Shell Invocation Via Ssh - Linux (8737b7f6-8df3-4bb7-b1da-06019b99b687)
Detects the use of the "ssh" utility to execute a shell. Such behavior may be associated with privilege escalation, unauthorized command execution, or to break out from restricted environments.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Shell Invocation Via Ssh - Linux (8737b7f6-8df3-4bb7-b1da-06019b99b687) | Sigma-Rules | Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) | Attack Pattern | 1 |