Linux Capabilities Discovery (fe10751f-1995-40a5-aaa2-c97ccb4123fe)

Detects attempts to discover the files with setuid/setgid capability on them. That would allow adversary to escalate their privileges.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Linux Capabilities Discovery (fe10751f-1995-40a5-aaa2-c97ccb4123fe)	Sigma-Rules	Abuse Elevation Control Mechanism - T1548 (67720091-eee3-4d2d-ae16-8264567f6f5b)	Attack Pattern	1
Linux Capabilities Discovery (fe10751f-1995-40a5-aaa2-c97ccb4123fe)	Sigma-Rules	File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18)	Attack Pattern	1