Skip to content

Hide Navigation Hide TOC

Exploit Framework User Agent (fdd1bfb5-f60b-4a35-910e-f36ed3d0b32f)

Detects suspicious user agent strings used by exploit / pentest frameworks like Metasploit in proxy logs

Cluster A Galaxy A Cluster B Galaxy B Level
Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) Attack Pattern Exploit Framework User Agent (fdd1bfb5-f60b-4a35-910e-f36ed3d0b32f) Sigma-Rules 1
Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) Attack Pattern Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6) Attack Pattern 2