global reference for Windows COM Hijacking Detection via Registry and DLL Load Correlation - DET0481 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0481 |
Related clusters
To see the related clusters, click here.
Detect Persistence via Office Template Macro Injection or Registry Hijack - DET0519
Internal MISP references
UUID e04f7ddf-6a1e-4731-afd6-5edb74f4c624 which can be used as unique global reference for Detect Persistence via Office Template Macro Injection or Registry Hijack - DET0519 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0519 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Junk Code Obfuscation with Suspicious Execution Patterns - DET0322
Internal MISP references
UUID 206790b2-16bc-46db-a605-8bcff576c161 which can be used as unique global reference for Detection Strategy for Junk Code Obfuscation with Suspicious Execution Patterns - DET0322 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0322 |
Related clusters
To see the related clusters, click here.
Detect Modification of Network Device Authentication via Patched System Images - DET0272
Internal MISP references
UUID 8a9ce0df-e256-4739-8db5-3e850e102e48 which can be used as unique global reference for Detect Modification of Network Device Authentication via Patched System Images - DET0272 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0272 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Network Device Configuration Dump via Config Repositories - DET0233
Internal MISP references
UUID f3bc6ce9-29ad-4ad4-813c-1a4176b5c7a2 which can be used as unique global reference for Detection Strategy for Network Device Configuration Dump via Config Repositories - DET0233 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0233 |
Related clusters
To see the related clusters, click here.
Detection of Event Log Clearing on Windows via Behavioral Chain - DET0532
Internal MISP references
UUID d340864e-5685-48d5-8a78-3c55a7169207 which can be used as unique global reference for Detection of Event Log Clearing on Windows via Behavioral Chain - DET0532 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0532 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Boot or Logon Initialization Scripts: RC Scripts - DET0237
Internal MISP references
UUID be6a466c-40c6-4611-9b68-7cfcbcb35fb0 which can be used as unique global reference for Detection Strategy for Boot or Logon Initialization Scripts: RC Scripts - DET0237 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0237 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Data from Configuration Repository on Network Devices - DET0592
Internal MISP references
UUID ff993025-1f12-486f-936f-6cc563050278 which can be used as unique global reference for Detection Strategy for Data from Configuration Repository on Network Devices - DET0592 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0592 |
Related clusters
To see the related clusters, click here.
Detect Gatekeeper Bypass via Quarantine Flag and Trust Control Manipulation - DET0288
Internal MISP references
UUID 62d7a748-dee5-46c7-b61c-77f57f371b4f which can be used as unique global reference for Detect Gatekeeper Bypass via Quarantine Flag and Trust Control Manipulation - DET0288 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0288 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Modify Cloud Compute Infrastructure: Revert Cloud Instance - DET0337
Internal MISP references
UUID f5ee584b-bbbd-481a-af63-c49166b8b1a8 which can be used as unique global reference for Detection Strategy for Modify Cloud Compute Infrastructure: Revert Cloud Instance - DET0337 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0337 |
Related clusters
To see the related clusters, click here.
Detection of LSA Secrets Dumping via Registry and Memory Extraction - DET0437
Internal MISP references
UUID c29886a9-676a-441a-adcd-6f239f8eb6b0 which can be used as unique global reference for Detection of LSA Secrets Dumping via Registry and Memory Extraction - DET0437 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0437 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Masquerading via Legitimate Resource Name or Location - DET0347
Internal MISP references
UUID b667390b-a805-401d-9e02-929204825114 which can be used as unique global reference for Detection Strategy for Masquerading via Legitimate Resource Name or Location - DET0347 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0347 |
Related clusters
To see the related clusters, click here.
Web Shell Detection via Server Behavior and File Execution Chains - DET0394
Internal MISP references
UUID abb052c6-4edd-4592-9b9b-e53a55ac53b8 which can be used as unique global reference for Web Shell Detection via Server Behavior and File Execution Chains - DET0394 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0394 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Modify Cloud Compute Infrastructure: Create Cloud Instance - DET0449
Internal MISP references
UUID bd0b0c98-3c22-4bf8-830b-2640b39eacea which can be used as unique global reference for Detection Strategy for Modify Cloud Compute Infrastructure: Create Cloud Instance - DET0449 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0449 |
Related clusters
To see the related clusters, click here.
Detection of Trust Relationship Modifications in Domain or Tenant Policies - DET0458
Internal MISP references
UUID 9e93c9d8-3e37-45ae-88d5-12914d98ba5a which can be used as unique global reference for Detection of Trust Relationship Modifications in Domain or Tenant Policies - DET0458 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0458 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Event Triggered Execution via emond on macOS - DET0555
Internal MISP references
UUID f0ef3932-5f60-4dfc-9725-8639d67349cc which can be used as unique global reference for Detection Strategy for Event Triggered Execution via emond on macOS - DET0555 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0555 |
Related clusters
To see the related clusters, click here.
Detection of Mail Protocol-Based C2 Activity (SMTP, IMAP, POP3) - DET0135
Internal MISP references
UUID bcb3772f-25d7-4e41-8e37-ec0dc759f44d which can be used as unique global reference for Detection of Mail Protocol-Based C2 Activity (SMTP, IMAP, POP3) - DET0135 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0135 |
Related clusters
To see the related clusters, click here.
Port-knock → rule/daemon change → first successful connect (T1205.001) - DET0302
Internal MISP references
UUID 68b7c978-74e4-4f87-a953-2a4e752f56c2 which can be used as unique global reference for Port-knock → rule/daemon change → first successful connect (T1205.001) - DET0302 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0302 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1505.002 - Transport Agent Abuse (Windows/Linux) - DET0166
Internal MISP references
UUID 90ee8005-5476-422f-abe0-6c231f004cd6 which can be used as unique global reference for Detection Strategy for T1505.002 - Transport Agent Abuse (Windows/Linux) - DET0166 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0166 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1550.002 - Pass the Hash (Windows) - DET0409
Internal MISP references
UUID 5692084b-878d-44f7-8b38-a3d125894845 which can be used as unique global reference for Detection Strategy for T1550.002 - Pass the Hash (Windows) - DET0409 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0409 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1550.003 - Pass the Ticket (Windows) - DET0352
Internal MISP references
UUID 5f53739d-3a41-4f7e-a83d-219a0c64e7a1 which can be used as unique global reference for Detection Strategy for T1550.003 - Pass the Ticket (Windows) - DET0352 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0352 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection for T1134.002 Create Process with Token (Windows) - DET0456
Internal MISP references
UUID 78aa8d17-c96f-4ba9-b431-f91157f38553 which can be used as unique global reference for Behavior-chain detection for T1134.002 Create Process with Token (Windows) - DET0456 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0456 |
Related clusters
To see the related clusters, click here.
Compromised software/update chain (installer/write → first-run/child → egress/signature anomaly) - DET0309
Internal MISP references
UUID 77d3b532-9c4f-4f9f-9581-3009b201435d which can be used as unique global reference for Compromised software/update chain (installer/write → first-run/child → egress/signature anomaly) - DET0309 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0309 |
Related clusters
To see the related clusters, click here.
Suspicious Database Access and Dump Activity Across Environments (T1213.006) - DET0242
Internal MISP references
UUID 18fe3660-c079-4522-b1d7-7ce7f65f9686 which can be used as unique global reference for Suspicious Database Access and Dump Activity Across Environments (T1213.006) - DET0242 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0242 |
Related clusters
To see the related clusters, click here.
Behavior‑chain detection for T1134.003 Make and Impersonate Token (Windows) - DET0498
Internal MISP references
UUID d9cf8032-7b53-4251-8519-a7ccbf6a027a which can be used as unique global reference for Behavior‑chain detection for T1134.003 Make and Impersonate Token (Windows) - DET0498 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0498 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Temporary Elevated Cloud Access Abuse (T1548.005) - DET0393
Internal MISP references
UUID 210a0dee-7c4b-4948-80ed-67c3e04886c2 which can be used as unique global reference for Detection Strategy for Temporary Elevated Cloud Access Abuse (T1548.005) - DET0393 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0393 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Event Triggered Execution via Trap (T1546.005) - DET0369
Internal MISP references
UUID 07fb6847-efcb-426e-9344-bfc9dfcdebd4 which can be used as unique global reference for Detection Strategy for Event Triggered Execution via Trap (T1546.005) - DET0369 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0369 |
Related clusters
To see the related clusters, click here.
Detecting MMC (.msc) Proxy Execution and Malicious COM Activation - DET0222
Internal MISP references
UUID f4560945-d62f-48b6-ae94-dcd93c471c45 which can be used as unique global reference for Detecting MMC (.msc) Proxy Execution and Malicious COM Activation - DET0222 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0222 |
Related clusters
To see the related clusters, click here.
Behavioral Detection Strategy for Use Alternate Authentication Material (T1550) - DET0338
Internal MISP references
UUID 2b666abc-e642-4f40-abec-36bd48f1f15c which can be used as unique global reference for Behavioral Detection Strategy for Use Alternate Authentication Material (T1550) - DET0338 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0338 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Launch Daemon Creation or Modification (macOS) - DET0401
Internal MISP references
UUID dcbcea6d-e822-4fe3-b9df-86d4d9cd5667 which can be used as unique global reference for Detection Strategy for Launch Daemon Creation or Modification (macOS) - DET0401 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0401 |
Related clusters
To see the related clusters, click here.
Detection Strategy for SNMP (MIB Dump) on Network Devices - DET0453
Internal MISP references
UUID 2dc6a789-2dd7-4d64-be82-73db6fc3fb70 which can be used as unique global reference for Detection Strategy for SNMP (MIB Dump) on Network Devices - DET0453 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0453 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Event Triggered Execution: AppInit DLLs (Windows) - DET0557
Internal MISP references
UUID 6f59bdfc-8352-4e6f-bef1-cc59b4e9b04d which can be used as unique global reference for Detection Strategy for Event Triggered Execution: AppInit DLLs (Windows) - DET0557 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0557 |
Related clusters
To see the related clusters, click here.
Virtualization/Sandbox Evasion via System Checks across Windows, Linux, macOS - DET0168
Internal MISP references
UUID 5b998fb4-fb3f-4207-ae00-cdf0e1a22b76 which can be used as unique global reference for Virtualization/Sandbox Evasion via System Checks across Windows, Linux, macOS - DET0168 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0168 |
Related clusters
To see the related clusters, click here.
IDE Tunneling Detection via Process, File, and Network Behaviors - DET0133
Internal MISP references
UUID 3efcd3e4-9238-4686-990b-27ac110dccfd which can be used as unique global reference for IDE Tunneling Detection via Process, File, and Network Behaviors - DET0133 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0133 |
Related clusters
To see the related clusters, click here.
Cloud Account Enumeration via API, CLI, and Scripting Interfaces - DET0386
Internal MISP references
UUID 880c0a88-bbd5-4d71-b8bd-72fbab7d58b2 which can be used as unique global reference for Cloud Account Enumeration via API, CLI, and Scripting Interfaces - DET0386 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0386 |
Related clusters
To see the related clusters, click here.
Detect ARP Cache Poisoning Across Linux, Windows, and macOS - DET0387
Internal MISP references
UUID 99758bfb-f638-43aa-a233-d27646452116 which can be used as unique global reference for Detect ARP Cache Poisoning Across Linux, Windows, and macOS - DET0387 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0387 |
Related clusters
To see the related clusters, click here.
Behavior-chain, platform-aware detection strategy for T1124 System Time Discovery - DET0151
Internal MISP references
UUID 98ae5e06-7ea5-49b9-b793-7f97b1d306b2 which can be used as unique global reference for Behavior-chain, platform-aware detection strategy for T1124 System Time Discovery - DET0151 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0151 |
Related clusters
To see the related clusters, click here.
Right-to-Left Override Masquerading Detection via Filename and Execution Context - DET0527
Internal MISP references
UUID c3c32822-80b2-4399-8e82-15cefaa80333 which can be used as unique global reference for Right-to-Left Override Masquerading Detection via Filename and Execution Context - DET0527 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0527 |
Related clusters
To see the related clusters, click here.
T1136.002 Detection Strategy - Domain Account Creation Across Platforms - DET0003
Internal MISP references
UUID aae40136-73f7-45e8-a37f-104ae7155bbe which can be used as unique global reference for T1136.002 Detection Strategy - Domain Account Creation Across Platforms - DET0003 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0003 |
Related clusters
To see the related clusters, click here.
T1136.001 Detection Strategy - Local Account Creation Across Platforms - DET0447
Internal MISP references
UUID 2250ba04-1b95-4c72-9373-d87e8c1d7869 which can be used as unique global reference for T1136.001 Detection Strategy - Local Account Creation Across Platforms - DET0447 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0447 |
Related clusters
To see the related clusters, click here.
Linux Detection Strategy for T1547.013 - XDG Autostart Entries - DET0390
Internal MISP references
UUID c265ea42-9c5a-41f0-9627-d7ac0063ec98 which can be used as unique global reference for Linux Detection Strategy for T1547.013 - XDG Autostart Entries - DET0390 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0390 |
Related clusters
To see the related clusters, click here.
Cross-Platform Detection of Scheduled Task/Job Abuse via at Utility - DET0333
Internal MISP references
UUID ca20fecb-6b8e-49ae-9ecf-19f4edd812ad which can be used as unique global reference for Cross-Platform Detection of Scheduled Task/Job Abuse viaatUtility - DET0333 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0333 |
Related clusters
To see the related clusters, click here.
Detect Shell Configuration Modification for Persistence via Event-Triggered Execution - DET0020
Internal MISP references
UUID f09870f8-77d4-4b58-8bda-2b3f2e29c897 which can be used as unique global reference for Detect Shell Configuration Modification for Persistence via Event-Triggered Execution - DET0020 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0020 |
Related clusters
To see the related clusters, click here.
Behavior-chain detection for T1134 Access Token Manipulation on Windows - DET0283
Internal MISP references
UUID 774bbba8-45c2-403d-a445-3a64b3679faf which can be used as unique global reference for Behavior-chain detection for T1134 Access Token Manipulation on Windows - DET0283 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0283 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1528 - Steal Application Access Token - DET0515
Internal MISP references
UUID 58bdb4c6-510b-4ffc-9703-852614116ac8 which can be used as unique global reference for Detection Strategy for T1528 - Steal Application Access Token - DET0515 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0515 |
Related clusters
To see the related clusters, click here.
Detection of Direct VM Console Access via Cloud-Native Methods - DET0211
Internal MISP references
UUID f40c0c98-76fe-4e2a-970a-0491f52a9a47 which can be used as unique global reference for Detection of Direct VM Console Access via Cloud-Native Methods - DET0211 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0211 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1136 - Create Account across platforms - DET0583
Internal MISP references
UUID 552bacaa-9df5-4c95-83de-a7d1948003b5 which can be used as unique global reference for Detection Strategy for T1136 - Create Account across platforms - DET0583 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0583 |
Related clusters
To see the related clusters, click here.
Exploitation of Remote Services – multi-platform lateral movement detection - DET0118
Internal MISP references
UUID ee73dd97-cf1a-4220-a7cf-52d864811bb4 which can be used as unique global reference for Exploitation of Remote Services – multi-platform lateral movement detection - DET0118 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0118 |
Related clusters
To see the related clusters, click here.
Cross-Platform Behavioral Detection of File Timestomping via Metadata Tampering - DET0591
Internal MISP references
UUID f9d25557-f87b-4920-a98b-8a3c9df4bfce which can be used as unique global reference for Cross-Platform Behavioral Detection of File Timestomping via Metadata Tampering - DET0591 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0591 |
Related clusters
To see the related clusters, click here.
Masquerading via Space After Filename - Behavioral Detection Strategy - DET0292
Internal MISP references
UUID 16462629-5b36-4bb6-a565-de4df01f75d4 which can be used as unique global reference for Masquerading via Space After Filename - Behavioral Detection Strategy - DET0292 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0292 |
Related clusters
To see the related clusters, click here.
Detect Evil Twin Wi-Fi Access Points on Network Devices - DET0379
Internal MISP references
UUID b376d299-69ef-444a-8ba1-15a6c7049605 which can be used as unique global reference for Detect Evil Twin Wi-Fi Access Points on Network Devices - DET0379 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0379 |
Related clusters
To see the related clusters, click here.
Detection of Script-Based Proxy Execution via Signed Microsoft Utilities - DET0466
Internal MISP references
UUID 8ac2b0d0-a589-4c72-9287-a7d9e47065a9 which can be used as unique global reference for Detection of Script-Based Proxy Execution via Signed Microsoft Utilities - DET0466 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0466 |
Related clusters
To see the related clusters, click here.
Email Collection via Local Email Access and Auto-Forwarding Behavior - DET0476
Internal MISP references
UUID 2470975e-6748-42a5-9a48-74dc7b687fe9 which can be used as unique global reference for Email Collection via Local Email Access and Auto-Forwarding Behavior - DET0476 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0476 |
Related clusters
To see the related clusters, click here.
Detection Strategy for SQL Stored Procedures Abuse via T1505.001 - DET0181
Internal MISP references
UUID 101bde37-6150-45c6-bf88-3a8cda39b2f0 which can be used as unique global reference for Detection Strategy for SQL Stored Procedures Abuse via T1505.001 - DET0181 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0181 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1547.015 – Login Items on macOS - DET0121
Internal MISP references
UUID f3cd8bda-d509-4452-a119-3feebb8f05b6 which can be used as unique global reference for Detection Strategy for T1547.015 – Login Items on macOS - DET0121 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0121 |
Related clusters
To see the related clusters, click here.
Detection Strategy for PowerShell Profile Persistence via profile.ps1 Modification - DET0451
Internal MISP references
UUID f31ad178-1f54-41a6-b286-8040e7eb7158 which can be used as unique global reference for Detection Strategy for PowerShell Profile Persistence via profile.ps1 Modification - DET0451 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0451 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow across OS platforms. - DET0218
Internal MISP references
UUID 07669925-383b-455b-a3e2-3a79e18eed27 which can be used as unique global reference for Detection Strategy for Hijack Execution Flow across OS platforms. - DET0218 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0218 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Stored Data Manipulation across OS Platforms. - DET0193
Internal MISP references
UUID e3776b4e-00b0-44cd-9e77-5df960a979d7 which can be used as unique global reference for Detection Strategy for Stored Data Manipulation across OS Platforms. - DET0193 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0193 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Dynamic Resolution using Domain Generation Algorithms. - DET0419
Internal MISP references
UUID 263a0357-5f6d-4066-bfda-afeb883e51d7 which can be used as unique global reference for Detection Strategy for Dynamic Resolution using Domain Generation Algorithms. - DET0419 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0419 |
Related clusters
To see the related clusters, click here.
Detection of Suspicious Compiled HTML File Execution via hh.exe - DET0342
Internal MISP references
UUID fafb9522-c185-48e0-b0a5-e65887f5deb4 which can be used as unique global reference for Detection of Suspicious Compiled HTML File Execution via hh.exe - DET0342 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0342 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Disk Structure Wipe via Boot/Partition Overwrite - DET0297
Internal MISP references
UUID 1dd8a02b-b447-48ed-a146-ad955c9b2dc1 which can be used as unique global reference for Detection Strategy for Disk Structure Wipe via Boot/Partition Overwrite - DET0297 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0297 |
Related clusters
To see the related clusters, click here.
Indirect Command Execution – Windows utility abuse behavior chain - DET0200
Internal MISP references
UUID f3cc2f0f-c657-4453-90a8-d7c9a59d6e37 which can be used as unique global reference for Indirect Command Execution – Windows utility abuse behavior chain - DET0200 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0200 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of DNS Tunneling and Application Layer Abuse - DET0400
Internal MISP references
UUID c2721658-fa76-4b6f-9f84-50618de81ae0 which can be used as unique global reference for Behavioral Detection of DNS Tunneling and Application Layer Abuse - DET0400 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0400 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Remote Cloud Logins via Valid Accounts - DET0008
Internal MISP references
UUID f6e514c0-120a-4ab1-ae3d-aa2de14e4324 which can be used as unique global reference for Behavioral Detection of Remote Cloud Logins via Valid Accounts - DET0008 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0008 |
Related clusters
To see the related clusters, click here.
Detecting Junk Data in C2 Channels via Behavioral Analysis - DET0011
Internal MISP references
UUID bb40d0a9-b35b-4adc-8a69-a3002d53f5f7 which can be used as unique global reference for Detecting Junk Data in C2 Channels via Behavioral Analysis - DET0011 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0011 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of PE Injection via Remote Memory Mapping - DET0106
Internal MISP references
UUID 65c18137-cad3-4fd3-8b24-22a61850c8a1 which can be used as unique global reference for Behavioral Detection of PE Injection via Remote Memory Mapping - DET0106 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0106 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Modify System Image on Network Devices - DET0170
Internal MISP references
UUID 536eed5d-a4b6-4377-a936-90283bb1b25c which can be used as unique global reference for Detection Strategy for Modify System Image on Network Devices - DET0170 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0170 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Disable or Modify Linux Audit System - DET0062
Internal MISP references
UUID 1d769567-7e82-47f4-8dc8-5a503f524134 which can be used as unique global reference for Detection Strategy for Disable or Modify Linux Audit System - DET0062 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0062 |
Related clusters
To see the related clusters, click here.
Endpoint Resource Saturation and Crash Pattern Detection Across Platforms - DET0208
Internal MISP references
UUID 253b632e-c4cb-4207-9b6a-58a35a07d2ea which can be used as unique global reference for Endpoint Resource Saturation and Crash Pattern Detection Across Platforms - DET0208 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0208 |
Related clusters
To see the related clusters, click here.
Suspicious Device Registration via Entra ID or MFA Platform - DET0036
Internal MISP references
UUID bbeacdc8-c14c-44f1-9ace-fc8282a05c67 which can be used as unique global reference for Suspicious Device Registration via Entra ID or MFA Platform - DET0036 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0036 |
Related clusters
To see the related clusters, click here.
Recursive Enumeration of Files and Directories Across Privilege Contexts - DET0370
Internal MISP references
UUID 33ab9d0c-5671-48e6-8465-f80560909c65 which can be used as unique global reference for Recursive Enumeration of Files and Directories Across Privilege Contexts - DET0370 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0370 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Kernel Modules and Extensions Autostart Execution - DET0450
Internal MISP references
UUID df1da8e4-cabf-42f0-8f5f-2fa8086b1423 which can be used as unique global reference for Detection Strategy for Kernel Modules and Extensions Autostart Execution - DET0450 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0450 |
Related clusters
To see the related clusters, click here.
Credential Stuffing Detection via Reused Breached Credentials Across Services - DET0460
Internal MISP references
UUID 630ea167-088b-4958-ac19-0fc59310e262 which can be used as unique global reference for Credential Stuffing Detection via Reused Breached Credentials Across Services - DET0460 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0460 |
Related clusters
To see the related clusters, click here.
Detect Use of Stolen Web Session Cookies Across Platforms - DET0074
Internal MISP references
UUID 8d30c115-84f7-4fcc-ba22-96cb092d8114 which can be used as unique global reference for Detect Use of Stolen Web Session Cookies Across Platforms - DET0074 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0074 |
Related clusters
To see the related clusters, click here.
Detecting Suspicious Access to CRM Data in SaaS Environments - DET0550
Internal MISP references
UUID 34fb7d2b-f5be-45a2-9cdc-811ae843e379 which can be used as unique global reference for Detecting Suspicious Access to CRM Data in SaaS Environments - DET0550 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0550 |
Related clusters
To see the related clusters, click here.
Detect Suspicious Access to securityd Memory for Credential Extraction - DET0057
Internal MISP references
UUID f07cfa67-8a83-4a62-ae18-bee29bfc7569 which can be used as unique global reference for Detect Suspicious Access to securityd Memory for Credential Extraction - DET0057 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0057 |
Related clusters
To see the related clusters, click here.
Detection of Application Window Enumeration via API or Scripting - DET0097
Internal MISP references
UUID d2daf569-4fc9-46a3-97b7-4d3d76c04a64 which can be used as unique global reference for Detection of Application Window Enumeration via API or Scripting - DET0097 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0097 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Local Group Enumeration Across OS Platforms - DET0114
Internal MISP references
UUID de120f6a-c19b-4346-b62f-c8cd95fcb291 which can be used as unique global reference for Behavioral Detection of Local Group Enumeration Across OS Platforms - DET0114 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0114 |
Related clusters
To see the related clusters, click here.
Detection of Data Access and Collection from Removable Media - DET0511
Internal MISP references
UUID a5800f15-f024-4701-912a-20d7e1cb465a which can be used as unique global reference for Detection of Data Access and Collection from Removable Media - DET0511 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0511 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Systemd Timer Abuse for Scheduled Execution - DET0231
Internal MISP references
UUID 7578b2e3-2b9c-491d-9157-699a4bd6a136 which can be used as unique global reference for Behavioral Detection of Systemd Timer Abuse for Scheduled Execution - DET0231 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0231 |
Related clusters
To see the related clusters, click here.
Detect Access or Search for Unsecured Credentials Across Platforms - DET0412
Internal MISP references
UUID d1912fbc-aaac-4bb1-82f1-0713280ca9a1 which can be used as unique global reference for Detect Access or Search for Unsecured Credentials Across Platforms - DET0412 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0412 |
Related clusters
To see the related clusters, click here.
Detection Strategy for SSH Key Injection in Authorized Keys - DET0126
Internal MISP references
UUID cf33849d-67f4-418e-9a41-6a6c082e576a which can be used as unique global reference for Detection Strategy for SSH Key Injection in Authorized Keys - DET0126 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0126 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Endpoint DoS via Service Exhaustion Flood - DET0173
Internal MISP references
UUID 1a45b10a-c410-4212-8018-7c00bb292dab which can be used as unique global reference for Detection Strategy for Endpoint DoS via Service Exhaustion Flood - DET0173 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0173 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Lateral Tool Transfer across OS platforms - DET0183
Internal MISP references
UUID 156ddd81-b3ae-4a79-8c4e-7a75b6fd994c which can be used as unique global reference for Detection Strategy for Lateral Tool Transfer across OS platforms - DET0183 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0183 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Cloud Service Hijacking via SaaS Abuse - DET0147
Internal MISP references
UUID e769419e-39f6-478d-97b8-cf0672fa635b which can be used as unique global reference for Detection Strategy for Cloud Service Hijacking via SaaS Abuse - DET0147 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0147 |
Related clusters
To see the related clusters, click here.
Peripheral Device Enumeration via System Utilities and API Calls - DET0491
Internal MISP references
UUID f273ee4a-e468-4a01-bb1a-f3a687518ded which can be used as unique global reference for Peripheral Device Enumeration via System Utilities and API Calls - DET0491 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0491 |
Related clusters
To see the related clusters, click here.
Detection of System Process Creation or Modification Across Platforms - DET0571
Internal MISP references
UUID dab6c58b-2f44-4539-93e1-b03990fc1649 which can be used as unique global reference for Detection of System Process Creation or Modification Across Platforms - DET0571 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0571 |
Related clusters
To see the related clusters, click here.
Firmware Modification via Flash Tool or Corrupted Firmware Upload - DET0167
Internal MISP references
UUID ab9027fb-3499-474b-845c-50ee113c3be5 which can be used as unique global reference for Firmware Modification via Flash Tool or Corrupted Firmware Upload - DET0167 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0167 |
Related clusters
To see the related clusters, click here.
Local Storage Discovery via Drive Enumeration and Filesystem Probing - DET0188
Internal MISP references
UUID 8c3d7757-f3ab-4c1d-95e1-f712cdecd5a3 which can be used as unique global reference for Local Storage Discovery via Drive Enumeration and Filesystem Probing - DET0188 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0188 |
Related clusters
To see the related clusters, click here.
Enumeration of Global Address Lists via Email Account Discovery - DET0229
Internal MISP references
UUID e2f961bd-ddc5-4940-bc62-e2b0bd3405f8 which can be used as unique global reference for Enumeration of Global Address Lists via Email Account Discovery - DET0229 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0229 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Modify Cloud Compute Infrastructure: Create Snapshot - DET0423
Internal MISP references
UUID 160f132d-626e-412a-ae16-df265670c196 which can be used as unique global reference for Detection Strategy for Modify Cloud Compute Infrastructure: Create Snapshot - DET0423 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0423 |
Related clusters
To see the related clusters, click here.
Credential Dumping via Sensitive Memory and Registry Access Correlation - DET0234
Internal MISP references
UUID 8b8cfd0f-bbe2-417b-b1d2-eebf84d3f008 which can be used as unique global reference for Credential Dumping via Sensitive Memory and Registry Access Correlation - DET0234 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0234 |
Related clusters
To see the related clusters, click here.
External Proxy Behavior via Outbound Relay to Intermediate Infrastructure - DET0325
Internal MISP references
UUID bfb5cb12-7025-44c3-9a2d-79cfe42ecf54 which can be used as unique global reference for External Proxy Behavior via Outbound Relay to Intermediate Infrastructure - DET0325 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0325 |
Related clusters
To see the related clusters, click here.
Detection of Systemd Service Creation or Modification on Linux - DET0253
Internal MISP references
UUID 3c335443-c161-4149-9c85-d7a014550099 which can be used as unique global reference for Detection of Systemd Service Creation or Modification on Linux - DET0253 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0253 |
Related clusters
To see the related clusters, click here.
Detection Strategy for AppCert DLLs Persistence via Registry Injection - DET0362
Internal MISP references
UUID 3de93376-739e-4842-875d-d6e9948db8d4 which can be used as unique global reference for Detection Strategy for AppCert DLLs Persistence via Registry Injection - DET0362 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0362 |
Related clusters
To see the related clusters, click here.
Defacement via File and Web Content Modification Across Platforms - DET0238
Internal MISP references
UUID 2d5f2445-a395-4012-b378-c953f2df7353 which can be used as unique global reference for Defacement via File and Web Content Modification Across Platforms - DET0238 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0238 |
Related clusters
To see the related clusters, click here.
Registry and LSASS Monitoring for Security Support Provider Abuse - DET0542
Internal MISP references
UUID 6b47bf45-a3f2-4d4b-884a-3cec3ef3f994 which can be used as unique global reference for Registry and LSASS Monitoring for Security Support Provider Abuse - DET0542 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0542 |
Related clusters
To see the related clusters, click here.
Detection of Direct Volume Access for File System Evasion - DET0426
Internal MISP references
UUID ee674b38-f59a-4f21-860a-19d065e13aaf which can be used as unique global reference for Detection of Direct Volume Access for File System Evasion - DET0426 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0426 |
Related clusters
To see the related clusters, click here.
Detect Adversary Deobfuscation or Decoding of Files and Payloads - DET0275
Internal MISP references
UUID 5b3bf2de-d91e-4272-97a8-5df6f4071e45 which can be used as unique global reference for Detect Adversary Deobfuscation or Decoding of Files and Payloads - DET0275 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0275 |
Related clusters
To see the related clusters, click here.
Detection of Launch Agent Creation or Modification on macOS - DET0434
Internal MISP references
UUID 4dbd7441-627f-4d5a-a060-28fe6a8cbb9e which can be used as unique global reference for Detection of Launch Agent Creation or Modification on macOS - DET0434 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0434 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow: Dynamic Linker Hijacking - DET0435
Internal MISP references
UUID da2107bd-4733-4d0b-a35c-33f7883e9ae9 which can be used as unique global reference for Detection Strategy for Hijack Execution Flow: Dynamic Linker Hijacking - DET0435 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0435 |
Related clusters
To see the related clusters, click here.
Behavioral Detection Strategy for WMI Execution Abuse on Windows - DET0364
Internal MISP references
UUID 8374a5e5-6d9f-4896-9546-a4d998188ac5 which can be used as unique global reference for Behavioral Detection Strategy for WMI Execution Abuse on Windows - DET0364 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0364 |
Related clusters
To see the related clusters, click here.
Detection of System Service Discovery Commands Across OS Platforms - DET0483
Internal MISP references
UUID d8e8768e-34c1-45f4-95d2-fa7ba317b63a which can be used as unique global reference for Detection of System Service Discovery Commands Across OS Platforms - DET0483 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0483 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Obfuscated Files or Information: Binary Padding - DET0553
Internal MISP references
UUID 9c2a1b83-eec8-4d0c-a0b5-e5b561dbd68f which can be used as unique global reference for Detection Strategy for Obfuscated Files or Information: Binary Padding - DET0553 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0553 |
Related clusters
To see the related clusters, click here.
Behavioral Detection Strategy for Network Service Discovery Across Platforms - DET0376
Internal MISP references
UUID 82e20b1f-300e-43cc-9259-1d506ef5d1f8 which can be used as unique global reference for Behavioral Detection Strategy for Network Service Discovery Across Platforms - DET0376 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0376 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Scheduled Transfer and Recurrent Exfiltration Patterns - DET0399
Internal MISP references
UUID 3ec6ad13-f3d6-4eb2-91fe-6ee5266d1447 which can be used as unique global reference for Detection Strategy for Scheduled Transfer and Recurrent Exfiltration Patterns - DET0399 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0399 |
Related clusters
To see the related clusters, click here.
Detection of Command and Control Over Application Layer Protocols - DET0444
Internal MISP references
UUID 155cab5b-c70b-4cfb-ba52-f62a21836b19 which can be used as unique global reference for Detection of Command and Control Over Application Layer Protocols - DET0444 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0444 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Dynamic Resolution using Fast Flux DNS - DET0485
Internal MISP references
UUID 4556646a-39df-48bf-9df3-623d4da7a859 which can be used as unique global reference for Detection Strategy for Dynamic Resolution using Fast Flux DNS - DET0485 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0485 |
Related clusters
To see the related clusters, click here.
Detection of Unauthorized DCSync Operations via Replication API Abuse - DET0594
Internal MISP references
UUID 3796aa06-65fe-4b9d-9d31-e6491b722632 which can be used as unique global reference for Detection of Unauthorized DCSync Operations via Replication API Abuse - DET0594 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0594 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Patch System Image on Network Devices - DET0469
Internal MISP references
UUID ca16d7e8-77f3-4d0c-88a3-31696224ed67 which can be used as unique global reference for Detection Strategy for Patch System Image on Network Devices - DET0469 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0469 |
Related clusters
To see the related clusters, click here.
Distributed Password Spraying via Authentication Failures Across Multiple Accounts - DET0487
Internal MISP references
UUID 84dfca59-e541-48a8-bb95-d7581a8f48d2 which can be used as unique global reference for Distributed Password Spraying via Authentication Failures Across Multiple Accounts - DET0487 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0487 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Downgrade System Image on Network Devices - DET0569
Internal MISP references
UUID 524a2282-e312-4707-82d1-2c34f015c85c which can be used as unique global reference for Detection Strategy for Downgrade System Image on Network Devices - DET0569 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0569 |
Related clusters
To see the related clusters, click here.
Detect Code Signing Policy Modification (Windows & macOS) - DET0523
Internal MISP references
UUID eec6a137-c506-4654-8780-8e3028f3fd28 which can be used as unique global reference for Detect Code Signing Policy Modification (Windows & macOS) - DET0523 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0523 |
Related clusters
To see the related clusters, click here.
Drive-by Compromise — Behavior-based, Multi-platform Detection Strategy (T1189) - DET0176
Internal MISP references
UUID a070f9d2-3480-4362-99b3-8b36f5be0189 which can be used as unique global reference for Drive-by Compromise — Behavior-based, Multi-platform Detection Strategy (T1189) - DET0176 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0176 |
Related clusters
To see the related clusters, click here.
Detect Remote Access via USB Hardware (TinyPilot, PiKVM) - DET0159
Internal MISP references
UUID 4a11abbc-9637-4d2e-a8ac-39fef2c0256d which can be used as unique global reference for Detect Remote Access via USB Hardware (TinyPilot, PiKVM) - DET0159 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0159 |
Related clusters
To see the related clusters, click here.
User-Initiated Malicious Library Installation via Package Manager (T1204.005) - DET0252
Internal MISP references
UUID 09caebdc-2ce4-4698-a40c-d91cb65f9720 which can be used as unique global reference for User-Initiated Malicious Library Installation via Package Manager (T1204.005) - DET0252 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0252 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1546.017 - Udev Rules (Linux) - DET0375
Internal MISP references
UUID 408fb023-a9d7-473c-8db8-a7d3c66eded7 which can be used as unique global reference for Detection Strategy for T1546.017 - Udev Rules (Linux) - DET0375 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0375 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Multi-Factor Authentication Request Generation (T1621) - DET0160
Internal MISP references
UUID 5dab1bc7-89e2-4fe4-ae30-40b550d0daf4 which can be used as unique global reference for Detection Strategy for Multi-Factor Authentication Request Generation (T1621) - DET0160 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0160 |
Related clusters
To see the related clusters, click here.
Container CLI and API Abuse via Docker/Kubernetes (T1059.013) - DET0083
Internal MISP references
UUID 26580351-9bc3-4e03-b5ad-139d38303707 which can be used as unique global reference for Container CLI and API Abuse via Docker/Kubernetes (T1059.013) - DET0083 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0083 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1547.009 – Shortcut Modification (Windows) - DET0180
Internal MISP references
UUID 300931b1-bd28-4e91-ba6e-585f3563e8e4 which can be used as unique global reference for Detection Strategy for T1547.009 – Shortcut Modification (Windows) - DET0180 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0180 |
Related clusters
To see the related clusters, click here.
Detect Kerberos Ccache File Theft or Abuse (T1558.005) - DET0024
Internal MISP references
UUID 5c4334d0-cda0-4372-8572-fe2a109d39cb which can be used as unique global reference for Detect Kerberos Ccache File Theft or Abuse (T1558.005) - DET0024 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0024 |
Related clusters
To see the related clusters, click here.
Detection Strategy for NTFS File Attribute Abuse (ADS/EAs) - DET0432
Internal MISP references
UUID 08f7fa2b-13f3-4348-83b8-023c2a68493f which can be used as unique global reference for Detection Strategy for NTFS File Attribute Abuse (ADS/EAs) - DET0432 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0432 |
Related clusters
To see the related clusters, click here.
Detect Access to Cloud Instance Metadata API (IaaS) - DET0001
Internal MISP references
UUID 6182825d-f41f-4d87-ac93-937f7894ab1d which can be used as unique global reference for Detect Access to Cloud Instance Metadata API (IaaS) - DET0001 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0001 |
Related clusters
To see the related clusters, click here.
Detect Archiving and Encryption of Collected Data (T1560) - DET0526
Internal MISP references
UUID 043bc738-1f07-4d28-9f5c-1b1f81525e7c which can be used as unique global reference for Detect Archiving and Encryption of Collected Data (T1560) - DET0526 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0526 |
Related clusters
To see the related clusters, click here.
Detect persistence via reopened application plist modification (macOS) - DET0125
Internal MISP references
UUID 5ac0e527-2ebd-44a1-8d87-4de8463b761c which can be used as unique global reference for Detect persistence via reopened application plist modification (macOS) - DET0125 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0125 |
Related clusters
To see the related clusters, click here.
Detect Domain Controller Authentication Process Modification (Skeleton Key) - DET0271
Internal MISP references
UUID 3ac249d7-5e15-47b4-a507-18d94b11de4d which can be used as unique global reference for Detect Domain Controller Authentication Process Modification (Skeleton Key) - DET0271 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0271 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Abuse Elevation Control Mechanism (T1548) - DET0345
Internal MISP references
UUID 9646aa18-4ebf-43c8-bf4c-670063bc5ef8 which can be used as unique global reference for Detection Strategy for Abuse Elevation Control Mechanism (T1548) - DET0345 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0345 |
Related clusters
To see the related clusters, click here.
Detect Malicious Modification of Pluggable Authentication Modules (PAM) - DET0454
Internal MISP references
UUID 9af47d08-fbb3-4122-8af4-74105cc23b62 which can be used as unique global reference for Detect Malicious Modification of Pluggable Authentication Modules (PAM) - DET0454 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0454 |
Related clusters
To see the related clusters, click here.
Detect DHCP Spoofing Across Linux, Windows, and macOS - DET0468
Internal MISP references
UUID 9f227978-8d56-406f-9d50-ef10aae1bf77 which can be used as unique global reference for Detect DHCP Spoofing Across Linux, Windows, and macOS - DET0468 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0468 |
Related clusters
To see the related clusters, click here.
Behavior-chain, platform-aware detection strategy for T1129 Shared Modules - DET0018
Internal MISP references
UUID 928a6ce6-fca0-4d66-aba3-1121431b953e which can be used as unique global reference for Behavior-chain, platform-aware detection strategy for T1129 Shared Modules - DET0018 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0018 |
Related clusters
To see the related clusters, click here.
Behavior-chain, platform-aware detection strategy for T1125 Video Capture - DET0197
Internal MISP references
UUID e9ee6ab5-333b-4cea-8637-23360d904472 which can be used as unique global reference for Behavior-chain, platform-aware detection strategy for T1125 Video Capture - DET0197 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0197 |
Related clusters
To see the related clusters, click here.
Internal Proxy Behavior via Lateral Host-to-Host C2 Relay - DET0075
Internal MISP references
UUID 28630b41-d28f-4414-afc8-23cc9ce8696c which can be used as unique global reference for Internal Proxy Behavior via Lateral Host-to-Host C2 Relay - DET0075 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0075 |
Related clusters
To see the related clusters, click here.
Multi-Platform Detection Strategy for T1678 - Delay Execution - DET0372
Internal MISP references
UUID e98d37af-727b-44a7-a72b-cdcf8a481a12 which can be used as unique global reference for Multi-Platform Detection Strategy for T1678 - Delay Execution - DET0372 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0372 |
Related clusters
To see the related clusters, click here.
Multi-Event Behavioral Detection for DCOM-Based Remote Code Execution - DET0285
Internal MISP references
UUID dbaaa57a-ef28-44c0-bc56-25bc20dc8f28 which can be used as unique global reference for Multi-Event Behavioral Detection for DCOM-Based Remote Code Execution - DET0285 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0285 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1505.004 - Malicious IIS Components - DET0068
Internal MISP references
UUID 32af4177-8c33-43d8-8e2c-9e11ac6dd451 which can be used as unique global reference for Detection Strategy for T1505.004 - Malicious IIS Components - DET0068 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0068 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1542.001 Pre-OS Boot: System Firmware - DET0099
Internal MISP references
UUID e90ab093-47a3-4c05-80b1-1919d2362ea9 which can be used as unique global reference for Detection Strategy for T1542.001 Pre-OS Boot: System Firmware - DET0099 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0099 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1542.002 Pre-OS Boot: Component Firmware - DET0323
Internal MISP references
UUID a53d62ae-b269-45e8-9937-17def4e28663 which can be used as unique global reference for Detection Strategy for T1542.002 Pre-OS Boot: Component Firmware - DET0323 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0323 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1542.005 Pre-OS Boot: TFTP Boot - DET0582
Internal MISP references
UUID 8f6ddd50-aeb8-48ae-8f4a-83b314829ca3 which can be used as unique global reference for Detection Strategy for T1542.005 Pre-OS Boot: TFTP Boot - DET0582 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0582 |
Related clusters
To see the related clusters, click here.
Detect LLMNR/NBT-NS Poisoning and SMB Relay on Windows - DET0462
Internal MISP references
UUID 2db51eaa-3407-4ad0-a45e-86ebf5f2abac which can be used as unique global reference for Detect LLMNR/NBT-NS Poisoning and SMB Relay on Windows - DET0462 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0462 |
Related clusters
To see the related clusters, click here.
Behavioral Detection for T1490 - Inhibit System Recovery - DET0329
Internal MISP references
UUID b13116ed-e9c0-4cd5-81f6-676074078477 which can be used as unique global reference for Behavioral Detection for T1490 - Inhibit System Recovery - DET0329 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0329 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1505 - Server Software Component - DET0547
Internal MISP references
UUID 27b606f9-dde4-456c-8d90-51289313994f which can be used as unique global reference for Detection Strategy for T1505 - Server Software Component - DET0547 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0547 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Ptrace-Based Process Injection on Linux - DET0203
Internal MISP references
UUID c2768ab6-522f-4b88-b3f7-a30230208ceb which can be used as unique global reference for Detection Strategy for Ptrace-Based Process Injection on Linux - DET0203 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0203 |
Related clusters
To see the related clusters, click here.
Multi-Event Detection for SMB Admin Share Lateral Movement - DET0530
Internal MISP references
UUID 04cbfa17-64a5-454d-8734-cead02ba5c43 which can be used as unique global reference for Multi-Event Detection for SMB Admin Share Lateral Movement - DET0530 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0530 |
Related clusters
To see the related clusters, click here.
Detection of Exfiltration Over Asymmetric Encrypted Non-C2 Protocol - DET0512
Internal MISP references
UUID d187b646-5fb3-4d65-a190-e25e2131f802 which can be used as unique global reference for Detection of Exfiltration Over Asymmetric Encrypted Non-C2 Protocol - DET0512 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0512 |
Related clusters
To see the related clusters, click here.
Unix-like File Permission Manipulation Behavioral Chain Detection Strategy - DET0351
Internal MISP references
UUID 3243e976-0cf8-4f18-8b50-38b9ee5bfc4c which can be used as unique global reference for Unix-like File Permission Manipulation Behavioral Chain Detection Strategy - DET0351 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0351 |
Related clusters
To see the related clusters, click here.
Detect Screensaver-Based Persistence via Registry and Execution Chains - DET0154
Internal MISP references
UUID d3a3919f-2f04-49f4-808e-1f88538ee02b which can be used as unique global reference for Detect Screensaver-Based Persistence via Registry and Execution Chains - DET0154 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0154 |
Related clusters
To see the related clusters, click here.
Multi-Platform File and Directory Permissions Modification Detection Strategy - DET0299
Internal MISP references
UUID 682ddf59-6de3-4765-a1c0-09b539fa5d4f which can be used as unique global reference for Multi-Platform File and Directory Permissions Modification Detection Strategy - DET0299 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0299 |
Related clusters
To see the related clusters, click here.
Brute Force Authentication Failures with Multi-Platform Log Correlation - DET0463
Internal MISP references
UUID 1439efe8-4d10-4ce8-8727-458db69bae85 which can be used as unique global reference for Brute Force Authentication Failures with Multi-Platform Log Correlation - DET0463 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0463 |
Related clusters
To see the related clusters, click here.
Cross-Platform Detection of Data Transfer to Cloud Account - DET0573
Internal MISP references
UUID 22a31282-d190-449b-a102-2d562f906b7d which can be used as unique global reference for Cross-Platform Detection of Data Transfer to Cloud Account - DET0573 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0573 |
Related clusters
To see the related clusters, click here.
Detection Strategy for System Services across OS platforms. - DET0279
Internal MISP references
UUID 38364d2d-7b25-4f75-9679-eca4dd18b213 which can be used as unique global reference for Detection Strategy for System Services across OS platforms. - DET0279 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0279 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Protocol Tunneling accross OS platforms. - DET0538
Internal MISP references
UUID fff8e15e-f7eb-4c07-8b77-8e7ef2eb01b6 which can be used as unique global reference for Detection Strategy for Protocol Tunneling accross OS platforms. - DET0538 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0538 |
Related clusters
To see the related clusters, click here.
Detection of NTDS.dit Credential Dumping from Domain Controllers - DET0586
Internal MISP references
UUID a97fe87f-e9be-4f71-8530-af5d70eaddf3 which can be used as unique global reference for Detection of NTDS.dit Credential Dumping from Domain Controllers - DET0586 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0586 |
Related clusters
To see the related clusters, click here.
Detection fo Remote Service Session Hijacking for RDP. - DET0588
Internal MISP references
UUID 2729a43c-3f8d-4fee-b2bd-f773436d051b which can be used as unique global reference for Detection fo Remote Service Session Hijacking for RDP. - DET0588 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0588 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Additional Cloud Credentials in IaaS/IdP/SaaS - DET0531
Internal MISP references
UUID cd0c92f4-2345-40ae-aa73-ccc1eb78eb14 which can be used as unique global reference for Detection Strategy for Additional Cloud Credentials in IaaS/IdP/SaaS - DET0531 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0531 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Publish/Subscribe Protocol Misuse for C2 - DET0002
Internal MISP references
UUID 16495e17-03ec-4e11-ab80-f76ed6386329 which can be used as unique global reference for Behavioral Detection of Publish/Subscribe Protocol Misuse for C2 - DET0002 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0002 |
Related clusters
To see the related clusters, click here.
Detection Strategy for /proc Memory Injection on Linux - DET0541
Internal MISP references
UUID 452c12a6-e74d-4244-a298-e9adaaf23794 which can be used as unique global reference for Detection Strategy for /proc Memory Injection on Linux - DET0541 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0541 |
Related clusters
To see the related clusters, click here.
Detect malicious IDE extension install/usage and IDE tunneling - DET0561
Internal MISP references
UUID 434d1a09-6a53-43ae-8f8c-e0eb853c4a25 which can be used as unique global reference for Detect malicious IDE extension install/usage and IDE tunneling - DET0561 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0561 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Event Triggered Execution Across Platforms - DET0010
Internal MISP references
UUID c5e3823f-5ee0-43db-b6fa-b63d6587b24c which can be used as unique global reference for Behavioral Detection of Event Triggered Execution Across Platforms - DET0010 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0010 |
Related clusters
To see the related clusters, click here.
Detection of Persistence Artifact Removal Across Host Platforms - DET0040
Internal MISP references
UUID 80eb76bc-6599-4adf-8d8c-8126e7e63d12 which can be used as unique global reference for Detection of Persistence Artifact Removal Across Host Platforms - DET0040 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0040 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Data Encoding in C2 Channels - DET0108
Internal MISP references
UUID d7106707-eee8-443f-b106-e7eff58a739e which can be used as unique global reference for Detection Strategy for Data Encoding in C2 Channels - DET0108 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0108 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow for DLLs - DET0201
Internal MISP references
UUID bd33de0c-1ed7-42ea-b77d-1fd5d33acd3b which can be used as unique global reference for Detection Strategy for Hijack Execution Flow for DLLs - DET0201 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0201 |
Related clusters
To see the related clusters, click here.
Detection of Local Browser Artifact Access for Reconnaissance - DET0013
Internal MISP references
UUID 3e5e2bda-40c0-4aea-90f1-8fc52096ad5e which can be used as unique global reference for Detection of Local Browser Artifact Access for Reconnaissance - DET0013 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0013 |
Related clusters
To see the related clusters, click here.
Detect Unauthorized Access to Cloud Secrets Management Stores - DET0130
Internal MISP references
UUID f69d3378-a034-4709-9778-6efd2269e097 which can be used as unique global reference for Detect Unauthorized Access to Cloud Secrets Management Stores - DET0130 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0130 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Data from Network Shared Drive - DET0410
Internal MISP references
UUID 79eb1874-4762-461b-a748-df85e61f3216 which can be used as unique global reference for Detection Strategy for Data from Network Shared Drive - DET0410 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0410 |
Related clusters
To see the related clusters, click here.
Detection of Remote Data Staging Prior to Exfiltration - DET0071
Internal MISP references
UUID 20f11806-1639-49c5-ae0b-84633a142870 which can be used as unique global reference for Detection of Remote Data Staging Prior to Exfiltration - DET0071 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0071 |
Related clusters
To see the related clusters, click here.
Detection of System Network Connections Discovery Across Platforms - DET0320
Internal MISP references
UUID 7c45d09a-030e-4b30-b2d9-41fee3daa293 which can be used as unique global reference for Detection of System Network Connections Discovery Across Platforms - DET0320 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0320 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Steal or Forge Authentication Certificates - DET0240
Internal MISP references
UUID 7b0ea292-22f5-4963-b1c2-0d396fb17619 which can be used as unique global reference for Detection Strategy for Steal or Forge Authentication Certificates - DET0240 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0240 |
Related clusters
To see the related clusters, click here.
Detect XSL Script Abuse via msxsl and wmic - DET0205
Internal MISP references
UUID 4994627c-216b-4832-90cf-074d3e9013e4 which can be used as unique global reference for Detect XSL Script Abuse via msxsl and wmic - DET0205 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0205 |
Related clusters
To see the related clusters, click here.
Detect Access to Unsecured Credential Files Across Platforms - DET0307
Internal MISP references
UUID b34a9911-8261-45b4-af09-3885f9b82cc6 which can be used as unique global reference for Detect Access to Unsecured Credential Files Across Platforms - DET0307 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0307 |
Related clusters
To see the related clusters, click here.
Detection of Local Data Collection Prior to Exfiltration - DET0380
Internal MISP references
UUID 36bb5edf-e7b6-4d36-8ccc-1a18ddc573da which can be used as unique global reference for Detection of Local Data Collection Prior to Exfiltration - DET0380 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0380 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Dynamic Resolution across OS Platforms - DET0039
Internal MISP references
UUID 98d6523f-54c5-4a24-a758-333caa833967 which can be used as unique global reference for Detection Strategy for Dynamic Resolution across OS Platforms - DET0039 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0039 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Process Argument Spoofing on Windows - DET0045
Internal MISP references
UUID 276ac500-e134-4852-96cd-8aa899ad0c7c which can be used as unique global reference for Detection Strategy for Process Argument Spoofing on Windows - DET0045 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0045 |
Related clusters
To see the related clusters, click here.
Detection of Compromise Software Dependencies and Development Tools - DET0704
Internal MISP references
UUID c2133628-efa0-4bb0-9f9a-a475ec6a52e7 which can be used as unique global reference for Detection of Compromise Software Dependencies and Development Tools - DET0704 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0704 |
Related clusters
To see the related clusters, click here.
Detection of Credential Harvesting via Web Portal Modification - DET0480
Internal MISP references
UUID 8b2a91cd-4a15-4b25-9b75-581298f3ef82 which can be used as unique global reference for Detection of Credential Harvesting via Web Portal Modification - DET0480 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0480 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Network History and Configuration Tampering - DET0049
Internal MISP references
UUID 45ac24cf-b8f4-44d5-97e1-3efe2bf28abc which can be used as unique global reference for Behavioral Detection of Network History and Configuration Tampering - DET0049 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0049 |
Related clusters
To see the related clusters, click here.
Detection strategy for Group Policy Discovery on Windows - DET0055
Internal MISP references
UUID e5eff2eb-4a41-44d1-9c79-4977fb73f569 which can be used as unique global reference for Detection strategy for Group Policy Discovery on Windows - DET0055 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0055 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Web Service: Dead Drop Resolver - DET0058
Internal MISP references
UUID 70abbe3f-797d-495b-8f76-371408a0f929 which can be used as unique global reference for Detection Strategy for Web Service: Dead Drop Resolver - DET0058 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0058 |
Related clusters
To see the related clusters, click here.
Detect Network Provider DLL Registration and Credential Capture - DET0580
Internal MISP references
UUID 552a7d85-4ac4-48cd-9072-61a4c6b2c682 which can be used as unique global reference for Detect Network Provider DLL Registration and Credential Capture - DET0580 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0580 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of External Website Defacement across Platforms - DET0590
Internal MISP references
UUID 33bbfada-99c8-4cac-8b21-fa013959001d which can be used as unique global reference for Behavioral Detection of External Website Defacement across Platforms - DET0590 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0590 |
Related clusters
To see the related clusters, click here.
Behavioral Detection Strategy for Exfiltration Over Alternative Protocol - DET0131
Internal MISP references
UUID ed9ef930-ec1f-4e57-a110-9b647e2ca195 which can be used as unique global reference for Behavioral Detection Strategy for Exfiltration Over Alternative Protocol - DET0131 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0131 |
Related clusters
To see the related clusters, click here.
Detection for Spoofing Security Alerting across OS Platforms - DET0311
Internal MISP references
UUID fecfb9f9-645e-4e09-ba21-05bc60722688 which can be used as unique global reference for Detection for Spoofing Security Alerting across OS Platforms - DET0311 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0311 |
Related clusters
To see the related clusters, click here.
Detect Abuse of Windows Time Providers for Persistence - DET0122
Internal MISP references
UUID 9c4b0b07-df7f-4697-8cd1-0b95ff6a6361 which can be used as unique global reference for Detect Abuse of Windows Time Providers for Persistence - DET0122 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0122 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1525 – Implant Internal Image - DET0334
Internal MISP references
UUID c08df366-fa5a-4f34-a27e-b28e756f09f0 which can be used as unique global reference for Detection Strategy for T1525 – Implant Internal Image - DET0334 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0334 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of CLI Abuse on Network Devices - DET0142
Internal MISP references
UUID ca871237-8615-47b7-9981-92d1d920d346 which can be used as unique global reference for Behavioral Detection of CLI Abuse on Network Devices - DET0142 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0142 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hijack Execution Flow: Dylib Hijacking - DET0152
Internal MISP references
UUID eca47fcc-6bee-43b1-9569-631a22be5fe0 which can be used as unique global reference for Detection Strategy for Hijack Execution Flow: Dylib Hijacking - DET0152 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0152 |
Related clusters
To see the related clusters, click here.
Detection of Local Data Staging Prior to Exfiltration - DET0261
Internal MISP references
UUID e91165c5-e850-465e-9042-6ba82478b522 which can be used as unique global reference for Detection of Local Data Staging Prior to Exfiltration - DET0261 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0261 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Compressed Payload Creation and Execution - DET0281
Internal MISP references
UUID f3d5d1d5-3d80-46b2-be05-f0c438625230 which can be used as unique global reference for Detection Strategy for Compressed Payload Creation and Execution - DET0281 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0281 |
Related clusters
To see the related clusters, click here.
Detect Persistence via Office Test Registry DLL Injection - DET0315
Internal MISP references
UUID cb0a01e5-d88a-4ac8-a70a-1472c5dccd10 which can be used as unique global reference for Detect Persistence via Office Test Registry DLL Injection - DET0315 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0315 |
Related clusters
To see the related clusters, click here.
Detection of Tainted Content Written to Shared Storage - DET0471
Internal MISP references
UUID cdfe6166-43e9-434a-a961-139edd58ca0c which can be used as unique global reference for Detection of Tainted Content Written to Shared Storage - DET0471 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0471 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Command and Scripting Interpreter Abuse - DET0516
Internal MISP references
UUID 8582f5e6-44a5-4950-b7e8-a3e1b6d58d63 which can be used as unique global reference for Behavioral Detection of Command and Scripting Interpreter Abuse - DET0516 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0516 |
Related clusters
To see the related clusters, click here.
Automated File and API Collection Detection Across Platforms - DET0186
Internal MISP references
UUID 5e9a51b5-7e4a-4e78-a1ba-215ce937c877 which can be used as unique global reference for Automated File and API Collection Detection Across Platforms - DET0186 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0186 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Unauthorized VNC Remote Control Sessions - DET0178
Internal MISP references
UUID bb431f45-c3fe-4b98-8dd7-70346b56c880 which can be used as unique global reference for Behavioral Detection of Unauthorized VNC Remote Control Sessions - DET0178 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0178 |
Related clusters
To see the related clusters, click here.
Detect Abuse of Container APIs for Credential Access - DET0198
Internal MISP references
UUID 8ca072de-1c09-4e19-acd2-e4228681030c which can be used as unique global reference for Detect Abuse of Container APIs for Credential Access - DET0198 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0198 |
Related clusters
To see the related clusters, click here.
Detection Strategy for System Binary Proxy Execution: Regsvr32 - DET0282
Internal MISP references
UUID 0a931f22-4820-48aa-8051-056da15a6183 which can be used as unique global reference for Detection Strategy for System Binary Proxy Execution: Regsvr32 - DET0282 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0282 |
Related clusters
To see the related clusters, click here.
Detection of Adversary Abuse of Software Deployment Tools - DET0223
Internal MISP references
UUID ea1f5423-64b9-44eb-824f-251aa0faccd2 which can be used as unique global reference for Detection of Adversary Abuse of Software Deployment Tools - DET0223 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0223 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Dynamic Resolution through DNS Calculation - DET0262
Internal MISP references
UUID 510a02c8-4341-40ab-8b57-bd678c411ac0 which can be used as unique global reference for Detection Strategy for Dynamic Resolution through DNS Calculation - DET0262 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0262 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Masquerading via File Type Modification - DET0226
Internal MISP references
UUID e2d84c66-3647-4aab-962b-c1ad89455a18 which can be used as unique global reference for Detection Strategy for Masquerading via File Type Modification - DET0226 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0226 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Polymorphic Code Mutation and Execution - DET0324
Internal MISP references
UUID 380da3b2-d92f-4361-b187-cedc8a118e0f which can be used as unique global reference for Detection Strategy for Polymorphic Code Mutation and Execution - DET0324 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0324 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Spearphishing Attachment across OS Platforms - DET0236
Internal MISP references
UUID 8d904004-e492-4f76-9f84-be75fc61e5c5 which can be used as unique global reference for Detection Strategy for Spearphishing Attachment across OS Platforms - DET0236 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0236 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Encrypted Channel across OS Platforms - DET0273
Internal MISP references
UUID 08861418-398c-4972-8850-5e11f2d32944 which can be used as unique global reference for Detection Strategy for Encrypted Channel across OS Platforms - DET0273 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0273 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Disable or Modify Cloud Firewall - DET0424
Internal MISP references
UUID 1221d0cb-6404-4fe7-837e-6057a96e7acb which can be used as unique global reference for Detection Strategy for Disable or Modify Cloud Firewall - DET0424 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0424 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Login Hook Persistence on macOS - DET0244
Internal MISP references
UUID 6aa65bd1-4c0c-4bf7-ba74-ba0d8edd9cb9 which can be used as unique global reference for Detection Strategy for Login Hook Persistence on macOS - DET0244 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0244 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Spearphishing Voice across OS platforms - DET0245
Internal MISP references
UUID ec33e12c-e0f1-426d-a453-fa5ae4d3cf9a which can be used as unique global reference for Detection Strategy for Spearphishing Voice across OS platforms - DET0245 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0245 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Exfiltration to Text Storage Sites - DET0284
Internal MISP references
UUID 6ab41bc0-2d89-4173-8149-728fbc2698b6 which can be used as unique global reference for Detection Strategy for Exfiltration to Text Storage Sites - DET0284 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0284 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Fallback or Alternate C2 Channels - DET0499
Internal MISP references
UUID ee1c44c9-c5aa-4a9c-9e68-49854ed4d602 which can be used as unique global reference for Behavioral Detection of Fallback or Alternate C2 Channels - DET0499 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0499 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Role Addition to Cloud Accounts - DET0277
Internal MISP references
UUID 264a9ce0-b26f-4cc6-bdf4-384b0d188a95 which can be used as unique global reference for Detection Strategy for Role Addition to Cloud Accounts - DET0277 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0277 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Disable or Modify Cloud Logs - DET0289
Internal MISP references
UUID f0190654-2eda-42a7-9a4d-6edc95aada02 which can be used as unique global reference for Detection Strategy for Disable or Modify Cloud Logs - DET0289 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0289 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Addition of Email Delegate Permissions - DET0373
Internal MISP references
UUID 679edb0f-4fa0-4929-9ffd-881d9f82263d which can be used as unique global reference for Detection Strategy for Addition of Email Delegate Permissions - DET0373 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0373 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Masquerading via Account Name Similarity - DET0383
Internal MISP references
UUID f1f9b6fc-a261-4bcf-a0c0-3ae42cdc28fc which can be used as unique global reference for Detection Strategy for Masquerading via Account Name Similarity - DET0383 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0383 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Weaken Encryption on Network Devices - DET0339
Internal MISP references
UUID de98fda3-10f9-4013-a163-fb9b6c117a9b which can be used as unique global reference for Detection Strategy for Weaken Encryption on Network Devices - DET0339 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0339 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Masquerading via Breaking Process Trees - DET0443
Internal MISP references
UUID eccdd5b4-e19e-4254-909e-4a9c2e3ac27e which can be used as unique global reference for Detection Strategy for Masquerading via Breaking Process Trees - DET0443 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0443 |
Related clusters
To see the related clusters, click here.
TCC Database Manipulation via Launchctl and Unprotected SIP - DET0534
Internal MISP references
UUID f1fdcaa2-7040-4cea-a934-7397566a312b which can be used as unique global reference for TCC Database Manipulation via Launchctl and Unprotected SIP - DET0534 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0534 |
Related clusters
To see the related clusters, click here.
Detect Screen Capture via Commands and API Calls - DET0346
Internal MISP references
UUID a9de0990-69e9-4b1a-9754-1c7fb4102ac9 which can be used as unique global reference for Detect Screen Capture via Commands and API Calls - DET0346 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0346 |
Related clusters
To see the related clusters, click here.
Detection of Malware Relocation via Suspicious File Movement - DET0439
Internal MISP references
UUID 3fa3299e-a8c2-4555-890b-544314ae1e44 which can be used as unique global reference for Detection of Malware Relocation via Suspicious File Movement - DET0439 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0439 |
Related clusters
To see the related clusters, click here.
Endpoint DoS via OS Exhaustion Flood Detection Strategy - DET0356
Internal MISP references
UUID bdf67026-8adb-41da-9a58-c9acba4da1f3 which can be used as unique global reference for Endpoint DoS via OS Exhaustion Flood Detection Strategy - DET0356 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0356 |
Related clusters
To see the related clusters, click here.
Detect Access to macOS Keychain for Credential Theft - DET0396
Internal MISP references
UUID cc6c18b5-1fa6-4e27-8c78-e479428bef44 which can be used as unique global reference for Detect Access to macOS Keychain for Credential Theft - DET0396 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0396 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of DLL Injection via Windows API - DET0389
Internal MISP references
UUID e9c54806-2d8e-4722-805c-4a1e7f6a1986 which can be used as unique global reference for Behavioral Detection of DLL Injection via Windows API - DET0389 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0389 |
Related clusters
To see the related clusters, click here.
Detection of Proxy Infrastructure Setup and Traffic Bridging - DET0445
Internal MISP references
UUID 5c44619a-da36-4bbd-9730-efceacf2409f which can be used as unique global reference for Detection of Proxy Infrastructure Setup and Traffic Bridging - DET0445 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0445 |
Related clusters
To see the related clusters, click here.
Enumeration of User or Account Information Across Platforms - DET0587
Internal MISP references
UUID fdda430c-e4f6-43ce-95d6-0f97253ff6a2 which can be used as unique global reference for Enumeration of User or Account Information Across Platforms - DET0587 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0587 |
Related clusters
To see the related clusters, click here.
Detect Modification of Authentication Process via Reversible Encryption - DET0589
Internal MISP references
UUID b865c4e8-f3de-471e-846c-2290b6d52da9 which can be used as unique global reference for Detect Modification of Authentication Process via Reversible Encryption - DET0589 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0589 |
Related clusters
To see the related clusters, click here.
Detection Strategy for AutoHotKey & AutoIT Abuse - DET0332
Internal MISP references
UUID a948dd3c-a8f3-4bc0-aec3-4c5264e7a012 which can be used as unique global reference for Detection Strategy for AutoHotKey & AutoIT Abuse - DET0332 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0332 |
Related clusters
To see the related clusters, click here.
Behavior-Chain Detection for Remote Access Tools (Tool-Agnostic) - DET0496
Internal MISP references
UUID ec412019-109f-4f84-aa2f-d623f40254e0 which can be used as unique global reference for Behavior-Chain Detection for Remote Access Tools (Tool-Agnostic) - DET0496 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0496 |
Related clusters
To see the related clusters, click here.
Detecting Code Injection via mavinject.exe (App-V Injector) - DET0433
Internal MISP references
UUID 621ecbd0-a183-4dbd-913c-656436e62c1d which can be used as unique global reference for Detecting Code Injection via mavinject.exe (App-V Injector) - DET0433 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0433 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Reflection Amplification DoS (T1498.002) - DET0408
Internal MISP references
UUID 20f5a44b-e9bb-48e9-9bea-e7a3d757005f which can be used as unique global reference for Detection Strategy for Reflection Amplification DoS (T1498.002) - DET0408 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0408 |
Related clusters
To see the related clusters, click here.
Detect Abuse of Dynamic Data Exchange (T1559.002) - DET0504
Internal MISP references
UUID 3f3ebc58-fff0-4083-bc5c-ee7308026a20 which can be used as unique global reference for Detect Abuse of Dynamic Data Exchange (T1559.002) - DET0504 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0504 |
Related clusters
To see the related clusters, click here.
Detect Abuse of Component Object Model (T1559.001) - DET0224
Internal MISP references
UUID 96c3e267-9dde-45cb-b700-e27c1a672cf8 which can be used as unique global reference for Detect Abuse of Component Object Model (T1559.001) - DET0224 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0224 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Visual Basic Execution (VBS/VBA/VBScript) - DET0076
Internal MISP references
UUID 4a7f1bc4-4396-49e1-9c75-caa6ecd64047 which can be used as unique global reference for Behavioral Detection of Visual Basic Execution (VBS/VBA/VBScript) - DET0076 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0076 |
Related clusters
To see the related clusters, click here.
Detect unauthorized or suspicious Hardware Additions (USB/Thunderbolt/Network) - DET0069
Internal MISP references
UUID e8d186eb-5450-4dc9-8458-89bbaed45643 which can be used as unique global reference for Detect unauthorized or suspicious Hardware Additions (USB/Thunderbolt/Network) - DET0069 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0069 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Plist File Modification (T1647) - DET0109
Internal MISP references
UUID 0548423e-c893-4474-9e5d-7fdd7c2a0a71 which can be used as unique global reference for Detection Strategy for Plist File Modification (T1647) - DET0109 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0109 |
Related clusters
To see the related clusters, click here.
Detect Kerberos Ticket Theft or Forgery (T1558) - DET0522
Internal MISP references
UUID 3638f523-dc38-4ff0-8682-d2027af5bd77 which can be used as unique global reference for Detect Kerberos Ticket Theft or Forgery (T1558) - DET0522 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0522 |
Related clusters
To see the related clusters, click here.
Detect Registry and Startup Folder Persistence (Windows) - DET0365
Internal MISP references
UUID 8febbfe8-91ae-4625-8fc7-656639b90a11 which can be used as unique global reference for Detect Registry and Startup Folder Persistence (Windows) - DET0365 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0365 |
Related clusters
To see the related clusters, click here.
Detect Adversary-in-the-Middle via Network and Configuration Anomalies - DET0296
Internal MISP references
UUID 0eb48c77-9056-4178-900b-7ac23fd1c7cd which can be used as unique global reference for Detect Adversary-in-the-Middle via Network and Configuration Anomalies - DET0296 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0296 |
Related clusters
To see the related clusters, click here.
Password Policy Discovery – cross-platform behavior-chain analytics - DET0161
Internal MISP references
UUID 72742281-7457-4124-a277-7f3cf5e23f4e which can be used as unique global reference for Password Policy Discovery – cross-platform behavior-chain analytics - DET0161 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0161 |
Related clusters
To see the related clusters, click here.
Environmental Keying Discovery-to-Decryption Behavioral Chain Detection Strategy - DET0474
Internal MISP references
UUID a59f4a44-d581-4026-802d-5dc5c0c9f7d5 which can be used as unique global reference for Environmental Keying Discovery-to-Decryption Behavioral Chain Detection Strategy - DET0474 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0474 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1542.004 Pre-OS Boot: ROMMONkit - DET0175
Internal MISP references
UUID c3924c07-255d-4df9-8357-a47e68c04bbb which can be used as unique global reference for Detection Strategy for T1542.004 Pre-OS Boot: ROMMONkit - DET0175 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0175 |
Related clusters
To see the related clusters, click here.
Cross-Platform Behavioral Detection of Scheduled Task/Job Abuse - DET0094
Internal MISP references
UUID df11466a-27a2-4cb1-bf73-2a3a4aaee0d9 which can be used as unique global reference for Cross-Platform Behavioral Detection of Scheduled Task/Job Abuse - DET0094 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0094 |
Related clusters
To see the related clusters, click here.
Detection of Kernel/User-Level Rootkit Behavior Across Platforms - DET0377
Internal MISP references
UUID 00a4e92b-8164-4342-a71c-013ecc777ad0 which can be used as unique global reference for Detection of Kernel/User-Level Rootkit Behavior Across Platforms - DET0377 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0377 |
Related clusters
To see the related clusters, click here.
Detection of Exfiltration Over Unencrypted Non-C2 Protocol - DET0701
Internal MISP references
UUID c1ca9729-d9a0-47fd-98bf-8355ee9fc8e2 which can be used as unique global reference for Detection of Exfiltration Over Unencrypted Non-C2 Protocol - DET0701 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0701 |
Related clusters
To see the related clusters, click here.
Account Access Removal via Multi-Platform Audit Correlation - DET0120
Internal MISP references
UUID 655a8556-c82d-4148-b52a-7bc48fe7ce20 which can be used as unique global reference for Account Access Removal via Multi-Platform Audit Correlation - DET0120 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0120 |
Related clusters
To see the related clusters, click here.
Detection of Mutex-Based Execution Guardrails Across Platforms - DET0132
Internal MISP references
UUID d22f1848-fc32-4fdb-999b-9c0845fb6552 which can be used as unique global reference for Detection of Mutex-Based Execution Guardrails Across Platforms - DET0132 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0132 |
Related clusters
To see the related clusters, click here.
Detection of Exfiltration Over Unencrypted Non-C2 Protocol - DET0149
Internal MISP references
UUID a772e6e0-017e-4ceb-b125-4620ac85a5bd which can be used as unique global reference for Detection of Exfiltration Over Unencrypted Non-C2 Protocol - DET0149 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0149 |
Related clusters
To see the related clusters, click here.
Detection of Multi-Platform File Encryption for Impact - DET0215
Internal MISP references
UUID d080a1b1-5ad1-45a1-8f7b-b736986c20d9 which can be used as unique global reference for Detection of Multi-Platform File Encryption for Impact - DET0215 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0215 |
Related clusters
To see the related clusters, click here.
Password Guessing via Multi-Source Authentication Failure Correlation - DET0551
Internal MISP references
UUID b3ce3826-401f-4549-92ce-c825b4ddafb0 which can be used as unique global reference for Password Guessing via Multi-Source Authentication Failure Correlation - DET0551 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0551 |
Related clusters
To see the related clusters, click here.
Detection of Non-Application Layer Protocols for C2 - DET0457
Internal MISP references
UUID 2cb544af-ef54-4376-9608-b399ad67d3d6 which can be used as unique global reference for Detection of Non-Application Layer Protocols for C2 - DET0457 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0457 |
Related clusters
To see the related clusters, click here.
Multi-Platform Execution Guardrails Environmental Validation Detection Strategy - DET0562
Internal MISP references
UUID 99bdd6d6-ebef-40e2-83d2-2f39408c82e3 which can be used as unique global reference for Multi-Platform Execution Guardrails Environmental Validation Detection Strategy - DET0562 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0562 |
Related clusters
To see the related clusters, click here.
Detecting .NET COM Registration Abuse via Regsvcs/Regasm - DET0361
Internal MISP references
UUID 9c03f003-b859-42c6-b16d-c0979dfc202b which can be used as unique global reference for Detecting .NET COM Registration Abuse via Regsvcs/Regasm - DET0361 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0361 |
Related clusters
To see the related clusters, click here.
Detecting PowerShell Execution via SyncAppvPublishingServer.vbs Proxy Abuse - DET0440
Internal MISP references
UUID ba3578d1-5913-4ed1-ab83-473a39b63f7d which can be used as unique global reference for Detecting PowerShell Execution via SyncAppvPublishingServer.vbs Proxy Abuse - DET0440 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0440 |
Related clusters
To see the related clusters, click here.
Detection of Malicious Code Execution via InstallUtil.exe - DET0138
Internal MISP references
UUID 7f7679d8-c2eb-4fcc-be46-27055ef491a6 which can be used as unique global reference for Detection of Malicious Code Execution via InstallUtil.exe - DET0138 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0138 |
Related clusters
To see the related clusters, click here.
Detection of Malicious Profile Installation via CMSTP.exe - DET0328
Internal MISP references
UUID c254ecff-c728-4de8-a0f8-e5ad5015aa32 which can be used as unique global reference for Detection of Malicious Profile Installation via CMSTP.exe - DET0328 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0328 |
Related clusters
To see the related clusters, click here.
Detecting Remote Script Proxy Execution via PubPrn.vbs - DET0528
Internal MISP references
UUID 4e2e06c5-a7bd-40d9-af9b-99fdfe725360 which can be used as unique global reference for Detecting Remote Script Proxy Execution via PubPrn.vbs - DET0528 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0528 |
Related clusters
To see the related clusters, click here.
Credential Access via /etc/passwd and /etc/shadow Parsing - DET0446
Internal MISP references
UUID 17c97a51-74c2-449c-bc95-cf6a7647fb83 which can be used as unique global reference for Credential Access via /etc/passwd and /etc/shadow Parsing - DET0446 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0446 |
Related clusters
To see the related clusters, click here.
Detect Ingress Tool Transfers via Behavioral Chain - DET0060
Internal MISP references
UUID 67677c4c-5778-49eb-ae74-1920645b8554 which can be used as unique global reference for Detect Ingress Tool Transfers via Behavioral Chain - DET0060 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0060 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Input Capture Across Platforms - DET0102
Internal MISP references
UUID c922d994-74bd-4847-a870-c0ae216318c9 which can be used as unique global reference for Behavioral Detection of Input Capture Across Platforms - DET0102 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0102 |
Related clusters
To see the related clusters, click here.
Behavioral Detection for Service Stop across Platforms - DET0021
Internal MISP references
UUID ae37afa8-87d5-4091-ac33-010e78eefe97 which can be used as unique global reference for Behavioral Detection for Service Stop across Platforms - DET0021 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0021 |
Related clusters
To see the related clusters, click here.
Suspicious Addition to Local or Domain Groups - DET0310
Internal MISP references
UUID 13233865-3b73-4065-a056-43fcd6eb6ed5 which can be used as unique global reference for Suspicious Addition to Local or Domain Groups - DET0310 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0310 |
Related clusters
To see the related clusters, click here.
Detect Modification of Authentication Processes Across Platforms - DET0104
Internal MISP references
UUID d51dd574-9171-4c46-89bc-0e3bb1178dfe which can be used as unique global reference for Detect Modification of Authentication Processes Across Platforms - DET0104 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0104 |
Related clusters
To see the related clusters, click here.
Detection of Data Staging Prior to Exfiltration - DET0014
Internal MISP references
UUID 11f7fa69-2da4-4280-90d2-abc2f0722683 which can be used as unique global reference for Detection of Data Staging Prior to Exfiltration - DET0014 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0014 |
Related clusters
To see the related clusters, click here.
Detect MFA Modification or Disabling Across Platforms - DET0190
Internal MISP references
UUID eccad822-4f5b-4337-8c8b-825cf617f853 which can be used as unique global reference for Detect MFA Modification or Disabling Across Platforms - DET0190 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0190 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Stripped Payloads Across Platforms - DET0019
Internal MISP references
UUID e4040d30-1f5a-4f80-9f06-f1c1d2a8c238 which can be used as unique global reference for Detection Strategy for Stripped Payloads Across Platforms - DET0019 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0019 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Windows Command Shell Execution - DET0202
Internal MISP references
UUID 1806ad13-6fa8-4cb0-9d91-c8a989a1d9fe which can be used as unique global reference for Behavioral Detection of Windows Command Shell Execution - DET0202 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0202 |
Related clusters
To see the related clusters, click here.
Detect Obfuscated C2 via Network Traffic Analysis - DET0053
Internal MISP references
UUID e17b2809-7534-4749-9bd8-95fdb24e4891 which can be used as unique global reference for Detect Obfuscated C2 via Network Traffic Analysis - DET0053 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0053 |
Related clusters
To see the related clusters, click here.
Detect Suspicious or Malicious Code Signing Abuse - DET0230
Internal MISP references
UUID 01cc085c-7d7d-49fc-9d15-bc5b2226026a which can be used as unique global reference for Detect Suspicious or Malicious Code Signing Abuse - DET0230 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0230 |
Related clusters
To see the related clusters, click here.
Obfuscated Binary Unpacking Detection via Behavioral Patterns - DET0023
Internal MISP references
UUID 7a182af0-a7e1-41a1-ae5e-ac76ff7f5948 which can be used as unique global reference for Obfuscated Binary Unpacking Detection via Behavioral Patterns - DET0023 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0023 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hidden Files and Directories - DET0032
Internal MISP references
UUID 3f59957a-2e55-4378-bbe7-090fb1e4f067 which can be used as unique global reference for Detection Strategy for Hidden Files and Directories - DET0032 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0032 |
Related clusters
To see the related clusters, click here.
Detecting Electron Application Abuse for Proxy Execution - DET0025
Internal MISP references
UUID d41df11d-b2cd-4afc-89a5-9c77e7f31985 which can be used as unique global reference for Detecting Electron Application Abuse for Proxy Execution - DET0025 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0025 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hidden Artifacts Across Platforms - DET0502
Internal MISP references
UUID bd2348f8-acef-4310-bd03-cf7b866d2592 which can be used as unique global reference for Detection Strategy for Hidden Artifacts Across Platforms - DET0502 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0502 |
Related clusters
To see the related clusters, click here.
Detect Credential Discovery via Windows Registry Enumeration - DET0250
Internal MISP references
UUID 6c9e1f65-7d75-4091-b97d-e5f88ed12812 which can be used as unique global reference for Detect Credential Discovery via Windows Registry Enumeration - DET0250 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0250 |
Related clusters
To see the related clusters, click here.
Detection of Registry Query for Environmental Discovery - DET0209
Internal MISP references
UUID 106e32a9-29b7-4ec7-80cf-768662706490 which can be used as unique global reference for Detection of Registry Query for Environmental Discovery - DET0209 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0209 |
Related clusters
To see the related clusters, click here.
Detection of Malicious or Unauthorized Software Extensions - DET0092
Internal MISP references
UUID eaa0f0da-bee7-4ce3-97e5-46d5ac2a9257 which can be used as unique global reference for Detection of Malicious or Unauthorized Software Extensions - DET0092 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0092 |
Related clusters
To see the related clusters, click here.
Detect Suspicious Access to Browser Credential Stores - DET0037
Internal MISP references
UUID 90123c20-ff3d-4034-9a5f-905444bb0311 which can be used as unique global reference for Detect Suspicious Access to Browser Credential Stores - DET0037 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0037 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Modify Cloud Compute Infrastructure - DET0308
Internal MISP references
UUID af0d25b2-1912-4821-85db-305abe318535 which can be used as unique global reference for Detection Strategy for Modify Cloud Compute Infrastructure - DET0308 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0308 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Container and Resource Discovery - DET0490
Internal MISP references
UUID 2f4449cb-0eec-4871-bff3-f846f12bec15 which can be used as unique global reference for Detection Strategy for Container and Resource Discovery - DET0490 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0490 |
Related clusters
To see the related clusters, click here.
Detection of Valid Account Abuse Across Platforms - DET0560
Internal MISP references
UUID a6245075-b59f-46cf-8b76-e8d95c378a22 which can be used as unique global reference for Detection of Valid Account Abuse Across Platforms - DET0560 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0560 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Container Administration Command Abuse - DET0065
Internal MISP references
UUID e9a74ecb-cc65-4c21-ae40-850e3317c248 which can be used as unique global reference for Detection Strategy for Container Administration Command Abuse - DET0065 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0065 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Exfiltration to Cloud Storage - DET0570
Internal MISP references
UUID c8895822-a3d1-41eb-952f-c67b4673eee2 which can be used as unique global reference for Detection Strategy for Exfiltration to Cloud Storage - DET0570 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0570 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Process Injection Across Platforms - DET0508
Internal MISP references
UUID 9833b57b-4c83-4f58-b4cf-76f041b29273 which can be used as unique global reference for Behavioral Detection of Process Injection Across Platforms - DET0508 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0508 |
Related clusters
To see the related clusters, click here.
Detection of Match Legitimate Name or Location - DET0609
Internal MISP references
UUID 91b70fb4-8e86-4dd2-a988-33d64cc46d4e which can be used as unique global reference for Detection of Match Legitimate Name or Location - DET0609 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0609 |
Related clusters
To see the related clusters, click here.
Detection of Exfiltration Over Alternate Network Interfaces - DET0077
Internal MISP references
UUID 9280a84d-bf77-4a86-a052-ce6ea0d50e72 which can be used as unique global reference for Detection of Exfiltration Over Alternate Network Interfaces - DET0077 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0077 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Malicious Cloud API Scripting - DET0078
Internal MISP references
UUID e7bd0f37-f2cf-4e3c-a9c1-c41f63b67e1c which can be used as unique global reference for Behavioral Detection of Malicious Cloud API Scripting - DET0078 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0078 |
Related clusters
To see the related clusters, click here.
Encrypted or Encoded File Payload Detection Strategy - DET0087
Internal MISP references
UUID d70b8fdd-de14-4143-a350-56e3b885b37b which can be used as unique global reference for Encrypted or Encoded File Payload Detection Strategy - DET0087 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0087 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Keylogging Activity Across Platforms - DET0089
Internal MISP references
UUID fe0d7d82-1575-4685-9a4f-4bf83e0227a0 which can be used as unique global reference for Behavioral Detection of Keylogging Activity Across Platforms - DET0089 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0089 |
Related clusters
To see the related clusters, click here.
Detect Unsecured Credentials Shared in Chat Messages - DET0111
Internal MISP references
UUID a9b4dd72-07f2-4fd5-b46b-2fe9f6945f14 which can be used as unique global reference for Detect Unsecured Credentials Shared in Chat Messages - DET0111 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0111 |
Related clusters
To see the related clusters, click here.
Boot or Logon Initialization Scripts Detection Strategy - DET0112
Internal MISP references
UUID 6928b108-f04e-4a9b-bda5-53bb0c64ec9b which can be used as unique global reference for Boot or Logon Initialization Scripts Detection Strategy - DET0112 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0112 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Safe Mode Boot Abuse - DET0116
Internal MISP references
UUID 8c92a33f-ac2f-4ae9-9258-7a6a67922ad4 which can be used as unique global reference for Detection Strategy for Safe Mode Boot Abuse - DET0116 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0116 |
Related clusters
To see the related clusters, click here.
Detect Active Setup Persistence via StubPath Execution - DET0312
Internal MISP references
UUID ba8d3a5d-9ddc-4301-b021-84ca2c6854de which can be used as unique global reference for Detect Active Setup Persistence via StubPath Execution - DET0312 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0312 |
Related clusters
To see the related clusters, click here.
Detection of Data Exfiltration via Removable Media - DET0123
Internal MISP references
UUID 7ac4c58e-73de-4da1-8fc3-c2ccc511d884 which can be used as unique global reference for Detection of Data Exfiltration via Removable Media - DET0123 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0123 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hidden Virtual Instance Execution - DET0321
Internal MISP references
UUID 55321f9d-1646-45b9-b23e-e3c0fe105400 which can be used as unique global reference for Detection Strategy for Hidden Virtual Instance Execution - DET0321 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0321 |
Related clusters
To see the related clusters, click here.
Detection Strategy for System Services Service Execution - DET0421
Internal MISP references
UUID ef1996dc-b6e9-4d8b-a216-77d14323b3e5 which can be used as unique global reference for Detection Strategy for System Services Service Execution - DET0421 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0421 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Spoofed GUI Credential Prompts - DET0521
Internal MISP references
UUID 909c86ca-ddd0-4e96-8464-39f5f80ef20e which can be used as unique global reference for Behavioral Detection of Spoofed GUI Credential Prompts - DET0521 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0521 |
Related clusters
To see the related clusters, click here.
Detection Strategy for ListPlanting Injection on Windows - DET0331
Internal MISP references
UUID 175b97d9-287e-4ab6-ae95-8652c224f02a which can be used as unique global reference for Detection Strategy for ListPlanting Injection on Windows - DET0331 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0331 |
Related clusters
To see the related clusters, click here.
Abuse of Information Repositories for Data Collection - DET0413
Internal MISP references
UUID 48e8d8b1-0117-48bd-a32d-f4e43b665bf3 which can be used as unique global reference for Abuse of Information Repositories for Data Collection - DET0413 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0413 |
Related clusters
To see the related clusters, click here.
Detect Suspicious Access to Windows Credential Manager - DET0134
Internal MISP references
UUID 119f2b00-82ac-41fb-96ac-728bf56a8a29 which can be used as unique global reference for Detect Suspicious Access to Windows Credential Manager - DET0134 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0134 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Network Sniffing Across Platforms - DET0314
Internal MISP references
UUID 49505f6d-b778-4a84-a072-9236b700e7b5 which can be used as unique global reference for Detection Strategy for Network Sniffing Across Platforms - DET0314 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0314 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Network Address Translation Traversal - DET0163
Internal MISP references
UUID 218a24ca-9534-44e2-9282-fb08373e7845 which can be used as unique global reference for Detection Strategy for Network Address Translation Traversal - DET0163 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0163 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Impair Defenses Across Platforms - DET0317
Internal MISP references
UUID e8e88bcd-0294-48d2-bd3c-0408814f4a69 which can be used as unique global reference for Detection Strategy for Impair Defenses Across Platforms - DET0317 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0317 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Exfiltration to Code Repository - DET0318
Internal MISP references
UUID ac9c6b7c-bf94-4eeb-926c-f576673c0a14 which can be used as unique global reference for Detection Strategy for Exfiltration to Code Repository - DET0318 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0318 |
Related clusters
To see the related clusters, click here.
Detection of Credential Harvesting via API Hooking - DET0139
Internal MISP references
UUID d918611a-9d07-4f8b-b70e-2fe1c2f75faf which can be used as unique global reference for Detection of Credential Harvesting via API Hooking - DET0139 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0139 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Exploitation for Privilege Escalation - DET0514
Internal MISP references
UUID 64fc24f5-0428-4956-a328-2e76e0af984e which can be used as unique global reference for Detection Strategy for Exploitation for Privilege Escalation - DET0514 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0514 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hidden File System Abuse - DET0461
Internal MISP references
UUID 82c31276-f916-4d67-be83-f09534c0c77e which can be used as unique global reference for Detection Strategy for Hidden File System Abuse - DET0461 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0461 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Overwritten Process Arguments Masquerading - DET0164
Internal MISP references
UUID 8f268381-938f-454e-8d19-f266b69958ea which can be used as unique global reference for Detection Strategy for Overwritten Process Arguments Masquerading - DET0164 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0164 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Exploitation for Credential Access - DET0174
Internal MISP references
UUID 13a856f3-66b2-4ab7-b73f-2a26e712e77f which can be used as unique global reference for Detection Strategy for Exploitation for Credential Access - DET0174 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0174 |
Related clusters
To see the related clusters, click here.
Windows DACL Manipulation Behavioral Chain Detection Strategy - DET0418
Internal MISP references
UUID a1b25828-57bf-470c-8f47-8ad4e1f6bbdb which can be used as unique global reference for Windows DACL Manipulation Behavioral Chain Detection Strategy - DET0418 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0418 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Indicator Removal Across Platforms - DET0184
Internal MISP references
UUID 7225a3bd-f235-4c13-a236-3c6b9a3d445c which can be used as unique global reference for Behavioral Detection of Indicator Removal Across Platforms - DET0184 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0184 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Modify Cloud Resource Hierarchy - DET0155
Internal MISP references
UUID fdcd77fc-d6da-4692-a978-461a7f7dba61 which can be used as unique global reference for Detection Strategy for Modify Cloud Resource Hierarchy - DET0155 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0155 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of System Network Configuration Discovery - DET0195
Internal MISP references
UUID 172cff54-a89b-4207-abc2-8d0c9601025e which can be used as unique global reference for Behavioral Detection of System Network Configuration Discovery - DET0195 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0195 |
Related clusters
To see the related clusters, click here.
Detection of Download New Code at Runtime - DET0618
Internal MISP references
UUID 996f14f4-3419-45f6-af22-edc15f5d5d19 which can be used as unique global reference for Detection of Download New Code at Runtime - DET0618 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0618 |
Related clusters
To see the related clusters, click here.
Detect Persistence via Outlook Home Page Exploitation - DET0177
Internal MISP references
UUID e55f4e4b-80c0-4a2b-8202-659d29bbba33 which can be used as unique global reference for Detect Persistence via Outlook Home Page Exploitation - DET0177 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0177 |
Related clusters
To see the related clusters, click here.
Suspicious Use of Web Services for C2 - DET0425
Internal MISP references
UUID 769615c5-08d5-4f51-8f3b-7ac2f1febce8 which can be used as unique global reference for Suspicious Use of Web Services for C2 - DET0425 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0425 |
Related clusters
To see the related clusters, click here.
Detection Strategy for IFEO Injection on Windows - DET0422
Internal MISP references
UUID d65ea5cc-52c6-4ec6-98a8-eef0be23ee72 which can be used as unique global reference for Detection Strategy for IFEO Injection on Windows - DET0422 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0422 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Exfiltration Over C2 Channel - DET0348
Internal MISP references
UUID beb3a98c-f1a4-434a-81e7-29d178b14db2 which can be used as unique global reference for Detection Strategy for Exfiltration Over C2 Channel - DET0348 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0348 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Process Hollowing on Windows - DET0382
Internal MISP references
UUID 8e003575-5a6f-458d-be35-a8606c9b7dea which can be used as unique global reference for Detection Strategy for Process Hollowing on Windows - DET0382 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0382 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Impair Defenses Indicator Blocking - DET0239
Internal MISP references
UUID 0596d971-9552-4cd0-a5aa-4385cf707371 which can be used as unique global reference for Detection Strategy for Impair Defenses Indicator Blocking - DET0239 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0239 |
Related clusters
To see the related clusters, click here.
Boot or Logon Autostart Execution Detection Strategy - DET0274
Internal MISP references
UUID a9796458-df5d-467f-b037-acad6c261f25 which can be used as unique global reference for Boot or Logon Autostart Execution Detection Strategy - DET0274 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0274 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Bind Mounts on Linux - DET0428
Internal MISP references
UUID b79f47ca-4c42-4658-ba71-a6374778eb98 which can be used as unique global reference for Detection Strategy for Bind Mounts on Linux - DET0428 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0428 |
Related clusters
To see the related clusters, click here.
Detection of Windows Service Creation or Modification - DET0552
Internal MISP references
UUID c7d19c6f-a7f8-4323-af57-c626ccb74d88 which can be used as unique global reference for Detection of Windows Service Creation or Modification - DET0552 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0552 |
Related clusters
To see the related clusters, click here.
System Discovery via Native and Remote Utilities - DET0525
Internal MISP references
UUID 75161d5e-2b6d-4112-ab4d-338f70ea97f0 which can be used as unique global reference for System Discovery via Native and Remote Utilities - DET0525 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0525 |
Related clusters
To see the related clusters, click here.
Suspicious RoleBinding or ClusterRoleBinding Assignment in Kubernetes - DET0572
Internal MISP references
UUID 7c27cb31-4806-479f-a07b-900450236a57 which can be used as unique global reference for Suspicious RoleBinding or ClusterRoleBinding Assignment in Kubernetes - DET0572 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0572 |
Related clusters
To see the related clusters, click here.
Remote Desktop Software Execution and Beaconing Detection - DET0259
Internal MISP references
UUID 834e853c-479d-4ddd-a1a3-349b09466b8d which can be used as unique global reference for Remote Desktop Software Execution and Beaconing Detection - DET0259 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0259 |
Related clusters
To see the related clusters, click here.
Programmatic and Excessive Access to Confluence Documentation - DET0358
Internal MISP references
UUID 3d515fbc-0ebf-4a99-b191-b6ee604acb1f which can be used as unique global reference for Programmatic and Excessive Access to Confluence Documentation - DET0358 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0358 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Double File Extension Masquerading - DET0366
Internal MISP references
UUID 92ce4302-72cb-4b7b-9184-1fc14900d0e1 which can be used as unique global reference for Detection Strategy for Double File Extension Masquerading - DET0366 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0366 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Obfuscated Files or Information - DET0378
Internal MISP references
UUID e3758cbb-5dd9-4aad-b848-0539a8c56307 which can be used as unique global reference for Behavioral Detection of Obfuscated Files or Information - DET0378 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0378 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Process Doppelgänging on Windows - DET0544
Internal MISP references
UUID 8373cca7-feb8-44e4-94d0-fc39ea3586d7 which can be used as unique global reference for Detection Strategy for Process Doppelgänging on Windows - DET0544 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0544 |
Related clusters
To see the related clusters, click here.
Detection Strategy for VDSO Hijacking on Linux - DET0448
Internal MISP references
UUID b511a320-18a6-46ff-9588-85065c44312f which can be used as unique global reference for Detection Strategy for VDSO Hijacking on Linux - DET0448 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0448 |
Related clusters
To see the related clusters, click here.
Detection of Default Account Abuse Across Platforms - DET0465
Internal MISP references
UUID cff5ca37-cc4a-431c-b481-d0ccabbf6980 which can be used as unique global reference for Detection of Default Account Abuse Across Platforms - DET0465 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0465 |
Related clusters
To see the related clusters, click here.
Detection of Boot or Logon Initialization Scripts - DET0654
Internal MISP references
UUID 0677c510-fa4d-4a39-a14b-b91f9cde1e23 which can be used as unique global reference for Detection of Boot or Logon Initialization Scripts - DET0654 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0654 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Remote System Enumeration Behavior - DET0574
Internal MISP references
UUID 9ec6dafe-3e93-4ebb-943e-26b84136f6a9 which can be used as unique global reference for Detection Strategy for Remote System Enumeration Behavior - DET0574 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0574 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Exfiltration Over Web Service - DET0548
Internal MISP references
UUID 1753ab98-4530-4284-9bc3-5d4813abfb9e which can be used as unique global reference for Detection Strategy for Exfiltration Over Web Service - DET0548 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0548 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Resource Forking on macOS - DET0584
Internal MISP references
UUID 0f320fd9-cf15-4fd6-bcb3-c3a52760fe88 which can be used as unique global reference for Detection Strategy for Resource Forking on macOS - DET0584 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0584 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Build Image on Host - DET0459
Internal MISP references
UUID 62b445ed-7d9d-4c1a-8d4e-6c742ec1b0e2 which can be used as unique global reference for Detection Strategy for Build Image on Host - DET0459 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0459 |
Related clusters
To see the related clusters, click here.
Detecting Odbcconf Proxy Execution of Malicious DLLs - DET0486
Internal MISP references
UUID 9407410b-7f35-4d32-be3c-e48ea36573d9 which can be used as unique global reference for Detecting Odbcconf Proxy Execution of Malicious DLLs - DET0486 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0486 |
Related clusters
To see the related clusters, click here.
Detection Strategy for ESXi Hypervisor CLI Abuse - DET0558
Internal MISP references
UUID 5307b508-28e8-44c6-9487-212ccd3ab86c which can be used as unique global reference for Detection Strategy for ESXi Hypervisor CLI Abuse - DET0558 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0558 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Exploitation for Defense Evasion - DET0595
Internal MISP references
UUID da1e3af8-d79b-44ff-a907-ae107c110671 which can be used as unique global reference for Detection Strategy for Exploitation for Defense Evasion - DET0595 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0595 |
Related clusters
To see the related clusters, click here.
Email Forwarding Rule Abuse Detection Across Platforms - DET0576
Internal MISP references
UUID f66a9e86-49fb-4de6-963d-0e357a77f679 which can be used as unique global reference for Email Forwarding Rule Abuse Detection Across Platforms - DET0576 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0576 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Cloud Storage Object Discovery - DET0578
Internal MISP references
UUID c4f5335d-8e85-4b45-86b1-1d5a8cc6523d which can be used as unique global reference for Detection Strategy for Cloud Storage Object Discovery - DET0578 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0578 |
Related clusters
To see the related clusters, click here.
Detect Abuse of Inter-Process Communication (T1559) - DET0493
Internal MISP references
UUID b38e114c-f00f-4c70-9623-267da801625a which can be used as unique global reference for Detect Abuse of Inter-Process Communication (T1559) - DET0493 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0493 |
Related clusters
To see the related clusters, click here.
Detect Archiving via Custom Method (T1560.003) - DET0438
Internal MISP references
UUID edf894b7-052a-4baf-8984-f01ec773c80c which can be used as unique global reference for Detect Archiving via Custom Method (T1560.003) - DET0438 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0438 |
Related clusters
To see the related clusters, click here.
Detect Forged Kerberos Golden Tickets (T1558.001) - DET0144
Internal MISP references
UUID cbf5f016-0801-4861-93d8-d372645778d5 which can be used as unique global reference for Detect Forged Kerberos Golden Tickets (T1558.001) - DET0144 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0144 |
Related clusters
To see the related clusters, click here.
Detect Forged Kerberos Silver Tickets (T1558.002) - DET0241
Internal MISP references
UUID 77e72172-b088-4a98-bddd-ca04cbfc32ee which can be used as unique global reference for Detect Forged Kerberos Silver Tickets (T1558.002) - DET0241 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0241 |
Related clusters
To see the related clusters, click here.
Unauthorized Network Firewall Rule Modification (T1562.013) - DET0306
Internal MISP references
UUID 3a114d11-0850-4c33-b828-359e59b15250 which can be used as unique global reference for Unauthorized Network Firewall Rule Modification (T1562.013) - DET0306 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0306 |
Related clusters
To see the related clusters, click here.
Detect Abuse of XPC Services (T1559.003) - DET0335
Internal MISP references
UUID a92f4b5f-9d0d-461f-8581-a50975f5e07a which can be used as unique global reference for Detect Abuse of XPC Services (T1559.003) - DET0335 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0335 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Debugger Evasion (T1622) - DET0371
Internal MISP references
UUID 22f3a380-389d-44f7-a846-c6223fc06ddd which can be used as unique global reference for Detection Strategy for Debugger Evasion (T1622) - DET0371 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0371 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Serverless Execution (T1648) - DET0374
Internal MISP references
UUID 7a848f8f-4bdc-426c-989e-bc1abfaeb7fa which can be used as unique global reference for Detection Strategy for Serverless Execution (T1648) - DET0374 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0374 |
Related clusters
To see the related clusters, click here.
Cross-host C2 via Removable Media Relay - DET0090
Internal MISP references
UUID 2cbbc0b5-2c4b-4861-91d3-1f64a47ef191 which can be used as unique global reference for Cross-host C2 via Removable Media Relay - DET0090 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0090 |
Related clusters
To see the related clusters, click here.
Detect Persistence via Malicious Office Add-ins - DET0050
Internal MISP references
UUID 53144b02-d6b1-42de-b5cf-e785a59c43bd which can be used as unique global reference for Detect Persistence via Malicious Office Add-ins - DET0050 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0050 |
Related clusters
To see the related clusters, click here.
Behavior-Based Registry Modification Detection on Windows - DET0280
Internal MISP references
UUID cf6a38ec-4c16-4c7f-8730-6e04f6dd6e67 which can be used as unique global reference for Behavior-Based Registry Modification Detection on Windows - DET0280 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0280 |
Related clusters
To see the related clusters, click here.
Cross-Platform Behavioral Detection of Python Execution - DET0063
Internal MISP references
UUID 195e8d37-dfe6-4dc8-8012-dc80984872aa which can be used as unique global reference for Cross-Platform Behavioral Detection of Python Execution - DET0063 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0063 |
Related clusters
To see the related clusters, click here.
Multi-Platform Behavioral Detection for Compute Hijacking - DET0540
Internal MISP references
UUID be288974-9b74-41c1-8c43-66aef169255a which can be used as unique global reference for Multi-Platform Behavioral Detection for Compute Hijacking - DET0540 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0540 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1542 Pre-OS Boot - DET0278
Internal MISP references
UUID abf6c96c-09f3-4bea-a5b7-1177f99881bc which can be used as unique global reference for Detection Strategy for T1542 Pre-OS Boot - DET0278 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0278 |
Related clusters
To see the related clusters, click here.
Detection of AppleScript-Based Execution on macOS - DET0414
Internal MISP references
UUID af66dc57-77fc-42a7-9e84-7a588c3ab516 which can be used as unique global reference for Detection of AppleScript-Based Execution on macOS - DET0414 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0414 |
Related clusters
To see the related clusters, click here.
Detect One-Way Web Service Command Channels - DET0581
Internal MISP references
UUID e3718a7a-77b3-4790-99ba-aba7703815fd which can be used as unique global reference for Detect One-Way Web Service Command Channels - DET0581 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0581 |
Related clusters
To see the related clusters, click here.
Detect Multi-Stage Command and Control Channels - DET0228
Internal MISP references
UUID 6368178a-04c5-490b-96d5-f12dcccd0497 which can be used as unique global reference for Detect Multi-Stage Command and Control Channels - DET0228 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0228 |
Related clusters
To see the related clusters, click here.
Cross-Platform Detection of JavaScript Execution Abuse - DET0264
Internal MISP references
UUID 6dd441e4-d264-4f7f-b145-9c122955c532 which can be used as unique global reference for Cross-Platform Detection of JavaScript Execution Abuse - DET0264 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0264 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Wi-Fi Discovery Activity - DET0464
Internal MISP references
UUID baea10fc-7921-4ae2-bfe6-572c3f107303 which can be used as unique global reference for Behavioral Detection of Wi-Fi Discovery Activity - DET0464 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0464 |
Related clusters
To see the related clusters, click here.
Multi-Platform Cloud Storage Exfiltration Behavior Chain - DET0484
Internal MISP references
UUID 1177cbb7-bc00-4a36-8774-d51b7b3c66e9 which can be used as unique global reference for Multi-Platform Cloud Storage Exfiltration Behavior Chain - DET0484 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0484 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of WinRM-Based Remote Access - DET0477
Internal MISP references
UUID 7ff1f384-2373-4ea9-9311-1587b520a5c4 which can be used as unique global reference for Behavioral Detection of WinRM-Based Remote Access - DET0477 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0477 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1218.012 Verclsid Abuse - DET0042
Internal MISP references
UUID 1d738832-3de4-45f0-98e5-ac37642619e8 which can be used as unique global reference for Detection Strategy for T1218.012 Verclsid Abuse - DET0042 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0042 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Phishing across platforms. - DET0070
Internal MISP references
UUID 7ee73f2e-76b2-4f00-bcc0-7fb79d31d344 which can be used as unique global reference for Detection Strategy for Phishing across platforms. - DET0070 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0070 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1218.011 Rundll32 Abuse - DET0475
Internal MISP references
UUID a51d4d34-78fc-49b7-9071-348905dd33c2 which can be used as unique global reference for Detection Strategy for T1218.011 Rundll32 Abuse - DET0475 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0475 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Runtime Data Manipulation. - DET0391
Internal MISP references
UUID 41107d12-dd2e-439f-af29-1a10dcfcb6ce which can be used as unique global reference for Detection Strategy for Runtime Data Manipulation. - DET0391 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0391 |
Related clusters
To see the related clusters, click here.
Detection Strategy for T1497 Virtualization/Sandbox Evasion - DET0046
Internal MISP references
UUID 7f5dde79-7872-48dd-8718-cd2e10d7cbfc which can be used as unique global reference for Detection Strategy for T1497 Virtualization/Sandbox Evasion - DET0046 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0046 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Reflective Code Loading - DET0300
Internal MISP references
UUID dc415caf-2f8f-4208-8aa8-7db10729cbfb which can be used as unique global reference for Detection Strategy for Reflective Code Loading - DET0300 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0300 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Network Boundary Bridging - DET0006
Internal MISP references
UUID f0f7aa93-71bc-4c55-9f96-9c74a7d45a83 which can be used as unique global reference for Detection Strategy for Network Boundary Bridging - DET0006 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0006 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Lua Scripting Abuse - DET0101
Internal MISP references
UUID be7a4dda-a46a-4245-8837-e69946a79d3f which can be used as unique global reference for Detection Strategy for Lua Scripting Abuse - DET0101 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0101 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Malicious File Deletion - DET0140
Internal MISP references
UUID b96fce76-6b29-4e1c-b8b1-741f45a89fdc which can be used as unique global reference for Behavioral Detection of Malicious File Deletion - DET0140 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0140 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Cloud Service Discovery - DET0402
Internal MISP references
UUID a9351ea0-8379-47cd-a5c5-c5cf424249ef which can be used as unique global reference for Detection Strategy for Cloud Service Discovery - DET0402 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0402 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Forged Web Credentials - DET0260
Internal MISP references
UUID 44f32d03-50ce-480f-b531-481bcc6dc0a8 which can be used as unique global reference for Detection Strategy for Forged Web Credentials - DET0260 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0260 |
Related clusters
To see the related clusters, click here.
Detection of Malicious Kubernetes CronJob Scheduling - DET0206
Internal MISP references
UUID a1e17bbb-73d6-48d5-b0ab-1350189b0ecd which can be used as unique global reference for Detection of Malicious Kubernetes CronJob Scheduling - DET0206 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0206 |
Related clusters
To see the related clusters, click here.
Detection of Remote Device Management Services - DET0702
Internal MISP references
UUID 62779c6a-e43b-4ea8-be38-f40191338089 which can be used as unique global reference for Detection of Remote Device Management Services - DET0702 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0702 |
Related clusters
To see the related clusters, click here.
Detect Logon Script Modifications and Execution - DET0072
Internal MISP references
UUID 3f27e858-2912-4b43-ac03-f668ef30c47e which can be used as unique global reference for Detect Logon Script Modifications and Execution - DET0072 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0072 |
Related clusters
To see the related clusters, click here.
Detection of Obfuscated Files or Information - DET0720
Internal MISP references
UUID 7c507410-2dc7-4159-88ec-b2228547ae67 which can be used as unique global reference for Detection of Obfuscated Files or Information - DET0720 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0720 |
Related clusters
To see the related clusters, click here.
Local Account Enumeration Across Host Platforms - DET0303
Internal MISP references
UUID 21ad7ddc-77f6-422b-8e0c-c82e184e0ad0 which can be used as unique global reference for Local Account Enumeration Across Host Platforms - DET0303 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0303 |
Related clusters
To see the related clusters, click here.
Detection of Adversarial Process Discovery Behavior - DET0034
Internal MISP references
UUID 309ca3cd-d3f0-4aea-8932-558550aa89f4 which can be used as unique global reference for Detection of Adversarial Process Discovery Behavior - DET0034 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0034 |
Related clusters
To see the related clusters, click here.
Detect Credentials Access from Password Stores - DET0430
Internal MISP references
UUID 1a273fde-f4fc-4ca0-94d4-7df285167b5e which can be used as unique global reference for Detect Credentials Access from Password Stores - DET0430 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0430 |
Related clusters
To see the related clusters, click here.
Detection Strategy for System Location Discovery - DET0043
Internal MISP references
UUID 9daf5067-79c3-477c-bf41-813aada4770d which can be used as unique global reference for Detection Strategy for System Location Discovery - DET0043 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0043 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Domain Group Discovery - DET0360
Internal MISP references
UUID 69f22425-2ebb-4f3c-ab4d-fb9c6645f2f7 which can be used as unique global reference for Behavioral Detection of Domain Group Discovery - DET0360 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0360 |
Related clusters
To see the related clusters, click here.
Detection Strategy for System Services: Systemctl - DET0073
Internal MISP references
UUID 8a9b730a-b290-40ce-b182-dbcb06fbad3d which can be used as unique global reference for Detection Strategy for System Services: Systemctl - DET0073 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0073 |
Related clusters
To see the related clusters, click here.
Detecting Malicious Browser Extensions Across Platforms - DET0044
Internal MISP references
UUID 101e19ca-f902-4c2d-8ceb-ddd07a43f1a7 which can be used as unique global reference for Detecting Malicious Browser Extensions Across Platforms - DET0044 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0044 |
Related clusters
To see the related clusters, click here.
Detection Strategy for LNK Icon Smuggling - DET0405
Internal MISP references
UUID ae3cb4bc-da0a-4e5b-b4ad-96617eccefaf which can be used as unique global reference for Detection Strategy for LNK Icon Smuggling - DET0405 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0405 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Extended Attributes Abuse - DET0406
Internal MISP references
UUID e32dbff1-9d06-4495-b815-48463481581b which can be used as unique global reference for Detection Strategy for Extended Attributes Abuse - DET0406 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0406 |
Related clusters
To see the related clusters, click here.
Detection of Compromise Hardware Supply Chain - DET0604
Internal MISP references
UUID ef792e16-8b1c-452d-a3ae-1ad4b5577a4d which can be used as unique global reference for Detection of Compromise Hardware Supply Chain - DET0604 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0604 |
Related clusters
To see the related clusters, click here.
Detect Persistence via Malicious Outlook Rules - DET0095
Internal MISP references
UUID 83a814c2-73ac-4942-84ad-704a272cd864 which can be used as unique global reference for Detect Persistence via Malicious Outlook Rules - DET0095 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0095 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Ignore Process Interrupts - DET0067
Internal MISP references
UUID 29d1e77a-a05e-4ead-8272-b254992cd2ba which can be used as unique global reference for Detection Strategy for Ignore Process Interrupts - DET0067 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0067 |
Related clusters
To see the related clusters, click here.
Detection of Search Open Technical Databases - DET0860
Internal MISP references
UUID dc9fa05f-7e98-41ef-9d40-21fd1425f5d5 which can be used as unique global reference for Detection of Search Open Technical Databases - DET0860 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0860 |
Related clusters
To see the related clusters, click here.
Detection of Generate Traffic from Victim - DET0608
Internal MISP references
UUID 12414f0e-85ca-4403-873a-6d415c2020f4 which can be used as unique global reference for Detection of Generate Traffic from Victim - DET0608 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0608 |
Related clusters
To see the related clusters, click here.
Detection of Remote Service Session Hijacking - DET0079
Internal MISP references
UUID 5d244477-26e2-4b3a-b882-fd74e366e07d which can be used as unique global reference for Detection of Remote Service Session Hijacking - DET0079 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0079 |
Related clusters
To see the related clusters, click here.
Detection of Gather Victim Org Information - DET0890
Internal MISP references
UUID cd39aee1-03f0-489f-a800-ce00c6be617f which can be used as unique global reference for Detection of Gather Victim Org Information - DET0890 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0890 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Forged Web Cookies - DET0171
Internal MISP references
UUID e1854c9f-2b70-4311-9a46-a420f6c0b6d0 which can be used as unique global reference for Detection Strategy for Forged Web Cookies - DET0171 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0171 |
Related clusters
To see the related clusters, click here.
Detection of Exfiltration Over C2 Channel - DET0615
Internal MISP references
UUID 3ead6ecd-8ecb-40c9-8a73-ee3272bf0deb which can be used as unique global reference for Detection of Exfiltration Over C2 Channel - DET0615 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0615 |
Related clusters
To see the related clusters, click here.
Detection of Compromise Client Software Binary - DET0712
Internal MISP references
UUID 7c7aa84d-8425-42cc-b0bc-5d384b04d99a which can be used as unique global reference for Detection of Compromise Client Software Binary - DET0712 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0712 |
Related clusters
To see the related clusters, click here.
Detection of Compromise Software Supply Chain - DET0721
Internal MISP references
UUID 1098f1d3-7dfa-4dc0-b524-98af5588f6f7 which can be used as unique global reference for Detection of Compromise Software Supply Chain - DET0721 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0721 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Email Hiding Rules - DET0192
Internal MISP references
UUID 54aaab69-62fb-4d40-b2e0-0d07594353ed which can be used as unique global reference for Detection Strategy for Email Hiding Rules - DET0192 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0192 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Escape to Host - DET0219
Internal MISP references
UUID 8796c5cc-7e5a-402f-8252-f083aafc5cc9 which can be used as unique global reference for Detection Strategy for Escape to Host - DET0219 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0219 |
Related clusters
To see the related clusters, click here.
Clipboard Data Access with Anomalous Context - DET0341
Internal MISP references
UUID 461e3a2b-2315-4550-abb4-0bd73b0ceaa6 which can be used as unique global reference for Clipboard Data Access with Anomalous Context - DET0341 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0341 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Exfiltration Over Webhook - DET0153
Internal MISP references
UUID dcc26ef4-3ecd-4b37-b4b4-66faee084352 which can be used as unique global reference for Detection Strategy for Exfiltration Over Webhook - DET0153 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0153 |
Related clusters
To see the related clusters, click here.
Detection of Data from Local System - DET0713
Internal MISP references
UUID a5942766-8bd2-4747-baaf-a5850f08f550 which can be used as unique global reference for Detection of Data from Local System - DET0713 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0713 |
Related clusters
To see the related clusters, click here.
Application Exhaustion Flood Detection Across Platforms - DET0415
Internal MISP references
UUID 430abda8-2a2c-4ab8-bbd6-eb205a189362 which can be used as unique global reference for Application Exhaustion Flood Detection Across Platforms - DET0415 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0415 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Power Settings Abuse - DET0417
Internal MISP references
UUID 40701244-5af5-477f-a9a7-ba661907f318 which can be used as unique global reference for Detection Strategy for Power Settings Abuse - DET0417 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0417 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Forged SAML Tokens - DET0148
Internal MISP references
UUID b6d7d7cb-b56f-4095-b3ac-21147b0123e5 which can be used as unique global reference for Detection Strategy for Forged SAML Tokens - DET0148 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0148 |
Related clusters
To see the related clusters, click here.
Detection of Gather Victim Identity Information - DET0841
Internal MISP references
UUID b5ec4351-ee04-4beb-a019-b1f6d0e00894 which can be used as unique global reference for Detection of Gather Victim Identity Information - DET0841 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0841 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Command History Clearing - DET0165
Internal MISP references
UUID dcc65927-b113-4f42-b7bd-adb6caebf24a which can be used as unique global reference for Behavioral Detection of Command History Clearing - DET0165 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0165 |
Related clusters
To see the related clusters, click here.
Detection of Indicator Removal on Host - DET0651
Internal MISP references
UUID 1f04ccee-f8b2-4af3-bc34-e5b54d2c883e which can be used as unique global reference for Detection of Indicator Removal on Host - DET0651 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0651 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Cloud Infrastructure Discovery - DET0169
Internal MISP references
UUID 22331b2d-e8a1-4820-ae6b-7d04f24f7df7 which can be used as unique global reference for Detection Strategy for Cloud Infrastructure Discovery - DET0169 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0169 |
Related clusters
To see the related clusters, click here.
Detection of Code Signing Policy Modification - DET0619
Internal MISP references
UUID ab6215b7-19e0-4644-b340-40b6dcc90a48 which can be used as unique global reference for Detection of Code Signing Policy Modification - DET0619 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0619 |
Related clusters
To see the related clusters, click here.
Detection of Replication Through Removable Media - DET0691
Internal MISP references
UUID 3b8a3713-0f0a-433c-82bd-13b2f9224206 which can be used as unique global reference for Detection of Replication Through Removable Media - DET0691 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0691 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Permission Groups Discovery - DET0179
Internal MISP references
UUID 685546e7-2ec3-4bfa-9109-86df9fb196ee which can be used as unique global reference for Behavioral Detection of Permission Groups Discovery - DET0179 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0179 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Virtual Machine Discovery - DET0199
Internal MISP references
UUID 85849149-b36f-4562-9478-65c4e8f97dec which can be used as unique global reference for Detection Strategy for Virtual Machine Discovery - DET0199 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0199 |
Related clusters
To see the related clusters, click here.
Detection Strategy for ESXi Administration Command - DET0232
Internal MISP references
UUID c1d8aa38-aefb-4ea8-8c80-2dfa05eaaecb which can be used as unique global reference for Detection Strategy for ESXi Administration Command - DET0232 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0232 |
Related clusters
To see the related clusters, click here.
Detect Hybrid Identity Authentication Process Modification - DET0293
Internal MISP references
UUID 6b681059-99f7-46ff-bd36-96fd414074d4 which can be used as unique global reference for Detect Hybrid Identity Authentication Process Modification - DET0293 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0293 |
Related clusters
To see the related clusters, click here.
Detection Strategy of Transmitted Data Manipulation - DET0254
Internal MISP references
UUID 1764bbd5-67d1-4225-9c06-0d5aa74d056f which can be used as unique global reference for Detection Strategy of Transmitted Data Manipulation - DET0254 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0254 |
Related clusters
To see the related clusters, click here.
Detection of Abuse Elevation Control Mechanism - DET0642
Internal MISP references
UUID 9bfe6e65-c691-44fa-9d00-bf7fd5e6479f which can be used as unique global reference for Detection of Abuse Elevation Control Mechanism - DET0642 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0642 |
Related clusters
To see the related clusters, click here.
Detect Malicious Password Filter DLL Registration - DET0472
Internal MISP references
UUID f722c058-8449-49ee-8e18-c3e76ec60a51 which can be used as unique global reference for Detect Malicious Password Filter DLL Registration - DET0472 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0472 |
Related clusters
To see the related clusters, click here.
Detect Modification of macOS Startup Items - DET0429
Internal MISP references
UUID 7eb6ccf9-8fb5-4c7d-8a2c-33081c3ddf81 which can be used as unique global reference for Detect Modification of macOS Startup Items - DET0429 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0429 |
Related clusters
To see the related clusters, click here.
Detection Strategy for System Services: Launchctl - DET0265
Internal MISP references
UUID 77078baf-96f1-413a-bf5b-96b42486e26c which can be used as unique global reference for Detection Strategy for System Services: Launchctl - DET0265 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0265 |
Related clusters
To see the related clusters, click here.
Detection Strategy for SSH Session Hijacking - DET0256
Internal MISP references
UUID bdbd724e-b3e2-44d7-a9d6-ba2a4915762c which can be used as unique global reference for Detection Strategy for SSH Session Hijacking - DET0256 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0256 |
Related clusters
To see the related clusters, click here.
Detection of Endpoint Denial of Service - DET0627
Internal MISP references
UUID bc10fb75-db07-4ace-843c-8bcfd4044a90 which can be used as unique global reference for Detection of Endpoint Denial of Service - DET0627 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0627 |
Related clusters
To see the related clusters, click here.
Detection of File and Directory Discovery - DET0682
Internal MISP references
UUID afab91d6-8af3-47cd-b899-cacfbb8cad6d which can be used as unique global reference for Detection of File and Directory Discovery - DET0682 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0682 |
Related clusters
To see the related clusters, click here.
Detection of Gather Victim Host Information - DET0826
Internal MISP references
UUID b172a0fa-e429-4e6e-89b4-54dcfcefa893 which can be used as unique global reference for Detection of Gather Victim Host Information - DET0826 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0826 |
Related clusters
To see the related clusters, click here.
Detection of Exploitation for Client Execution - DET0629
Internal MISP references
UUID 06aad19e-a382-4987-a73c-a8e5c340d657 which can be used as unique global reference for Detection of Exploitation for Client Execution - DET0629 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0629 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hidden User Accounts - DET0353
Internal MISP references
UUID c48fd7e3-fbfb-4ab5-b577-12cc0be21f2c which can be used as unique global reference for Detection Strategy for Hidden User Accounts - DET0353 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0353 |
Related clusters
To see the related clusters, click here.
Detect Compromise of Host Software Binaries - DET0336
Internal MISP references
UUID 110a934e-881a-4e42-9619-b6de30f4a39e which can be used as unique global reference for Detect Compromise of Host Software Binaries - DET0336 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0336 |
Related clusters
To see the related clusters, click here.
Detection of Credentials from Password Store - DET0633
Internal MISP references
UUID b18a1df7-1b2b-4294-963a-e7c9b6489c34 which can be used as unique global reference for Detection of Credentials from Password Store - DET0633 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0633 |
Related clusters
To see the related clusters, click here.
Detection of System Network Configuration Discovery - DET0634
Internal MISP references
UUID 538bc808-b0f5-4f86-81f2-63be2cf63e80 which can be used as unique global reference for Detection of System Network Configuration Discovery - DET0634 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0634 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Unix Shell Execution - DET0384
Internal MISP references
UUID 4a89bf52-7be1-405d-8d02-462e52553bc5 which can be used as unique global reference for Behavioral Detection of Unix Shell Execution - DET0384 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0384 |
Related clusters
To see the related clusters, click here.
Behavioral Detection of Internet Connection Discovery - DET0357
Internal MISP references
UUID 24eeb599-bc8c-4e86-9adf-232153bcb14b which can be used as unique global reference for Behavioral Detection of Internet Connection Discovery - DET0357 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0357 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Cloud Application Integration - DET0539
Internal MISP references
UUID 8bc479cf-727b-40d1-92d2-5755766d8544 which can be used as unique global reference for Detection Strategy for Cloud Application Integration - DET0539 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0539 |
Related clusters
To see the related clusters, click here.
Detection of System Network Connections Discovery - DET0636
Internal MISP references
UUID 7ea45fed-cd52-4e26-96d5-31d3fd2c7b22 which can be used as unique global reference for Detection of System Network Connections Discovery - DET0636 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0636 |
Related clusters
To see the related clusters, click here.
Detection of Exploitation of Remote Services - DET0663
Internal MISP references
UUID 39efdb0b-2a05-4caf-8f37-876dfad294d6 which can be used as unique global reference for Detection of Exploitation of Remote Services - DET0663 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0663 |
Related clusters
To see the related clusters, click here.
Detection of Disable or Modify Tools - DET0693
Internal MISP references
UUID 0d03e753-a278-4a32-a33f-6199967220de which can be used as unique global reference for Detection of Disable or Modify Tools - DET0693 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0693 |
Related clusters
To see the related clusters, click here.
Detection of Network Denial of Service - DET0639
Internal MISP references
UUID 86f11b86-e189-47f1-8436-e46c7f0a4a69 which can be used as unique global reference for Detection of Network Denial of Service - DET0639 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0639 |
Related clusters
To see the related clusters, click here.
Abuse of PowerShell for Arbitrary Execution - DET0455
Internal MISP references
UUID 72b209e2-8c65-4217-8532-fabd0cb54ae5 which can be used as unique global reference for Abuse of PowerShell for Arbitrary Execution - DET0455 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0455 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Cloud Administration Command - DET0545
Internal MISP references
UUID fda20a62-ad83-4d45-8a65-84883b07707b which can be used as unique global reference for Detection Strategy for Cloud Administration Command - DET0545 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0545 |
Related clusters
To see the related clusters, click here.
Detection of Command and Scripting Interpreter - DET0655
Internal MISP references
UUID 694c70ab-0518-432a-a149-a7b185ad814b which can be used as unique global reference for Detection of Command and Scripting Interpreter - DET0655 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0655 |
Related clusters
To see the related clusters, click here.
Detection Strategy for System Language Discovery - DET0565
Internal MISP references
UUID 9d3a5603-ae0e-41fe-b2f5-7f3e44c903d7 which can be used as unique global reference for Detection Strategy for System Language Discovery - DET0565 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0565 |
Related clusters
To see the related clusters, click here.
Detection of Steal Application Access Token - DET0656
Internal MISP references
UUID 411f7c72-356c-4de6-bbf0-27a7952d3be5 which can be used as unique global reference for Detection of Steal Application Access Token - DET0656 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0656 |
Related clusters
To see the related clusters, click here.
Detection of Exploitation for Privilege Escalation - DET0665
Internal MISP references
UUID 5d42f7a1-78dd-4569-936e-78fe4601cb73 which can be used as unique global reference for Detection of Exploitation for Privilege Escalation - DET0665 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0665 |
Related clusters
To see the related clusters, click here.
Detect Unauthorized Access to Password Managers - DET0597
Internal MISP references
UUID a5600691-be46-424a-b8ef-a2c9159da49a which can be used as unique global reference for Detect Unauthorized Access to Password Managers - DET0597 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0597 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Device Driver Discovery - DET0579
Internal MISP references
UUID ff6c2db6-cc1b-47e0-89a6-536f83b74906 which can be used as unique global reference for Detection Strategy for Device Driver Discovery - DET0579 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0579 |
Related clusters
To see the related clusters, click here.
Detection of Exploitation for Initial Access - DET0666
Internal MISP references
UUID 1cabf349-a457-422b-a179-475795013f8a which can be used as unique global reference for Detection of Exploitation for Initial Access - DET0666 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0666 |
Related clusters
To see the related clusters, click here.
Detection of Search Threat Vendor Data - DET0866
Internal MISP references
UUID 6b173b90-4b1d-4de8-a506-95b8b10921a7 which can be used as unique global reference for Detection of Search Threat Vendor Data - DET0866 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0866 |
Related clusters
To see the related clusters, click here.
Detection of Data Encrypted for Impact - DET0678
Internal MISP references
UUID 132ead25-5d93-4616-9847-a4c37d33d3e6 which can be used as unique global reference for Detection of Data Encrypted for Impact - DET0678 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0678 |
Related clusters
To see the related clusters, click here.
Detection of Out of Band Data - DET0688
Internal MISP references
UUID d9ca9fb7-01dd-465c-86a1-a48b6812b1c5 which can be used as unique global reference for Detection of Out of Band Data - DET0688 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0688 |
Related clusters
To see the related clusters, click here.
Detection of Exfiltration Over Alternative Protocol - DET0698
Internal MISP references
UUID 7f914be4-061a-43a7-8d36-a758b123ca3b which can be used as unique global reference for Detection of Exfiltration Over Alternative Protocol - DET0698 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0698 |
Related clusters
To see the related clusters, click here.
Detection of System Runtime API Hijacking - DET0689
Internal MISP references
UUID 7ffe1aba-c979-426b-b96c-7161679eb8a8 which can be used as unique global reference for Detection of System Runtime API Hijacking - DET0689 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0689 |
Related clusters
To see the related clusters, click here.
Detection of Gather Victim Network Information - DET0869
Internal MISP references
UUID 9031c511-d7ff-410e-9144-d3afee390210 which can be used as unique global reference for Detection of Gather Victim Network Information - DET0869 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0869 |
Related clusters
To see the related clusters, click here.
Supply-chain tamper in dependencies/dev-tools (manager→write/install→first-run→egress) - DET0009
Internal MISP references
UUID ec870f2d-bba3-43f9-95b8-c2f85678dba4 which can be used as unique global reference for Supply-chain tamper in dependencies/dev-tools (manager→write/install→first-run→egress) - DET0009 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0009 |
Related clusters
To see the related clusters, click here.
Detect AS-REP Roasting Attempts (T1558.004) - DET0113
Internal MISP references
UUID d881e35b-5401-46c0-b966-8880c64681ab which can be used as unique global reference for Detect AS-REP Roasting Attempts (T1558.004) - DET0113 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0113 |
Related clusters
To see the related clusters, click here.
Detect Archiving via Utility (T1560.001) - DET0298
Internal MISP references
UUID e8528ab8-3467-423b-92b6-115f8ecc266d which can be used as unique global reference for Detect Archiving via Utility (T1560.001) - DET0298 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0298 |
Related clusters
To see the related clusters, click here.
Detect Archiving via Library (T1560.002) - DET0268
Internal MISP references
UUID a3dcb195-d1b5-4bce-b62b-ba9bdaed56d5 which can be used as unique global reference for Detect Archiving via Library (T1560.002) - DET0268 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0268 |
Related clusters
To see the related clusters, click here.
Setuid/Setgid Privilege Abuse Detection (Linux/macOS) - DET0110
Internal MISP references
UUID bc8cd246-1521-4643-a07e-428d45093b38 which can be used as unique global reference for Setuid/Setgid Privilege Abuse Detection (Linux/macOS) - DET0110 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0110 |
Related clusters
To see the related clusters, click here.
Detection of Search Victim-Owned Websites - DET0810
Internal MISP references
UUID 52cee5e7-a92e-433e-9b56-38c8f7b16264 which can be used as unique global reference for Detection of Search Victim-Owned Websites - DET0810 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0810 |
Related clusters
To see the related clusters, click here.
Detection of USB-Based Data Exfiltration - DET0220
Internal MISP references
UUID f6dd18b4-8534-4883-8d57-80655418bed4 which can be used as unique global reference for Detection of USB-Based Data Exfiltration - DET0220 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0220 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Non-Standard Ports - DET0227
Internal MISP references
UUID cc8324a7-03d0-47d1-8e2b-3caec44fc129 which can be used as unique global reference for Detection Strategy for Non-Standard Ports - DET0227 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0227 |
Related clusters
To see the related clusters, click here.
Multi-Platform Software Discovery Behavior Chain - DET0392
Internal MISP references
UUID f18dee58-43be-41e4-85a3-c6820033ac0d which can be used as unique global reference for Multi-Platform Software Discovery Behavior Chain - DET0392 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0392 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Wi-Fi Networks - DET0536
Internal MISP references
UUID f9c29db2-8790-4255-957f-9a02f1d8d024 which can be used as unique global reference for Detection Strategy for Wi-Fi Networks - DET0536 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0536 |
Related clusters
To see the related clusters, click here.
Detection of Bluetooth-Based Data Exfiltration - DET0554
Internal MISP references
UUID 267a6c25-8d34-47ae-8357-9ae173adaa13 which can be used as unique global reference for Detection of Bluetooth-Based Data Exfiltration - DET0554 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0554 |
Related clusters
To see the related clusters, click here.
Template Injection Detection - Windows - DET0566
Internal MISP references
UUID 481a55d3-5f23-4428-9438-0220eab78678 which can be used as unique global reference for Template Injection Detection - Windows - DET0566 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0566 |
Related clusters
To see the related clusters, click here.
Detection Strategy for File/Path Exclusions - DET0051
Internal MISP references
UUID f9175415-59ba-497c-b96f-639e01f4cf4e which can be used as unique global reference for Detection Strategy for File/Path Exclusions - DET0051 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0051 |
Related clusters
To see the related clusters, click here.
Detection of Disguise Root/Jailbreak Indicators - DET0710
Internal MISP references
UUID 0f41110f-099f-468f-af46-65d2a34f05d9 which can be used as unique global reference for Detection of Disguise Root/Jailbreak Indicators - DET0710 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0710 |
Related clusters
To see the related clusters, click here.
Detection of Search Open Websites/Domains - DET0856
Internal MISP references
UUID 3ada68d4-a4ab-4c06-98ce-33aaef54a115 which can be used as unique global reference for Detection of Search Open Websites/Domains - DET0856 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0856 |
Related clusters
To see the related clusters, click here.
Detection Strategy for VBA Stomping - DET0012
Internal MISP references
UUID 6d2e2f19-f5ae-4ba0-aea7-52cc257169e5 which can be used as unique global reference for Detection Strategy for VBA Stomping - DET0012 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0012 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Exclusive Control - DET0015
Internal MISP references
UUID 1d8154f6-6890-4441-863f-007600867088 which can be used as unique global reference for Detection Strategy for Exclusive Control - DET0015 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0015 |
Related clusters
To see the related clusters, click here.
Security Software Discovery Across Platforms - DET0016
Internal MISP references
UUID e2409f82-e24c-4bb9-ad44-b20d97fb7a5a which can be used as unique global reference for Security Software Discovery Across Platforms - DET0016 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0016 |
Related clusters
To see the related clusters, click here.
Detection of System Information Discovery - DET0601
Internal MISP references
UUID 0a60e161-3347-49e6-9687-123e8a06c620 which can be used as unique global reference for Detection of System Information Discovery - DET0601 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0601 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Spearphishing Links - DET0107
Internal MISP references
UUID ed58a144-2554-495c-9c60-18e6f817aa75 which can be used as unique global reference for Detection Strategy for Spearphishing Links - DET0107 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0107 |
Related clusters
To see the related clusters, click here.
Detection of Device Administrator Permissions - DET0630
Internal MISP references
UUID 3f3f3518-90bb-44fc-8ef0-dbfab75b79cc which can be used as unique global reference for Detection of Device Administrator Permissions - DET0630 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0630 |
Related clusters
To see the related clusters, click here.
Internal Spearphishing via Trusted Accounts - DET0054
Internal MISP references
UUID acc27d20-8aad-42ce-b928-6cda3c22e51b which can be used as unique global reference for Internal Spearphishing via Trusted Accounts - DET0054 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0054 |
Related clusters
To see the related clusters, click here.
Detection of Install Digital Certificate - DET0840
Internal MISP references
UUID ad99833c-d2de-45be-a20b-9cbb6d797a35 which can be used as unique global reference for Detection of Install Digital Certificate - DET0840 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0840 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Command Obfuscation - DET0505
Internal MISP references
UUID 72d668ba-f4d1-43ff-b7b1-0dbad9ec6ed9 which can be used as unique global reference for Detection Strategy for Command Obfuscation - DET0505 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0505 |
Related clusters
To see the related clusters, click here.
Detection of Account Access Removal - DET0605
Internal MISP references
UUID 78eb87ae-c606-41cc-b133-b02eb35fb54d which can be used as unique global reference for Detection of Account Access Removal - DET0605 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0605 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Data Manipulation - DET0059
Internal MISP references
UUID cce3ccaf-87ac-47ae-b9e2-6507b91cb63d which can be used as unique global reference for Detection Strategy for Data Manipulation - DET0059 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0059 |
Related clusters
To see the related clusters, click here.
Detection of Archive Collected Data - DET0670
Internal MISP references
UUID b66555c6-297c-4769-affe-8f268b7c3c78 which can be used as unique global reference for Detection of Archive Collected Data - DET0670 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0670 |
Related clusters
To see the related clusters, click here.
Detection of Determine Physical Locations - DET0806
Internal MISP references
UUID 59dd7be2-7f37-4b8c-a1a7-3ed71d37cac8 which can be used as unique global reference for Detection of Determine Physical Locations - DET0806 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0806 |
Related clusters
To see the related clusters, click here.
Detection of Security Software Discovery - DET0680
Internal MISP references
UUID 9935655b-cd9b-485f-84ea-1b3b4b765413 which can be used as unique global reference for Detection of Security Software Discovery - DET0680 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0680 |
Related clusters
To see the related clusters, click here.
Account Manipulation Behavior Chain Detection - DET0096
Internal MISP references
UUID d6c4cc3b-6875-4288-8193-bf4c864560ab which can be used as unique global reference for Account Manipulation Behavior Chain Detection - DET0096 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0096 |
Related clusters
To see the related clusters, click here.
Detection of Uninstall Malicious Application - DET0690
Internal MISP references
UUID 5a9d7ef3-35bf-4a89-8f61-084e2eecc070 which can be used as unique global reference for Detection of Uninstall Malicious Application - DET0690 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0690 |
Related clusters
To see the related clusters, click here.
Detection of Social Media Accounts - DET0870
Internal MISP references
UUID 172b779a-9d14-4c5f-ba4c-3e784b4ae1b6 which can be used as unique global reference for Detection of Social Media Accounts - DET0870 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0870 |
Related clusters
To see the related clusters, click here.
Detection of Internet Connection Discovery - DET0708
Internal MISP references
UUID 2627c9c4-0241-41b7-b494-657cc58d4611 which can be used as unique global reference for Detection of Internet Connection Discovery - DET0708 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0708 |
Related clusters
To see the related clusters, click here.
Detection of Purchase Technical Data - DET0880
Internal MISP references
UUID 4d41c48b-ef2a-49a1-baaa-039625612c20 which can be used as unique global reference for Detection of Purchase Technical Data - DET0880 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0880 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hide Infrastructure - DET0411
Internal MISP references
UUID ba2efedb-2670-4072-b56f-8f12daa31923 which can be used as unique global reference for Detection Strategy for Hide Infrastructure - DET0411 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0411 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Embedded Payloads - DET0214
Internal MISP references
UUID 99294309-83fd-46f3-9925-7443c03e5b79 which can be used as unique global reference for Detection Strategy for Embedded Payloads - DET0214 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0214 |
Related clusters
To see the related clusters, click here.
Detection of Stored Application Data - DET0621
Internal MISP references
UUID d87dc800-38cb-4d82-b76e-3c501dbd9c0a which can be used as unique global reference for Detection of Stored Application Data - DET0621 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0621 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Hidden Windows - DET0128
Internal MISP references
UUID 1167a6c8-d735-4d5d-81f5-d81c6eafe239 which can be used as unique global reference for Detection Strategy for Hidden Windows - DET0128 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0128 |
Related clusters
To see the related clusters, click here.
Domain Account Enumeration Across Platforms - DET0129
Internal MISP references
UUID 50569af3-7910-4591-977e-cbf4caa12cfd which can be used as unique global reference for Domain Account Enumeration Across Platforms - DET0129 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0129 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Email Spoofing - DET0431
Internal MISP references
UUID 6dec9c28-6dcb-4470-ad69-6cdb520adb53 which can be used as unique global reference for Detection Strategy for Email Spoofing - DET0431 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0431 |
Related clusters
To see the related clusters, click here.
Detection of Proxy Through Victim - DET0631
Internal MISP references
UUID 973a4da0-af9c-4d57-ab62-21fbc308f8b3 which can be used as unique global reference for Detection of Proxy Through Victim - DET0631 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0631 |
Related clusters
To see the related clusters, click here.
Detection of Suppress Application Icon - DET0714
Internal MISP references
UUID 611b9135-583e-47f8-b617-e9d52ae2d2c5 which can be used as unique global reference for Detection of Suppress Application Icon - DET0714 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0714 |
Related clusters
To see the related clusters, click here.
Detection of Social Media Accounts - DET0851
Internal MISP references
UUID 5ff1a219-e2d2-4e4b-bb32-346fcaffa52b which can be used as unique global reference for Detection of Social Media Accounts - DET0851 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0851 |
Related clusters
To see the related clusters, click here.
Detection of Dead Drop Resolver - DET0617
Internal MISP references
UUID 83a0e3a2-5828-4707-84f5-eec67cf6b50e which can be used as unique global reference for Detection of Dead Drop Resolver - DET0617 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0617 |
Related clusters
To see the related clusters, click here.
Detection of Protected User Data - DET0681
Internal MISP references
UUID 48e300f8-190e-46fa-a56d-8701f7a152d3 which can be used as unique global reference for Detection of Protected User Data - DET0681 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0681 |
Related clusters
To see the related clusters, click here.
Detection of Threat Intel Vendors - DET0816
Internal MISP references
UUID deb0a989-7d09-4403-b1a1-8658e36a0f9a which can be used as unique global reference for Detection of Threat Intel Vendors - DET0816 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0816 |
Related clusters
To see the related clusters, click here.
Detection of Scanning IP Blocks - DET0817
Internal MISP references
UUID ca916010-7f72-4132-ad7c-44967d479dcc which can be used as unique global reference for Detection of Scanning IP Blocks - DET0817 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0817 |
Related clusters
To see the related clusters, click here.
Detection of Ingress Tool Transfer - DET0718
Internal MISP references
UUID 5aa9f16e-253d-4ca6-b5e2-8311e5a76290 which can be used as unique global reference for Detection of Ingress Tool Transfer - DET0718 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0718 |
Related clusters
To see the related clusters, click here.
Detect disabled Windows event logging - DET0187
Internal MISP references
UUID cfedfc6c-6e31-481b-be1e-e23a760fec44 which can be used as unique global reference for Detect disabled Windows event logging - DET0187 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0187 |
Related clusters
To see the related clusters, click here.
Detection of Ptrace System Calls - DET0622
Internal MISP references
UUID 63b2446e-fa01-4440-bcd6-0f8505d630a6 which can be used as unique global reference for Detection of Ptrace System Calls - DET0622 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0622 |
Related clusters
To see the related clusters, click here.
Detection of Search Closed Sources - DET0822
Internal MISP references
UUID 3f4c871c-9ddb-41da-accd-ff5bcbfe37d4 which can be used as unique global reference for Detection of Search Closed Sources - DET0822 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0822 |
Related clusters
To see the related clusters, click here.
Detection of Phishing for Information - DET0823
Internal MISP references
UUID 29fad4dd-d6d7-4a99-8ae8-060e6d0544ec which can be used as unique global reference for Detection of Phishing for Information - DET0823 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0823 |
Related clusters
To see the related clusters, click here.
Detection of Remote Access Software - DET0624
Internal MISP references
UUID c2155dfa-140f-4da9-bfe8-61481a9693c0 which can be used as unique global reference for Detection of Remote Access Software - DET0624 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0624 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Log Enumeration - DET0255
Internal MISP references
UUID 170a958d-79a6-433a-8ab0-c8d654e2ca86 which can be used as unique global reference for Detection Strategy for Log Enumeration - DET0255 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0255 |
Related clusters
To see the related clusters, click here.
Detection of Impersonate SS7 Nodes - DET0662
Internal MISP references
UUID a7e4704b-4286-4928-88df-d0c151432495 which can be used as unique global reference for Detection of Impersonate SS7 Nodes - DET0662 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0662 |
Related clusters
To see the related clusters, click here.
Detection of Supply Chain Compromise - DET0628
Internal MISP references
UUID 8d518627-1df4-4bf8-b1fb-0828fb9f6d31 which can be used as unique global reference for Detection of Supply Chain Compromise - DET0628 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0628 |
Related clusters
To see the related clusters, click here.
Detection of Network Trust Dependencies - DET0828
Internal MISP references
UUID d50064d2-b166-4da7-9f9b-b56b7cf16e0a which can be used as unique global reference for Detection of Network Trust Dependencies - DET0828 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0828 |
Related clusters
To see the related clusters, click here.
Detection of Code Signing Certificates - DET0833
Internal MISP references
UUID c8a4587f-6fa1-4a94-844b-ee731f1c33be which can be used as unique global reference for Detection of Code Signing Certificates - DET0833 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0833 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Content Injection - DET0349
Internal MISP references
UUID 7a084a47-c4ea-4996-8d23-ffe0b19206fb which can be used as unique global reference for Detection Strategy for Content Injection - DET0349 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0349 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Email Bombing - DET0355
Internal MISP references
UUID 9a66295a-9f47-47a8-bda4-935cd311186a which can be used as unique global reference for Detection Strategy for Email Bombing - DET0355 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0355 |
Related clusters
To see the related clusters, click here.
macOS AuthorizationExecuteWithPrivileges Elevation Prompt Detection - DET0395
Internal MISP references
UUID 2dd0f2ef-2c31-4b11-a507-91067bb61787 which can be used as unique global reference for macOS AuthorizationExecuteWithPrivileges Elevation Prompt Detection - DET0395 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0395 |
Related clusters
To see the related clusters, click here.
Detection of Transmitted Data Manipulation - DET0683
Internal MISP references
UUID 4041b489-71a4-4995-9419-04bd75628f89 which can be used as unique global reference for Detection of Transmitted Data Manipulation - DET0683 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0683 |
Related clusters
To see the related clusters, click here.
Detection of Virtual Private Server - DET0838
Internal MISP references
UUID 6e53a352-9654-41fe-bf43-50e6b23a4ac1 which can be used as unique global reference for Detection of Virtual Private Server - DET0838 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0838 |
Related clusters
To see the related clusters, click here.
Detection of Virtual Private Server - DET0854
Internal MISP references
UUID cfcbb930-2395-4f7a-b95c-6b2736679c81 which can be used as unique global reference for Detection of Virtual Private Server - DET0854 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0854 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Financial Theft - DET0495
Internal MISP references
UUID e767f434-dda3-41fe-a9ea-e7aaae251e61 which can be used as unique global reference for Detection Strategy for Financial Theft - DET0495 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0495 |
Related clusters
To see the related clusters, click here.
Detection of Event Triggered Execution - DET0647
Internal MISP references
UUID ffbbeee2-1138-4743-905d-e2d605d00ecb which can be used as unique global reference for Detection of Event Triggered Execution - DET0647 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0647 |
Related clusters
To see the related clusters, click here.
Detection of Compromise Application Executable - DET0649
Internal MISP references
UUID 113d83d6-e0a2-44af-955d-288bd4ef21c4 which can be used as unique global reference for Detection of Compromise Application Executable - DET0649 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0649 |
Related clusters
To see the related clusters, click here.
Detection of Hijack Execution Flow - DET0694
Internal MISP references
UUID b5259538-b169-47fd-a57c-521ad3f3a858 which can be used as unique global reference for Detection of Hijack Execution Flow - DET0694 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0694 |
Related clusters
To see the related clusters, click here.
Detection of Identify Business Tempo - DET0849
Internal MISP references
UUID f5ac003f-2fdc-4ac5-9f2b-3fb2ab00fe95 which can be used as unique global reference for Detection of Identify Business Tempo - DET0849 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0849 |
Related clusters
To see the related clusters, click here.
Detection of Subvert Trust Controls - DET0657
Internal MISP references
UUID 668d7e7b-dc4e-4f51-93b4-ef87cb15d507 which can be used as unique global reference for Detection of Subvert Trust Controls - DET0657 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0657 |
Related clusters
To see the related clusters, click here.
Detection of Application Layer Protocol - DET0685
Internal MISP references
UUID a6da6dc3-19fe-4d1c-ab77-843c08377a19 which can be used as unique global reference for Detection of Application Layer Protocol - DET0685 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0685 |
Related clusters
To see the related clusters, click here.
Detection of SIM Card Swap - DET0658
Internal MISP references
UUID 59e56dc2-725e-4f55-ab2c-154dbe42bc4d which can be used as unique global reference for Detection of SIM Card Swap - DET0658 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0658 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Input Injection - DET0568
Internal MISP references
UUID f54b8799-acfd-4df4-a2c4-e83071750bde which can be used as unique global reference for Detection Strategy for Input Injection - DET0568 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0568 |
Related clusters
To see the related clusters, click here.
Detection of Conceal Multimedia Files - DET0659
Internal MISP references
UUID 99db5782-6282-4626-901d-b57f8bb8a1f1 which can be used as unique global reference for Detection of Conceal Multimedia Files - DET0659 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0659 |
Related clusters
To see the related clusters, click here.
Detection of Code Signing Certificates - DET0875
Internal MISP references
UUID 1e8c8a62-9546-4323-a561-83e9fad94fa0 which can be used as unique global reference for Detection of Code Signing Certificates - DET0875 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0875 |
Related clusters
To see the related clusters, click here.
Detection of Prevent Application Removal - DET0598
Internal MISP references
UUID 7a9d4531-4ff8-4228-8abd-29da8bd2942f which can be used as unique global reference for Detection of Prevent Application Removal - DET0598 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0598 |
Related clusters
To see the related clusters, click here.
Detection of GUI Input Capture - DET0676
Internal MISP references
UUID 4809a26b-8527-49dc-81aa-ac2750fd3b75 which can be used as unique global reference for Detection of GUI Input Capture - DET0676 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0676 |
Related clusters
To see the related clusters, click here.
Detection of Domain Generation Algorithms - DET0669
Internal MISP references
UUID bd3d39c3-e5d5-4ce7-9e1b-1b9598352dc5 which can be used as unique global reference for Detection of Domain Generation Algorithms - DET0669 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0669 |
Related clusters
To see the related clusters, click here.
Detection of Network Service Scanning - DET0696
Internal MISP references
UUID 070d40c8-1aad-47e4-93d7-05e0362f437b which can be used as unique global reference for Detection of Network Service Scanning - DET0696 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0696 |
Related clusters
To see the related clusters, click here.
Detection of Abuse Accessibility Features - DET0697
Internal MISP references
UUID 0c7e55b4-57b2-4a0f-ba0e-f50eab1a95f0 which can be used as unique global reference for Detection of Abuse Accessibility Features - DET0697 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0697 |
Related clusters
To see the related clusters, click here.
Detection of Network Security Appliances - DET0889
Internal MISP references
UUID fb15f9a5-8561-4c67-b50b-f72039ff9a44 which can be used as unique global reference for Detection of Network Security Appliances - DET0889 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0889 |
Related clusters
To see the related clusters, click here.
Detect Kerberoasting Attempts (T1558.003) - DET0157
Internal MISP references
UUID f1fe6286-1f54-4dfc-b96a-31b10711e4b1 which can be used as unique global reference for Detect Kerberoasting Attempts (T1558.003) - DET0157 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0157 |
Related clusters
To see the related clusters, click here.
Detection of One-Way Communication - DET0610
Internal MISP references
UUID 3ec475a9-b33f-42b3-a1b1-755b5fa9389b which can be used as unique global reference for Detection of One-Way Communication - DET0610 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0610 |
Related clusters
To see the related clusters, click here.
Detection of Non-Standard Port - DET0706
Internal MISP references
UUID 7a921c8c-fdc6-4526-aba6-2632360b7f0f which can be used as unique global reference for Detection of Non-Standard Port - DET0706 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0706 |
Related clusters
To see the related clusters, click here.
Detection of Wi-Fi Discovery - DET0709
Internal MISP references
UUID f06f44c7-97ff-4f8d-8c72-650c98e0ebdc which can be used as unique global reference for Detection of Wi-Fi Discovery - DET0709 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0709 |
Related clusters
To see the related clusters, click here.
Detection of Drive-By Compromise - DET0614
Internal MISP references
UUID c6c7da3e-4366-473e-af4e-3cc67d8ea1fa which can be used as unique global reference for Detection of Drive-By Compromise - DET0614 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0614 |
Related clusters
To see the related clusters, click here.
Detection of Drive-by Target - DET0825
Internal MISP references
UUID 3e6efcf8-8308-4832-b247-ce08703c7ed9 which can be used as unique global reference for Detection of Drive-by Target - DET0825 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0825 |
Related clusters
To see the related clusters, click here.
Detection of Spoofed User-Agent - DET0898
Internal MISP references
UUID ad21a251-e824-4368-a04c-8a480ee653cc which can be used as unique global reference for Detection of Spoofed User-Agent - DET0898 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0898 |
Related clusters
To see the related clusters, click here.
Detection of Scheduled Task/Job - DET0707
Internal MISP references
UUID ea1efe01-98ef-4a49-a30d-72fde6750985 which can be used as unique global reference for Detection of Scheduled Task/Job - DET0707 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0707 |
Related clusters
To see the related clusters, click here.
Detection of Virtualization/Sandbox Evasion - DET0616
Internal MISP references
UUID a5f6a93c-a8f9-4660-a6bc-63761a9ee94b which can be used as unique global reference for Detection of Virtualization/Sandbox Evasion - DET0616 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0616 |
Related clusters
To see the related clusters, click here.
Detection of DNS/Passive DNS - DET0877
Internal MISP references
UUID e7b468e8-3b2c-43ea-aabb-e8ba993bd7ae which can be used as unique global reference for Detection of DNS/Passive DNS - DET0877 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0877 |
Related clusters
To see the related clusters, click here.
Detection of Software Discovery - DET0600
Internal MISP references
UUID 69ceab63-17ce-4e42-b247-055a180e6c2b which can be used as unique global reference for Detection of Software Discovery - DET0600 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0600 |
Related clusters
To see the related clusters, click here.
Detection of Bidirectional Communication - DET0700
Internal MISP references
UUID 1da26733-88c3-4cc8-8758-e2d65934f713 which can be used as unique global reference for Detection of Bidirectional Communication - DET0700 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0700 |
Related clusters
To see the related clusters, click here.
Abuse of Domain Accounts - DET0210
Internal MISP references
UUID ba7a75c6-fcf5-4f36-8908-1fe1c30f690f which can be used as unique global reference for Abuse of Domain Accounts - DET0210 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0210 |
Related clusters
To see the related clusters, click here.
Detection of Call Log - DET0602
Internal MISP references
UUID 0a21ca34-ffa0-4b6f-b88c-9ffdb6a7c38f which can be used as unique global reference for Detection of Call Log - DET0602 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0602 |
Related clusters
To see the related clusters, click here.
Detection of Web Protocols - DET0620
Internal MISP references
UUID 395c6e70-21f8-4613-bdec-96ecba03a5b4 which can be used as unique global reference for Detection of Web Protocols - DET0620 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0620 |
Related clusters
To see the related clusters, click here.
Detection of Client Configurations - DET0820
Internal MISP references
UUID 87cb2c80-54e1-4ea1-abd7-81a096eb155e which can be used as unique global reference for Detection of Client Configurations - DET0820 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0820 |
Related clusters
To see the related clusters, click here.
Detection of Device Lockout - DET0603
Internal MISP references
UUID 3115adee-e3f8-498a-9bb2-47983e404ce8 which can be used as unique global reference for Detection of Device Lockout - DET0603 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0603 |
Related clusters
To see the related clusters, click here.
Detection of Call Control - DET0703
Internal MISP references
UUID 0abd72c9-7d7f-4e8a-99d7-5ac2f791eb9d which can be used as unique global reference for Detection of Call Control - DET0703 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0703 |
Related clusters
To see the related clusters, click here.
Detection of Active Scanning - DET0830
Internal MISP references
UUID 7bbdcd3b-241e-4ec8-ab43-6bd2c34ae77d which can be used as unique global reference for Detection of Active Scanning - DET0830 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0830 |
Related clusters
To see the related clusters, click here.
Detection of Hide Artifacts - DET0640
Internal MISP references
UUID 11b4d80e-e15b-45b5-81c8-5ebbcdd814f1 which can be used as unique global reference for Detection of Hide Artifacts - DET0640 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0640 |
Related clusters
To see the related clusters, click here.
Detection of Symmetric Cryptography - DET0650
Internal MISP references
UUID 0c01c90a-c8a9-40ee-b143-1e5b00f11e1f which can be used as unique global reference for Detection of Symmetric Cryptography - DET0650 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0650 |
Related clusters
To see the related clusters, click here.
Detection of Input Capture - DET0705
Internal MISP references
UUID 19522fac-bfd0-4e94-9d75-a61eacbef7c3 which can be used as unique global reference for Detection of Input Capture - DET0705 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0705 |
Related clusters
To see the related clusters, click here.
Detection of Obtain Capabilities - DET0850
Internal MISP references
UUID 4e940cf7-b024-40d4-8b1f-f516588b08fa which can be used as unique global reference for Detection of Obtain Capabilities - DET0850 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0850 |
Related clusters
To see the related clusters, click here.
Detection of Code Repositories - DET0805
Internal MISP references
UUID 9f2af07f-ef27-4737-b262-a8862faebffa which can be used as unique global reference for Detection of Code Repositories - DET0805 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0805 |
Related clusters
To see the related clusters, click here.
Detection of Data Manipulation - DET0660
Internal MISP references
UUID 6c1d15de-c055-4514-ac16-9cdd8e9b2764 which can be used as unique global reference for Detection of Data Manipulation - DET0660 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0660 |
Related clusters
To see the related clusters, click here.
Detection of Virtualization Solution - DET0606
Internal MISP references
UUID 24ad5d49-a170-4e03-a194-3cc68ee81e1e which can be used as unique global reference for Detection of Virtualization Solution - DET0606 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0606 |
Related clusters
To see the related clusters, click here.
Detection of Unix Shell - DET0607
Internal MISP references
UUID 34fc0ca7-338c-4eb4-b4ac-618f56378dd5 which can be used as unique global reference for Detection of Unix Shell - DET0607 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0607 |
Related clusters
To see the related clusters, click here.
Detection of Identify Roles - DET0807
Internal MISP references
UUID 5b64c4fd-981e-4f34-97a4-9cd22d6f40e4 which can be used as unique global reference for Detection of Identify Roles - DET0807 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0807 |
Related clusters
To see the related clusters, click here.
Detection of Access Notifications - DET0611
Internal MISP references
UUID 84e15e6c-ddc1-40a0-8e46-ba5605b6345b which can be used as unique global reference for Detection of Access Notifications - DET0611 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0611 |
Related clusters
To see the related clusters, click here.
Detection of Broadcast Receivers - DET0711
Internal MISP references
UUID 9c2fc530-8c91-458d-bb4e-6ec921ee2b85 which can be used as unique global reference for Detection of Broadcast Receivers - DET0711 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0711 |
Related clusters
To see the related clusters, click here.
Detection of Search Engines - DET0811
Internal MISP references
UUID cf1329da-a87c-42bb-8950-58fcf36b9b9b which can be used as unique global reference for Detection of Search Engines - DET0811 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0811 |
Related clusters
To see the related clusters, click here.
Detection of Input Injection - DET0612
Internal MISP references
UUID 12a7802a-b0c2-4823-b03d-e59b2c4bc4de which can be used as unique global reference for Detection of Input Injection - DET0612 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0612 |
Related clusters
To see the related clusters, click here.
Detection of Social Media - DET0812
Internal MISP references
UUID d16b47ab-e157-4538-8264-3fa9870a0e02 which can be used as unique global reference for Detection of Social Media - DET0812 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0812 |
Related clusters
To see the related clusters, click here.
Detection of Spearphishing Service - DET0821
Internal MISP references
UUID 16e7016e-ce95-4eca-b340-ff158949d11d which can be used as unique global reference for Detection of Spearphishing Service - DET0821 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0821 |
Related clusters
To see the related clusters, click here.
Detection of Dynamic Resolution - DET0613
Internal MISP references
UUID 1147c50d-907a-4c0d-8375-e23cadeae5f9 which can be used as unique global reference for Detection of Dynamic Resolution - DET0613 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0613 |
Related clusters
To see the related clusters, click here.
Detection of Digital Certificates - DET0831
Internal MISP references
UUID 15afa7ae-955a-4c19-b48e-ad13b68d7a54 which can be used as unique global reference for Detection of Digital Certificates - DET0831 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0831 |
Related clusters
To see the related clusters, click here.
Detection of Encrypted Channel - DET0641
Internal MISP references
UUID 6e373a06-358b-4078-a8ab-1f5c1730ddf4 which can be used as unique global reference for Detection of Encrypted Channel - DET0641 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0641 |
Related clusters
To see the related clusters, click here.
Detection of Email Addresses - DET0814
Internal MISP references
UUID 33040f26-43e3-4c1d-8557-02f306bb028f which can be used as unique global reference for Detection of Email Addresses - DET0814 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0814 |
Related clusters
To see the related clusters, click here.
Detection of IP Addresses - DET0815
Internal MISP references
UUID 55ddc6ba-a04a-4e68-bb34-741d38d2c33d which can be used as unique global reference for Detection of IP Addresses - DET0815 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0815 |
Related clusters
To see the related clusters, click here.
Detection of Data Destruction - DET0671
Internal MISP references
UUID f181f7e1-f70c-4ab3-b8c5-5c0a08ea98d1 which can be used as unique global reference for Detection of Data Destruction - DET0671 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0671 |
Related clusters
To see the related clusters, click here.
Detection of Linked Devices - DET0716
Internal MISP references
UUID effced27-7981-400b-9f22-e3c28144258f which can be used as unique global reference for Detection of Linked Devices - DET0716 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0716 |
Related clusters
To see the related clusters, click here.
Detection of Email Accounts - DET0861
Internal MISP references
UUID d50c5f8f-0091-4675-8264-abcb4247de26 which can be used as unique global reference for Detection of Email Accounts - DET0861 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0861 |
Related clusters
To see the related clusters, click here.
Detection of Native API - DET0717
Internal MISP references
UUID 10403bf9-7ba1-427a-9320-b4069d2c2eff which can be used as unique global reference for Detection of Native API - DET0717 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0717 |
Related clusters
To see the related clusters, click here.
Detection of SEO Poisoning - DET0881
Internal MISP references
UUID 3d06c5c3-ace1-4eff-98cd-2ddc95474f66 which can be used as unique global reference for Detection of SEO Poisoning - DET0881 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0881 |
Related clusters
To see the related clusters, click here.
Detection of DNS Server - DET0891
Internal MISP references
UUID 6a5e5149-9118-44e1-8933-0d2a8839df3a which can be used as unique global reference for Detection of DNS Server - DET0891 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0891 |
Related clusters
To see the related clusters, click here.
Detection of Network Topology - DET0819
Internal MISP references
UUID 1238c5f2-07ef-4a31-bc3a-e0cc0eb12516 which can be used as unique global reference for Detection of Network Topology - DET0819 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0819 |
Related clusters
To see the related clusters, click here.
Detection of Process Injection - DET0632
Internal MISP references
UUID b76b67bc-d38b-4b63-a0d0-ebfc7f829db6 which can be used as unique global reference for Detection of Process Injection - DET0632 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0632 |
Related clusters
To see the related clusters, click here.
Detection of Artificial Intelligence - DET0842
Internal MISP references
UUID d6c1064c-9ea9-4067-835e-7c0627024b0c which can be used as unique global reference for Detection of Artificial Intelligence - DET0842 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0842 |
Related clusters
To see the related clusters, click here.
Detection of Upload Malware - DET0824
Internal MISP references
UUID faa650c9-a469-45f1-870a-6acc448df9eb which can be used as unique global reference for Detection of Upload Malware - DET0824 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0824 |
Related clusters
To see the related clusters, click here.
Detection of Application Versioning - DET0652
Internal MISP references
UUID debfadd8-1df0-43b1-ae16-5f893dfc8bf3 which can be used as unique global reference for Detection of Application Versioning - DET0652 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0652 |
Related clusters
To see the related clusters, click here.
Detection of System Checks - DET0625
Internal MISP references
UUID 0bd280ab-7977-4ef9-b577-6c6a6014b179 which can be used as unique global reference for Detection of System Checks - DET0625 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0625 |
Related clusters
To see the related clusters, click here.
Detection of URI Hijacking - DET0626
Internal MISP references
UUID 0ec6ab45-a114-4ded-ba5e-a16982ccd64b which can be used as unique global reference for Detection of URI Hijacking - DET0626 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0626 |
Related clusters
To see the related clusters, click here.
Resource Hijacking Detection Strategy - DET0267
Internal MISP references
UUID 440ddaf2-4e80-4699-90d7-0bdccdfeece6 which can be used as unique global reference for Resource Hijacking Detection Strategy - DET0267 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0267 |
Related clusters
To see the related clusters, click here.
Detection of Web Service - DET0672
Internal MISP references
UUID 69f0f372-4bb1-4c0e-b81a-d425b2f6f31f which can be used as unique global reference for Detection of Web Service - DET0672 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0672 |
Related clusters
To see the related clusters, click here.
Detection of DNS Server - DET0862
Internal MISP references
UUID a1757dd9-9abb-4fd1-a06d-6cbfd80d77e9 which can be used as unique global reference for Detection of DNS Server - DET0862 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0862 |
Related clusters
To see the related clusters, click here.
Detection Strategy for Impersonation - DET0286
Internal MISP references
UUID 1e08be7e-451c-4b10-9e65-b6dbf8d54b38 which can be used as unique global reference for Detection Strategy for Impersonation - DET0286 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0286 |
Related clusters
To see the related clusters, click here.
Detection of Process Discovery - DET0692
Internal MISP references
UUID 0e600ee5-de14-46f8-ada2-c0aee4ce969e which can be used as unique global reference for Detection of Process Discovery - DET0692 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0692 |
Related clusters
To see the related clusters, click here.
Detection of Web Services - DET0882
Internal MISP references
UUID f33df6a5-7f05-415c-9971-18918c8ed4fa which can be used as unique global reference for Detection of Web Services - DET0882 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0882 |
Related clusters
To see the related clusters, click here.
Detection of Clipboard Data - DET0643
Internal MISP references
UUID 7b0e17a4-df7c-4f4b-8b15-e8aac2236fc6 which can be used as unique global reference for Detection of Clipboard Data - DET0643 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0643 |
Related clusters
To see the related clusters, click here.
Detection of Upload Tool - DET0834
Internal MISP references
UUID 80d1271b-a18a-469a-a60a-81d8f468b0e6 which can be used as unique global reference for Detection of Upload Tool - DET0834 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0834 |
Related clusters
To see the related clusters, click here.
Detection of Execution Guardrails - DET0653
Internal MISP references
UUID 80e1ef21-9454-4000-ae75-d7a5ae8e703b which can be used as unique global reference for Detection of Execution Guardrails - DET0653 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0653 |
Related clusters
To see the related clusters, click here.
Detection of Email Accounts - DET0835
Internal MISP references
UUID 4c5608c3-b5ca-4c8e-932e-ad6c55683cd1 which can be used as unique global reference for Detection of Email Accounts - DET0835 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0835 |
Related clusters
To see the related clusters, click here.
Detection of Develop Capabilities - DET0853
Internal MISP references
UUID 7ad9b54d-cd23-4ec3-a5b2-db5e58e82a02 which can be used as unique global reference for Detection of Develop Capabilities - DET0853 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0853 |
Related clusters
To see the related clusters, click here.
Detection of Audio Capture - DET0673
Internal MISP references
UUID 3e6673dc-e2c7-440e-b632-d25e3e9f92cc which can be used as unique global reference for Detection of Audio Capture - DET0673 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0673 |
Related clusters
To see the related clusters, click here.
Detection of Foreground Persistence - DET0637
Internal MISP references
UUID c048a994-166a-42d0-a2d3-63e3cbc09117 which can be used as unique global reference for Detection of Foreground Persistence - DET0637 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0637 |
Related clusters
To see the related clusters, click here.
Detection of File Deletion - DET0638
Internal MISP references
UUID 5848450c-38a7-421d-910c-9a10870f4ea3 which can be used as unique global reference for Detection of File Deletion - DET0638 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0638 |
Related clusters
To see the related clusters, click here.
Detection of Establish Accounts - DET0873
Internal MISP references
UUID 095e0e71-498f-4403-a69f-5a6e4ff50503 which can be used as unique global reference for Detection of Establish Accounts - DET0873 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0873 |
Related clusters
To see the related clusters, click here.
Automated Exfiltration Detection Strategy - DET0397
Internal MISP references
UUID da5ff985-fd0d-438f-8498-c8dc195f741a which can be used as unique global reference for Automated Exfiltration Detection Strategy - DET0397 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0397 |
Related clusters
To see the related clusters, click here.
Detection of Stage Capabilities - DET0839
Internal MISP references
UUID 5a1ada5b-5729-45d5-8b3d-f6fa7d2a3352 which can be used as unique global reference for Detection of Stage Capabilities - DET0839 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0839 |
Related clusters
To see the related clusters, click here.
Detection of Link Target - DET0893
Internal MISP references
UUID 020447ec-f030-4b95-a187-255177b69d9f which can be used as unique global reference for Detection of Link Target - DET0893 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0893 |
Related clusters
To see the related clusters, click here.
Detection of Software Packing - DET0644
Internal MISP references
UUID 34d06ebf-867e-4cd2-8e44-c849fcaab072 which can be used as unique global reference for Detection of Software Packing - DET0644 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0644 |
Related clusters
To see the related clusters, click here.
Detection of Digital Certificates - DET0844
Internal MISP references
UUID 2e8be762-9987-4f19-997d-2f7c7540b8e1 which can be used as unique global reference for Detection of Digital Certificates - DET0844 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0844 |
Related clusters
To see the related clusters, click here.
Detection of Lockscreen Bypass - DET0645
Internal MISP references
UUID 338779e6-0413-43e3-bfc8-71064a27ebeb which can be used as unique global reference for Detection of Lockscreen Bypass - DET0645 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0645 |
Related clusters
To see the related clusters, click here.
Detection of SSL Pinning - DET0646
Internal MISP references
UUID c1b65a72-9f74-4849-9797-1a9c655d9a04 which can be used as unique global reference for Detection of SSL Pinning - DET0646 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0646 |
Related clusters
To see the related clusters, click here.
Detection of Calendar Entries - DET0674
Internal MISP references
UUID 0cb492cd-7d01-46b2-b1f4-afddec10eaf2 which can be used as unique global reference for Detection of Calendar Entries - DET0674 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0674 |
Related clusters
To see the related clusters, click here.
Detection of Cloud Accounts - DET0846
Internal MISP references
UUID 1f7b4b6e-17ab-446f-ac4e-5a1e79569dd3 which can be used as unique global reference for Detection of Cloud Accounts - DET0846 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0846 |
Related clusters
To see the related clusters, click here.
Detection of Domain Properties - DET0847
Internal MISP references
UUID bcc3656b-82bf-44d7-a4e8-c5da5ce2e7ab which can be used as unique global reference for Detection of Domain Properties - DET0847 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0847 |
Related clusters
To see the related clusters, click here.
Detection of Acquire Access - DET0884
Internal MISP references
UUID 4b5df4bb-4903-4c66-9900-30bc046447be which can be used as unique global reference for Detection of Acquire Access - DET0884 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0884 |
Related clusters
To see the related clusters, click here.
Detection of Digital Certificates - DET0848
Internal MISP references
UUID 4cadb231-5487-4135-834b-d0db75a93a45 which can be used as unique global reference for Detection of Digital Certificates - DET0848 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0848 |
Related clusters
To see the related clusters, click here.
Detection of Business Relationships - DET0855
Internal MISP references
UUID 38ea871a-2cae-4274-85a6-c80588166cfb which can be used as unique global reference for Detection of Business Relationships - DET0855 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0855 |
Related clusters
To see the related clusters, click here.
Detection of Location Tracking - DET0675
Internal MISP references
UUID ac9d1b33-cfba-415e-aef2-c4c0b359ed5f which can be used as unique global reference for Detection of Location Tracking - DET0675 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0675 |
Related clusters
To see the related clusters, click here.
Detection of Spearphishing Attachment - DET0865
Internal MISP references
UUID e62ddd99-6357-4388-b3df-d7d7b6984630 which can be used as unique global reference for Detection of Spearphishing Attachment - DET0865 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0865 |
Related clusters
To see the related clusters, click here.
Detection of Video Capture - DET0695
Internal MISP references
UUID cb6a0874-0cb3-4d44-a77e-e93d4a26d50b which can be used as unique global reference for Detection of Video Capture - DET0695 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0695 |
Related clusters
To see the related clusters, click here.
Detection of Employee Names - DET0857
Internal MISP references
UUID 3268135a-a73f-4594-95e6-6ea8813a39d3 which can be used as unique global reference for Detection of Employee Names - DET0857 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0857 |
Related clusters
To see the related clusters, click here.
Detection of Compromise Infrastructure - DET0885
Internal MISP references
UUID 7f3e2c35-7394-4cc6-baef-73a830930953 which can be used as unique global reference for Detection of Compromise Infrastructure - DET0885 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0885 |
Related clusters
To see the related clusters, click here.
Detection of Scan Databases - DET0858
Internal MISP references
UUID fa1f7635-b4a2-4a2b-87ae-50cb4dbee328 which can be used as unique global reference for Detection of Scan Databases - DET0858 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0858 |
Related clusters
To see the related clusters, click here.
Detection of Acquire Infrastructure - DET0895
Internal MISP references
UUID 56752265-8647-4ce2-bc6c-c38c2e14685c which can be used as unique global reference for Detection of Acquire Infrastructure - DET0895 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0895 |
Related clusters
To see the related clusters, click here.
Detection of Network Devices - DET0859
Internal MISP references
UUID 31fef61c-301b-4a3d-aced-06632e321926 which can be used as unique global reference for Detection of Network Devices - DET0859 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0859 |
Related clusters
To see the related clusters, click here.
Detection of SMS Control - DET0599
Internal MISP references
UUID 142329a9-ff29-4bc2-af36-7294afc5fee4 which can be used as unique global reference for Detection of SMS Control - DET0599 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0599 |
Related clusters
To see the related clusters, click here.
Detection of Asymmetric Cryptography - DET0667
Internal MISP references
UUID bce77859-548a-4ee7-8002-a05b182bb5ae which can be used as unique global reference for Detection of Asymmetric Cryptography - DET0667 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0667 |
Related clusters
To see the related clusters, click here.
Detection of Screen Capture - DET0668
Internal MISP references
UUID 37c50db7-2081-4e24-91d0-787e091ea75a which can be used as unique global reference for Detection of Screen Capture - DET0668 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0668 |
Related clusters
To see the related clusters, click here.
Detection of SMS Messages - DET0686
Internal MISP references
UUID aeb736c8-1c17-4fac-888e-122581ad6e0c which can be used as unique global reference for Detection of SMS Messages - DET0686 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0686 |
Related clusters
To see the related clusters, click here.
Detection of Compromise Accounts - DET0876
Internal MISP references
UUID a1d413d7-0a28-45ce-9e4d-d250b4b6a492 which can be used as unique global reference for Detection of Compromise Accounts - DET0876 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0876 |
Related clusters
To see the related clusters, click here.
Detection of Impair Defenses - DET0687
Internal MISP references
UUID 5560747b-ad67-478e-b3f2-14e55864e532 which can be used as unique global reference for Detection of Impair Defenses - DET0687 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0687 |
Related clusters
To see the related clusters, click here.
Detection of Vulnerability Scanning - DET0867
Internal MISP references
UUID 574d055c-4501-4f4d-9b28-1109ad07a087 which can be used as unique global reference for Detection of Vulnerability Scanning - DET0867 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0867 |
Related clusters
To see the related clusters, click here.
Detection of Contact List - DET0679
Internal MISP references
UUID 03c7f8c1-0239-44a2-89e2-4cd6b47940ac which can be used as unique global reference for Detection of Contact List - DET0679 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0679 |
Related clusters
To see the related clusters, click here.
Detection of Spearphishing Voice - DET0886
Internal MISP references
UUID ce26e75b-f8bf-45d5-b0fd-601e3d8fd800 which can be used as unique global reference for Detection of Spearphishing Voice - DET0886 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0886 |
Related clusters
To see the related clusters, click here.
Detection of Wordlist Scanning - DET0868
Internal MISP references
UUID 95d3b171-2fc3-4e58-a5c9-4d98c3691c88 which can be used as unique global reference for Detection of Wordlist Scanning - DET0868 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0868 |
Related clusters
To see the related clusters, click here.
Detection of Web Services - DET0896
Internal MISP references
UUID 71b2e30c-f793-42a8-85be-f782c908772c which can be used as unique global reference for Detection of Web Services - DET0896 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0896 |
Related clusters
To see the related clusters, click here.
Detection of User Evasion - DET0699
Internal MISP references
UUID 5d826975-65f1-4515-b8c1-15cecd3339ac which can be used as unique global reference for Detection of User Evasion - DET0699 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0699 |
Related clusters
To see the related clusters, click here.
Detection of Spearphishing Link - DET0878
Internal MISP references
UUID c9242c28-ee1a-45d2-800a-948252884a7c which can be used as unique global reference for Detection of Spearphishing Link - DET0878 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0878 |
Related clusters
To see the related clusters, click here.
Detection of Cloud Accounts - DET0879
Internal MISP references
UUID df374bac-bd69-4351-be3f-1bd863c429ad which can be used as unique global reference for Detection of Cloud Accounts - DET0879 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0879 |
Related clusters
To see the related clusters, click here.
Detection of Selective Exclusion - DET0897
Internal MISP references
UUID 7c1262bb-c0d1-4e0c-bab8-a232f7bed9d5 which can be used as unique global reference for Detection of Selective Exclusion - DET0897 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0897 |
Related clusters
To see the related clusters, click here.
Detection of Adversary-in-the-Middle - DET0623
Internal MISP references
UUID 7a96a921-48bc-4fcf-b6b8-86a96315d4ee which can be used as unique global reference for Detection of Adversary-in-the-Middle - DET0623 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0623 |
Related clusters
To see the related clusters, click here.
Detecting Downgrade Attacks - DET0350
Internal MISP references
UUID 63d80d1b-ca5b-427d-b603-cf65e6e245b9 which can be used as unique global reference for Detecting Downgrade Attacks - DET0350 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0350 |
Related clusters
To see the related clusters, click here.
Detection of Vulnerabilities - DET0808
Internal MISP references
UUID 80741edd-b775-4c33-91a2-4a0d1ee4f6bc which can be used as unique global reference for Detection of Vulnerabilities - DET0808 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0808 |
Related clusters
To see the related clusters, click here.
Detection of CDNs - DET0809
Internal MISP references
UUID eda2c394-d2de-4555-be9d-b4de826441ee which can be used as unique global reference for Detection of CDNs - DET0809 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0809 |
Related clusters
To see the related clusters, click here.
Detection of Credentials - DET0813
Internal MISP references
UUID 500c6151-e3d6-4c3e-8d46-6e58df27f497 which can be used as unique global reference for Detection of Credentials - DET0813 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0813 |
Related clusters
To see the related clusters, click here.
Detection of Masquerading - DET0715
Internal MISP references
UUID d314d955-a323-4e87-a8e5-317b0b8ed203 which can be used as unique global reference for Detection of Masquerading - DET0715 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0715 |
Related clusters
To see the related clusters, click here.
Detection of Keylogging - DET0661
Internal MISP references
UUID f15826e8-4aa6-497e-bf9f-16c3724bfe72 which can be used as unique global reference for Detection of Keylogging - DET0661 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0661 |
Related clusters
To see the related clusters, click here.
Detection of Server - DET0871
Internal MISP references
UUID c377533f-702a-4e82-a254-9855b9362c22 which can be used as unique global reference for Detection of Server - DET0871 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0871 |
Related clusters
To see the related clusters, click here.
Detection of Hooking - DET0719
Internal MISP references
UUID 2d8db41e-e12e-46ff-be11-2810b0a2acb5 which can be used as unique global reference for Detection of Hooking - DET0719 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0719 |
Related clusters
To see the related clusters, click here.
Detection of Firmware - DET0818
Internal MISP references
UUID 440ba398-6224-4273-b63c-d0efd0fe612a which can be used as unique global reference for Detection of Firmware - DET0818 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0818 |
Related clusters
To see the related clusters, click here.
Detection of WHOIS - DET0832
Internal MISP references
UUID 92955a28-74fb-4f60-834a-10dc93377140 which can be used as unique global reference for Detection of WHOIS - DET0832 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0832 |
Related clusters
To see the related clusters, click here.
Detection of Tool - DET0852
Internal MISP references
UUID cb821d3c-ede3-43a4-915b-f779b04318f6 which can be used as unique global reference for Detection of Tool - DET0852 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0852 |
Related clusters
To see the related clusters, click here.
Detection of Exploits - DET0827
Internal MISP references
UUID c328d67c-f6e3-491b-9e1c-92f651c15c98 which can be used as unique global reference for Detection of Exploits - DET0827 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0827 |
Related clusters
To see the related clusters, click here.
Detection of Malware - DET0872
Internal MISP references
UUID 04f78d17-4599-4ecd-9a8f-f221ab2759cc which can be used as unique global reference for Detection of Malware - DET0872 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0872 |
Related clusters
To see the related clusters, click here.
Detection of Domains - DET0892
Internal MISP references
UUID 354dfdf4-9da9-45b5-909c-13f5702fc263 which can be used as unique global reference for Detection of Domains - DET0892 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0892 |
Related clusters
To see the related clusters, click here.
Detection of Serverless - DET0829
Internal MISP references
UUID 9695c6af-f3cc-40fa-b3a1-351014c6282f which can be used as unique global reference for Detection of Serverless - DET0829 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0829 |
Related clusters
To see the related clusters, click here.
Detection of DNS - DET0843
Internal MISP references
UUID 3058b630-ede1-4bbb-b8ce-985d802e1e8d which can be used as unique global reference for Detection of DNS - DET0843 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0843 |
Related clusters
To see the related clusters, click here.
Detection of Accounts - DET0635
Internal MISP references
UUID 98f14414-883e-4da3-930a-19a8faa1be41 which can be used as unique global reference for Detection of Accounts - DET0635 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0635 |
Related clusters
To see the related clusters, click here.
Detection of Domains - DET0863
Internal MISP references
UUID dce8edf3-894f-4857-8f85-04db84bcebd9 which can be used as unique global reference for Detection of Domains - DET0863 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0863 |
Related clusters
To see the related clusters, click here.
Detection of Malvertising - DET0836
Internal MISP references
UUID 40b862cb-89a4-4200-baa0-bb171ecc2ce2 which can be used as unique global reference for Detection of Malvertising - DET0836 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0836 |
Related clusters
To see the related clusters, click here.
Detection of Botnet - DET0837
Internal MISP references
UUID 0f7bb8ed-f114-48f6-b57f-d2047d11ca17 which can be used as unique global reference for Detection of Botnet - DET0837 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0837 |
Related clusters
To see the related clusters, click here.
Detection of Botnet - DET0883
Internal MISP references
UUID 02aecf08-08b1-4f08-9272-c1fc98b5f72e which can be used as unique global reference for Detection of Botnet - DET0883 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0883 |
Related clusters
To see the related clusters, click here.
Detection of Malware - DET0845
Internal MISP references
UUID 5c228796-349e-4d7e-a3ca-51a5f8cbf294 which can be used as unique global reference for Detection of Malware - DET0845 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0845 |
Related clusters
To see the related clusters, click here.
Detection of Keychain - DET0664
Internal MISP references
UUID b44bea1e-fc01-4c6b-b7c4-dcb0135de936 which can be used as unique global reference for Detection of Keychain - DET0664 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0664 |
Related clusters
To see the related clusters, click here.
Detection of Geofencing - DET0648
Internal MISP references
UUID 19bf9f62-3909-4d68-b287-bb9ccd826fe5 which can be used as unique global reference for Detection of Geofencing - DET0648 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0648 |
Related clusters
To see the related clusters, click here.
Detection of Phishing - DET0684
Internal MISP references
UUID 0546176b-5ea4-407d-acb7-382b55c7e883 which can be used as unique global reference for Detection of Phishing - DET0684 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0684 |
Related clusters
To see the related clusters, click here.
Detection of Serverless - DET0864
Internal MISP references
UUID 427d7e41-293a-4616-aec7-d5eea56431d0 which can be used as unique global reference for Detection of Serverless - DET0864 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0864 |
Related clusters
To see the related clusters, click here.
Detection of Server - DET0874
Internal MISP references
UUID 6bf8b26d-aa2d-4a8f-a1e4-c9cc4aef318d which can be used as unique global reference for Detection of Server - DET0874 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0874 |
Related clusters
To see the related clusters, click here.
Detection of Exploits - DET0894
Internal MISP references
UUID 4b8278b5-5749-4a2d-94b1-5129e43a7455 which can be used as unique global reference for Detection of Exploits - DET0894 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0894 |
Related clusters
To see the related clusters, click here.
Detection of Steganography - DET0677
Internal MISP references
UUID 545bde30-2b8c-47d3-bd34-fa188348b967 which can be used as unique global reference for Detection of Steganography - DET0677 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0677 |
Related clusters
To see the related clusters, click here.
Detection of Hardware - DET0887
Internal MISP references
UUID d6c882c8-0f01-4027-b988-b979d60e0030 which can be used as unique global reference for Detection of Hardware - DET0887 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0887 |
Related clusters
To see the related clusters, click here.
Detection of Software - DET0888
Internal MISP references
UUID 967d05e3-0d40-40d9-a94e-f32e17397404 which can be used as unique global reference for Detection of Software - DET0888 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| external_id | DET0888 |
Related clusters
To see the related clusters, click here.