Linux Capabilities Discovery (fe10751f-1995-40a5-aaa2-c97ccb4123fe)

Detects attempts to discover the files with setuid/setgid capability on them. That would allow adversary to escalate their privileges.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Linux Capabilities Discovery (fe10751f-1995-40a5-aaa2-c97ccb4123fe)	Sigma-Rules	Abuse Elevation Control Mechanism - T1548 (67720091-eee3-4d2d-ae16-8264567f6f5b)	Attack Pattern	1
Linux Capabilities Discovery (fe10751f-1995-40a5-aaa2-c97ccb4123fe)	Sigma-Rules	Audio Capture - T1123 (1035cdf2-3e5f-446f-a7a7-e8f6d7925967)	Attack Pattern	1