├── LICENSE ├── README.md ├── elemental ├── __pycache__ │ ├── atomics_imports.cpython-36.pyc │ ├── attack_imports.cpython-36.pyc │ ├── attackcti_exporter.cpython-36.pyc │ ├── import_abbrvs.cpython-36.pyc │ └── sigma_rule_imports.cpython-36.pyc ├── db.sqlite3 ├── elemental │ ├── __init__.py │ ├── __pycache__ │ │ ├── __init__.cpython-36.pyc │ │ ├── settings.cpython-36.pyc │ │ ├── urls.cpython-36.pyc │ │ └── wsgi.cpython-36.pyc │ ├── settings.py │ ├── urls.py │ └── wsgi.py ├── manage.py ├── matrix │ ├── __init__.py │ ├── __pycache__ │ │ ├── __init__.cpython-36.pyc │ │ ├── admin.cpython-36.pyc │ │ ├── forms.cpython-36.pyc │ │ ├── models.cpython-36.pyc │ │ ├── urls.cpython-36.pyc │ │ └── views.cpython-36.pyc │ ├── admin.py │ ├── apps.py │ ├── forms.py │ ├── migrations │ │ ├── 0001_initial.py │ │ ├── __init__.py │ │ └── __pycache__ │ │ │ ├── 0001_initial.cpython-36.pyc │ │ │ └── __init__.cpython-36.pyc │ ├── models.py │ ├── static │ │ └── matrix │ │ │ ├── elemental.png │ │ │ └── style.css │ ├── templates │ │ ├── base_generic.html │ │ ├── base_generic_elements.html │ │ ├── base_generic_no_header.html │ │ ├── elemental.png │ │ ├── index.html │ │ └── matrix │ │ │ ├── TacticTemplate.html │ │ │ ├── addSigma.html │ │ │ ├── addTechnique.html │ │ │ ├── addnote.html │ │ │ ├── atomic.html │ │ │ ├── noteForm.html │ │ │ ├── note_detail.html │ │ │ ├── note_form.html │ │ │ ├── tactic_detail.html │ │ │ ├── tactic_list.html │ │ │ └── technique.html │ ├── templatetags │ │ ├── __init__.py │ │ ├── __pycache__ │ │ │ ├── __init__.cpython-36.pyc │ │ │ └── short_name.cpython-36.pyc │ │ └── short_name.py │ ├── tests.py │ ├── urls.py │ └── views.py ├── media │ ├── atomics │ │ ├── T1002.md │ │ ├── T1002.yaml │ │ ├── T1003.md │ │ ├── T1003.yaml │ │ ├── T1004.md │ │ ├── T1004.yaml │ │ ├── T1005.md │ │ ├── T1005.yaml │ │ ├── T1007.md │ │ ├── T1007.yaml │ │ ├── T1009.md │ │ ├── T1009.yaml │ │ ├── T1010.md │ │ ├── T1010.yaml │ │ ├── T1012.md │ │ ├── T1012.yaml │ │ ├── T1014.md │ │ ├── T1014.yaml │ │ ├── T1015.md │ │ ├── T1015.yaml │ │ ├── T1016.md │ │ ├── T1016.yaml │ │ ├── T1018.md │ │ ├── T1018.yaml │ │ ├── T1022.md │ │ ├── T1022.yaml │ │ ├── T1023.md │ │ ├── T1023.yaml │ │ ├── T1027.md │ │ ├── T1027.yaml │ │ ├── T1028.md │ │ ├── T1028.yaml │ │ ├── T1030.md │ │ ├── T1030.yaml │ │ ├── T1031.md │ │ ├── T1031.yaml │ │ ├── T1033.md │ │ ├── T1033.yaml │ │ ├── T1035.md │ │ ├── T1035.yaml │ │ ├── T1036.md │ │ ├── T1036.yaml │ │ ├── T1037.md │ │ ├── T1037.yaml │ │ ├── T1038.md │ │ ├── T1038.yaml │ │ ├── T1040.md │ │ ├── T1040.yaml │ │ ├── T1042.md │ │ ├── T1042.yaml │ │ ├── T1044.md │ │ ├── T1044.yaml │ │ ├── T1046.md │ │ ├── T1046.yaml │ │ ├── T1047.md │ │ ├── T1047.yaml │ │ ├── T1048.md │ │ ├── T1048.yaml │ │ ├── T1049.md │ │ ├── T1049.yaml │ │ ├── T1050.md │ │ ├── T1050.yaml │ │ ├── T1053.md │ │ ├── T1053.yaml │ │ ├── T1055.md │ │ ├── T1055.yaml │ │ ├── T1056.md │ │ ├── T1056.yaml │ │ ├── T1057.md │ │ ├── T1057.yaml │ │ ├── T1058.md │ │ ├── T1058.yaml │ │ ├── T1059.md │ │ ├── T1059.yaml │ │ ├── T1060.md │ │ ├── T1060.yaml │ │ ├── T1062.md │ │ ├── T1062.yaml │ │ ├── T1063.md │ │ ├── T1063.yaml │ │ ├── T1064.md │ │ ├── T1064.yaml │ │ ├── T1065.md │ │ ├── T1065.yaml │ │ ├── T1069.md │ │ ├── T1069.yaml │ │ ├── T1070.md │ │ ├── T1070.yaml │ │ ├── T1071.md │ │ ├── T1071.yaml │ │ ├── T1073.md │ │ ├── T1073.yaml │ │ ├── T1074.md │ │ ├── T1074.yaml │ │ ├── T1075.md │ │ ├── T1075.yaml │ │ ├── T1076.md │ │ ├── T1076.yaml │ │ ├── T1077.md │ │ ├── T1077.yaml │ │ ├── T1081.md │ │ ├── T1081.yaml │ │ ├── T1082.md │ │ ├── T1082.yaml │ │ ├── T1083.md │ │ ├── T1083.yaml │ │ ├── T1084.md │ │ ├── T1084.yaml │ │ ├── T1085.md │ │ ├── T1085.yaml │ │ ├── T1086.md │ │ ├── T1086.yaml │ │ ├── T1087.md │ │ ├── T1087.yaml │ │ ├── T1088.md │ │ ├── T1088.yaml │ │ ├── T1089.md │ │ ├── T1089.yaml │ │ ├── T1090.md │ │ ├── T1090.yaml │ │ ├── T1096.md │ │ ├── T1096.yaml │ │ ├── T1097.md │ │ ├── T1097.yaml │ │ ├── T1098.md │ │ ├── T1098.yaml │ │ ├── T1099.md │ │ ├── T1099.yaml │ │ ├── T1100.md │ │ ├── T1100.yaml │ │ ├── T1101.md │ │ ├── T1101.yaml │ │ ├── T1102.md │ │ ├── T1102.yaml │ │ ├── T1103.md │ │ ├── T1103.yaml │ │ ├── T1105.md │ │ ├── T1105.yaml │ │ ├── T1107.md │ │ ├── T1107.yaml │ │ ├── T1110.md │ │ ├── T1110.yaml │ │ ├── T1112.md │ │ ├── T1112.yaml │ │ ├── T1113.md │ │ ├── T1113.yaml │ │ ├── T1114.md │ │ ├── T1114.yaml │ │ ├── T1115.md │ │ ├── T1115.yaml │ │ ├── T1117.md │ │ ├── T1117.yaml │ │ ├── T1118.md │ │ ├── T1118.yaml │ │ ├── T1119.md │ │ ├── T1119.yaml │ │ ├── T1121.md │ │ ├── T1121.yaml │ │ ├── T1122.md │ │ ├── T1122.yaml │ │ ├── T1123.md │ │ ├── T1123.yaml │ │ ├── T1124.md │ │ ├── T1124.yaml │ │ ├── T1126.md │ │ ├── T1126.yaml │ │ ├── T1127.md │ │ ├── T1127.yaml │ │ ├── T1128.md │ │ ├── T1128.yaml │ │ ├── T1130.md │ │ ├── T1130.yaml │ │ ├── T1132.md │ │ ├── T1132.yaml │ │ ├── T1134.md │ │ ├── T1134.yaml │ │ ├── T1135.md │ │ ├── T1135.yaml │ │ ├── T1136.md │ │ ├── T1136.yaml │ │ ├── T1137.md │ │ ├── T1137.yaml │ │ ├── T1138.md │ │ ├── T1138.yaml │ │ ├── T1139.md │ │ ├── T1139.yaml │ │ ├── T1140.md │ │ ├── T1140.yaml │ │ ├── T1141.md │ │ ├── T1141.yaml │ │ ├── T1142.md │ │ ├── T1142.yaml │ │ ├── T1143.md │ │ ├── T1143.yaml │ │ ├── T1144.md │ │ ├── T1144.yaml │ │ ├── T1145.md │ │ ├── T1145.yaml │ │ ├── T1146.md │ │ ├── T1146.yaml │ │ ├── T1147.md │ │ ├── T1147.yaml │ │ ├── T1148.md │ │ ├── T1148.yaml │ │ ├── T1150.md │ │ ├── T1150.yaml │ │ ├── T1151.md │ │ ├── T1151.yaml │ │ ├── T1152.md │ │ ├── T1152.yaml │ │ ├── T1153.md │ │ ├── T1153.yaml │ │ ├── T1154.md │ │ ├── T1154.yaml │ │ ├── T1155.md │ │ ├── T1155.yaml │ │ ├── T1156.md │ │ ├── T1156.yaml │ │ ├── T1158.md │ │ ├── T1158.yaml │ │ ├── T1159.md │ │ ├── T1159.yaml │ │ ├── T1160.md │ │ ├── T1160.yaml │ │ ├── T1163.md │ │ ├── T1163.yaml │ │ ├── T1164.md │ │ ├── T1164.yaml │ │ ├── T1165.md │ │ ├── T1165.yaml │ │ ├── T1166.md │ │ ├── T1166.yaml │ │ ├── T1168.md │ │ ├── T1168.yaml │ │ ├── T1169.md │ │ ├── T1169.yaml │ │ ├── T1170.md │ │ ├── T1170.yaml │ │ ├── T1173.md │ │ ├── T1173.yaml │ │ ├── T1174.md │ │ ├── T1174.yaml │ │ ├── T1176.md │ │ ├── T1176.yaml │ │ ├── T1179.md │ │ ├── T1179.yaml │ │ ├── T1180.md │ │ ├── T1180.yaml │ │ ├── T1183.md │ │ ├── T1183.yaml │ │ ├── T1191.md │ │ ├── T1191.yaml │ │ ├── T1193.md │ │ ├── T1193.yaml │ │ ├── T1196.md │ │ ├── T1196.yaml │ │ ├── T1197.md │ │ ├── T1197.yaml │ │ ├── T1201.md │ │ ├── T1201.yaml │ │ ├── T1202.md │ │ ├── T1202.yaml │ │ ├── T1206.md │ │ ├── T1206.yaml │ │ ├── T1207.md │ │ ├── T1207.yaml │ │ ├── T1208.md │ │ ├── T1208.yaml │ │ ├── T1214.md │ │ ├── T1214.yaml │ │ ├── T1215.md │ │ ├── T1215.yaml │ │ ├── T1216.md │ │ ├── T1216.yaml │ │ ├── T1217.md │ │ ├── T1217.yaml │ │ ├── T1218.md │ │ ├── T1218.yaml │ │ ├── T1220.md │ │ ├── T1220.yaml │ │ ├── T1222.md │ │ ├── T1222.yaml │ │ ├── T1223.md │ │ ├── T1223.yaml │ │ ├── T1482.md │ │ ├── T1482.yaml │ │ ├── T1485.md │ │ ├── T1485.yaml │ │ ├── T1489.md │ │ ├── T1489.yaml │ │ ├── T1490.md │ │ ├── T1490.yaml │ │ ├── T1496.md │ │ ├── T1496.yaml │ │ ├── T1500.md │ │ ├── T1500.yaml │ │ ├── T1501.md │ │ ├── T1501.yaml │ │ ├── T1504.md │ │ ├── T1504.yaml │ │ ├── T1505.md │ │ ├── T1505.yaml │ │ ├── T1518.md │ │ ├── T1518.yaml │ │ ├── T1529.md │ │ ├── T1529.yaml │ │ ├── T1531.md │ │ └── T1531.yaml │ ├── elemental.png │ └── sigma_rules │ │ ├── apt_apt29_thinktanks.yml │ │ ├── apt_apt29_tor.yml │ │ ├── apt_babyshark.yml │ │ ├── apt_bear_activity_gtr19.yml │ │ ├── apt_carbonpaper_turla.yml │ │ ├── apt_chafer_mar18.yml │ │ ├── apt_cloudhopper.yml │ │ ├── apt_empiremonkey.yml │ │ ├── apt_equationgroup_dll_u_load.yml │ │ ├── apt_equationgroup_lnx.yml │ │ ├── apt_hurricane_panda.yml │ │ ├── apt_judgement_panda_gtr19.yml │ │ ├── apt_oceanlotus_registry.yml │ │ ├── apt_pandemic.yml │ │ ├── apt_slingshot.yml │ │ ├── apt_sofacy.yml │ │ ├── apt_stonedrill.yml │ │ ├── apt_ta17_293a_ps.yml │ │ ├── apt_tropictrooper.yml │ │ ├── apt_turla_commands.yml │ │ ├── apt_turla_service_png.yml │ │ ├── apt_unidentified_nov_18.yml │ │ ├── apt_zxshell.yml │ │ ├── av_exploiting.yml │ │ ├── av_password_dumper.yml │ │ ├── av_webshell.yml │ │ ├── crime_fireball.yml │ │ ├── lnx_auditd_alter_bash_profile.yml │ │ ├── lnx_auditd_masquerading_crond.yml │ │ ├── lnx_auditd_user_discovery.yml │ │ ├── lnx_auditd_web_rce.yml │ │ ├── lnx_data_compressed.yml │ │ ├── lnx_network_sniffing.yml │ │ ├── lnx_shell_clear_cmd_history.yml │ │ ├── lnx_shell_priv_esc_prep.yml │ │ ├── lnx_sudo_cve_2019_14287.yml │ │ ├── net_dns_c2_detection.yml │ │ ├── net_susp_dns_txt_exec_strings.yml │ │ ├── powershell_data_compressed.yml │ │ ├── powershell_downgrade_attack.yml │ │ ├── powershell_exe_calling_ps.yml │ │ ├── powershell_malicious_commandlets.yml │ │ ├── powershell_malicious_keywords.yml │ │ ├── powershell_ntfs_ads_access.yml │ │ ├── powershell_prompt_credentials.yml │ │ ├── powershell_psattack.yml │ │ ├── powershell_shellcode_b64.yml │ │ ├── powershell_suspicious_download.yml │ │ ├── powershell_suspicious_invocation_generic.yml │ │ ├── powershell_suspicious_invocation_specific.yml │ │ ├── powershell_suspicious_keywords.yml │ │ ├── powershell_winlogon_helper_dll.yml │ │ ├── proxy_cobalt_amazon.yml │ │ ├── proxy_cobalt_ocsp.yml │ │ ├── proxy_cobalt_onedrive.yml │ │ ├── proxy_raw_paste_service_access.yml │ │ ├── sysmon_ads_executable.yml │ │ ├── sysmon_cactustorch.yml │ │ ├── sysmon_cmstp_execution.yml │ │ ├── sysmon_cobaltstrike_process_injection.yml │ │ ├── sysmon_dhcp_calloutdll.yml │ │ ├── sysmon_dns_serverlevelplugindll.yml │ │ ├── sysmon_ghostpack_safetykatz.yml │ │ ├── sysmon_logon_scripts_userinitmprlogonscript.yml │ │ ├── sysmon_lsass_memdump.yml │ │ ├── sysmon_mal_namedpipes.yml │ │ ├── sysmon_malware_backconnect_ports.yml │ │ ├── sysmon_malware_verclsid_shellcode.yml │ │ ├── sysmon_mimikatz_detection_lsass.yml │ │ ├── sysmon_mimikatz_inmemory_detection.yml │ │ ├── sysmon_mimikatz_trough_winrm.yml │ │ ├── sysmon_password_dumper_lsass.yml │ │ ├── sysmon_powershell_exploit_scripts.yml │ │ ├── sysmon_powershell_network_connection.yml │ │ ├── sysmon_quarkspw_filedump.yml │ │ ├── sysmon_rdp_reverse_tunnel.yml │ │ ├── sysmon_registry_persistence_key_linking.yml │ │ ├── sysmon_renamed_procdump.yml │ │ ├── sysmon_rundll32_net_connections.yml │ │ ├── sysmon_ssp_added_lsa_config.yml │ │ ├── sysmon_stickykey_like_backdoor.yml │ │ ├── sysmon_susp_download_run_key.yml │ │ ├── sysmon_susp_driver_load.yml │ │ ├── sysmon_susp_file_characteristics.yml │ │ ├── sysmon_susp_image_load.yml │ │ ├── sysmon_susp_lsass_dll_load.yml │ │ ├── sysmon_susp_powershell_rundll32.yml │ │ ├── sysmon_susp_rdp.yml │ │ ├── sysmon_susp_reg_persist_explorer_run.yml │ │ ├── sysmon_susp_run_key_img_folder.yml │ │ ├── sysmon_svchost_dll_search_order_hijack.yml │ │ ├── sysmon_uac_bypass_eventvwr.yml │ │ ├── sysmon_uac_bypass_sdclt.yml │ │ ├── sysmon_webshell_creation_detect.yml │ │ ├── sysmon_win_binary_github_com.yml │ │ ├── sysmon_win_binary_susp_com.yml │ │ ├── sysmon_win_reg_persistence.yml │ │ ├── sysmon_wmi_event_subscription.yml │ │ ├── sysmon_wmi_persistence_commandline_event_consumer.yml │ │ ├── sysmon_wmi_persistence_script_event_consumer_write.yml │ │ ├── sysmon_wmi_susp_scripting.yml │ │ ├── web_cve_2018_2894_weblogic_exploit.yml │ │ ├── win_GPO_scheduledtasks.yml │ │ ├── win_account_discovery.yml │ │ ├── win_admin_rdp_login.yml │ │ ├── win_admin_share_access.yml │ │ ├── win_alert_active_directory_user_control.yml │ │ ├── win_alert_ad_user_backdoors.yml │ │ ├── win_alert_enable_weak_encryption.yml │ │ ├── win_alert_lsass_access.yml │ │ ├── win_alert_mimikatz_keywords.yml │ │ ├── win_alert_ruler.yml │ │ ├── win_apt_bluemashroom.yml │ │ ├── win_atsvc_task.yml │ │ ├── win_attrib_hiding_files.yml │ │ ├── win_bypass_squiblytwo.yml │ │ ├── win_change_default_file_association.yml │ │ ├── win_cmdkey_recon.yml │ │ ├── win_cmstp_com_object_access.yml │ │ ├── win_control_panel_item.yml │ │ ├── win_data_compressed_with_rar.yml │ │ ├── win_dcsync.yml │ │ ├── win_disable_event_logging.yml │ │ ├── win_encoded_frombase64string.yml │ │ ├── win_encoded_iex.yml │ │ ├── win_etw_trace_evasion.yml │ │ ├── win_exploit_cve_2015_1641.yml │ │ ├── win_exploit_cve_2017_0261.yml │ │ ├── win_exploit_cve_2017_11882.yml │ │ ├── win_exploit_cve_2017_8759.yml │ │ ├── win_exploit_cve_2019_1378.yml │ │ ├── win_exploit_cve_2019_1388.yml │ │ ├── win_hack_rubeus.yml │ │ ├── win_hack_smbexec.yml │ │ ├── win_hwp_exploits.yml │ │ ├── win_impacket_lateralization.yml │ │ ├── win_impacket_secretdump.yml │ │ ├── win_install_reg_debugger_backdoor.yml │ │ ├── win_kernel_and_3rd_party_drivers_exploits_token_stealing.yml │ │ ├── win_lethalhta.yml │ │ ├── win_lm_namedpipe.yml │ │ ├── win_local_system_owner_account_discovery.yml │ │ ├── win_mal_adwind.yml │ │ ├── win_mal_creddumper.yml │ │ ├── win_mal_service_installs.yml │ │ ├── win_mal_ursnif.yml │ │ ├── win_mal_wceaux_dll.yml │ │ ├── win_malware_dridex.yml │ │ ├── win_malware_notpetya.yml │ │ ├── win_malware_script_dropper.yml │ │ ├── win_mavinject_proc_inj.yml │ │ ├── win_mmc_spawn_shell.yml │ │ ├── win_mshta_spawn_shell.yml │ │ ├── win_net_ntlm_downgrade.yml │ │ ├── win_netsh_fw_add.yml │ │ ├── win_netsh_packet_capture.yml │ │ ├── win_netsh_port_fwd.yml │ │ ├── win_netsh_port_fwd_3389.yml │ │ ├── win_network_sniffing.yml │ │ ├── win_office_shell.yml │ │ ├── win_office_spawn_exe_from_users_directory.yml │ │ ├── win_overpass_the_hash.yml │ │ ├── win_pass_the_hash.yml │ │ ├── win_pass_the_hash_2.yml │ │ ├── win_plugx_susp_exe_locations.yml │ │ ├── win_possible_applocker_bypass.yml │ │ ├── win_powershell_amsi_bypass.yml │ │ ├── win_powershell_b64_shellcode.yml │ │ ├── win_powershell_dll_execution.yml │ │ ├── win_powershell_download.yml │ │ ├── win_powershell_suspicious_parameter_variation.yml │ │ ├── win_powershell_xor_commandline.yml │ │ ├── win_powersploit_empire_schtasks.yml │ │ ├── win_proc_wrong_parent.yml │ │ ├── win_process_creation_bitsadmin_download.yml │ │ ├── win_psexesvc_start.yml │ │ ├── win_query_registry.yml │ │ ├── win_rare_schtask_creation.yml │ │ ├── win_rare_schtasks_creations.yml │ │ ├── win_rare_service_installs.yml │ │ ├── win_rdp_bluekeep_poc_scanner.yml │ │ ├── win_rdp_localhost_login.yml │ │ ├── win_rdp_potential_cve-2019-0708.yml │ │ ├── win_rdp_reverse_tunnel.yml │ │ ├── win_renamed_binary.yml │ │ ├── win_renamed_paexec.yml │ │ ├── win_sdbinst_shim_persistence.yml │ │ ├── win_service_execution.yml │ │ ├── win_shell_spawn_susp_program.yml │ │ ├── win_spn_enum.yml │ │ ├── win_susp_add_sid_history.yml │ │ ├── win_susp_backup_delete.yml │ │ ├── win_susp_bcdedit.yml │ │ ├── win_susp_bginfo.yml │ │ ├── win_susp_calc.yml │ │ ├── win_susp_cdb.yml │ │ ├── win_susp_certutil_command.yml │ │ ├── win_susp_cli_escape.yml │ │ ├── win_susp_cmd_http_appdata.yml │ │ ├── win_susp_codeintegrity_check_failure.yml │ │ ├── win_susp_commands_recon_activity.yml │ │ ├── win_susp_compression_params.yml │ │ ├── win_susp_comsvcs_procdump.yml │ │ ├── win_susp_control_dll_load.yml │ │ ├── win_susp_csc.yml │ │ ├── win_susp_csc_folder.yml │ │ ├── win_susp_devtoolslauncher.yml │ │ ├── win_susp_dhcp_config.yml │ │ ├── win_susp_dhcp_config_failed.yml │ │ ├── win_susp_dns_config.yml │ │ ├── win_susp_dnx.yml │ │ ├── win_susp_double_extension.yml │ │ ├── win_susp_dsrm_password_change.yml │ │ ├── win_susp_dxcap.yml │ │ ├── win_susp_eventlog_clear.yml │ │ ├── win_susp_eventlog_cleared.yml │ │ ├── win_susp_exec_folder.yml │ │ ├── win_susp_execution_path.yml │ │ ├── win_susp_execution_path_webserver.yml │ │ ├── win_susp_failed_logon_reasons.yml │ │ ├── win_susp_failed_logons_single_source.yml │ │ ├── win_susp_gup.yml │ │ ├── win_susp_interactive_logons.yml │ │ ├── win_susp_iss_module_install.yml │ │ ├── win_susp_kerberos_manipulation.yml │ │ ├── win_susp_lsass_dump.yml │ │ ├── win_susp_mshta_execution.yml │ │ ├── win_susp_msiexec_cwd.yml │ │ ├── win_susp_msmpeng_crash.yml │ │ ├── win_susp_msoffice.yml │ │ ├── win_susp_net_recon_activity.yml │ │ ├── win_susp_ntdsutil.yml │ │ ├── win_susp_ntlm_auth.yml │ │ ├── win_susp_odbcconf.yml │ │ ├── win_susp_openwith.yml │ │ ├── win_susp_outlook.yml │ │ ├── win_susp_outlook_temp.yml │ │ ├── win_susp_ping_hex_ip.yml │ │ ├── win_susp_powershell_empire_launch.yml │ │ ├── win_susp_powershell_empire_uac_bypass.yml │ │ ├── win_susp_powershell_enc_cmd.yml │ │ ├── win_susp_powershell_hidden_b64_cmd.yml │ │ ├── win_susp_powershell_parent_combo.yml │ │ ├── win_susp_procdump.yml │ │ ├── win_susp_prog_location_process_starts.yml │ │ ├── win_susp_ps_appdata.yml │ │ ├── win_susp_psexec.yml │ │ ├── win_susp_psr_capture_screenshots.yml │ │ ├── win_susp_rasdial_activity.yml │ │ ├── win_susp_rc4_kerberos.yml │ │ ├── win_susp_recon_activity.yml │ │ ├── win_susp_regsvr32_anomalies.yml │ │ ├── win_susp_rottenpotato.yml │ │ ├── win_susp_run_locations.yml │ │ ├── win_susp_rundll32_activity.yml │ │ ├── win_susp_rundll32_by_ordinal.yml │ │ ├── win_susp_sam_dump.yml │ │ ├── win_susp_samr_pwset.yml │ │ ├── win_susp_schtask_creation.yml │ │ ├── win_susp_script_execution.yml │ │ ├── win_susp_sdelete.yml │ │ ├── win_susp_security_eventlog_cleared.yml │ │ ├── win_susp_svchost.yml │ │ ├── win_susp_sysvol_access.yml │ │ ├── win_susp_taskmgr_localsystem.yml │ │ ├── win_susp_taskmgr_parent.yml │ │ ├── win_susp_time_modification.yml │ │ ├── win_susp_tscon_localsystem.yml │ │ ├── win_susp_tscon_rdp_redirect.yml │ │ ├── win_susp_vssadmin_ntds_activity.yml │ │ ├── win_susp_whoami.yml │ │ ├── win_susp_wmi_execution.yml │ │ ├── win_susp_wmi_login.yml │ │ ├── win_system_exe_anomaly.yml │ │ ├── win_tool_psexec.yml │ │ ├── win_usb_device_plugged.yml │ │ ├── win_user_added_to_local_administrators.yml │ │ ├── win_user_creation.yml │ │ ├── win_vul_java_remote_debugging.yml │ │ ├── win_webshell_detection.yml │ │ ├── win_webshell_spawn.yml │ │ ├── win_win10_sched_task_0day.yml │ │ ├── win_wmi_backdoor_exchange_transport_agent.yml │ │ ├── win_wmi_persistence.yml │ │ ├── win_wmi_persistence_script_event_consumer.yml │ │ ├── win_wmi_spwns_powershell.yml │ │ ├── win_workflow_compiler.yml │ │ └── win_xsl_script_processing.yml └── requirements.txt └── images ├── 97.png ├── Atomic.png ├── AtomicYaml.png ├── Sigma.png ├── Technique.png └── elementalUI.png /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/README.md -------------------------------------------------------------------------------- /elemental/__pycache__/atomics_imports.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/__pycache__/atomics_imports.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/__pycache__/attack_imports.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/__pycache__/attack_imports.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/__pycache__/attackcti_exporter.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/__pycache__/attackcti_exporter.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/__pycache__/import_abbrvs.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/__pycache__/import_abbrvs.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/__pycache__/sigma_rule_imports.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/__pycache__/sigma_rule_imports.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/db.sqlite3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/db.sqlite3 -------------------------------------------------------------------------------- /elemental/elemental/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /elemental/elemental/__pycache__/__init__.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/elemental/__pycache__/__init__.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/elemental/__pycache__/settings.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/elemental/__pycache__/settings.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/elemental/__pycache__/urls.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/elemental/__pycache__/urls.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/elemental/__pycache__/wsgi.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/elemental/__pycache__/wsgi.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/elemental/settings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/elemental/settings.py -------------------------------------------------------------------------------- /elemental/elemental/urls.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/elemental/urls.py -------------------------------------------------------------------------------- /elemental/elemental/wsgi.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/elemental/wsgi.py -------------------------------------------------------------------------------- /elemental/manage.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/manage.py -------------------------------------------------------------------------------- /elemental/matrix/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /elemental/matrix/__pycache__/__init__.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/__pycache__/__init__.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/matrix/__pycache__/admin.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/__pycache__/admin.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/matrix/__pycache__/forms.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/__pycache__/forms.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/matrix/__pycache__/models.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/__pycache__/models.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/matrix/__pycache__/urls.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/__pycache__/urls.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/matrix/__pycache__/views.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/__pycache__/views.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/matrix/admin.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/admin.py -------------------------------------------------------------------------------- /elemental/matrix/apps.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/apps.py -------------------------------------------------------------------------------- /elemental/matrix/forms.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/forms.py -------------------------------------------------------------------------------- /elemental/matrix/migrations/0001_initial.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/migrations/0001_initial.py -------------------------------------------------------------------------------- /elemental/matrix/migrations/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /elemental/matrix/migrations/__pycache__/0001_initial.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/migrations/__pycache__/0001_initial.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/matrix/migrations/__pycache__/__init__.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/migrations/__pycache__/__init__.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/matrix/models.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/models.py -------------------------------------------------------------------------------- /elemental/matrix/static/matrix/elemental.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/static/matrix/elemental.png -------------------------------------------------------------------------------- /elemental/matrix/static/matrix/style.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/static/matrix/style.css -------------------------------------------------------------------------------- /elemental/matrix/templates/base_generic.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/base_generic.html -------------------------------------------------------------------------------- /elemental/matrix/templates/base_generic_elements.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/base_generic_elements.html -------------------------------------------------------------------------------- /elemental/matrix/templates/base_generic_no_header.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/base_generic_no_header.html -------------------------------------------------------------------------------- /elemental/matrix/templates/elemental.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/elemental.png -------------------------------------------------------------------------------- /elemental/matrix/templates/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/index.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/TacticTemplate.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/TacticTemplate.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/addSigma.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/addSigma.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/addTechnique.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/addTechnique.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/addnote.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/addnote.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/atomic.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/atomic.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/noteForm.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/noteForm.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/note_detail.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/note_detail.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/note_form.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/note_form.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/tactic_detail.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/tactic_detail.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/tactic_list.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/tactic_list.html -------------------------------------------------------------------------------- /elemental/matrix/templates/matrix/technique.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templates/matrix/technique.html -------------------------------------------------------------------------------- /elemental/matrix/templatetags/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /elemental/matrix/templatetags/__pycache__/__init__.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templatetags/__pycache__/__init__.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/matrix/templatetags/__pycache__/short_name.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templatetags/__pycache__/short_name.cpython-36.pyc -------------------------------------------------------------------------------- /elemental/matrix/templatetags/short_name.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/templatetags/short_name.py -------------------------------------------------------------------------------- /elemental/matrix/tests.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/tests.py -------------------------------------------------------------------------------- /elemental/matrix/urls.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/urls.py -------------------------------------------------------------------------------- /elemental/matrix/views.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/matrix/views.py -------------------------------------------------------------------------------- /elemental/media/atomics/T1002.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1002.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1002.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1003.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1003.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1003.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1003.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1004.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1004.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1004.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1004.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1005.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1005.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1005.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1005.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1007.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1007.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1007.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1007.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1009.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1009.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1009.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1009.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1010.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1010.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1010.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1010.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1012.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1012.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1012.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1012.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1014.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1014.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1014.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1014.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1015.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1015.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1015.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1015.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1016.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1016.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1016.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1016.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1018.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1018.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1018.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1018.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1022.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1022.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1022.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1022.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1023.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1023.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1023.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1023.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1027.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1027.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1027.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1027.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1028.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1028.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1028.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1028.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1030.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1030.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1030.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1030.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1031.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1031.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1031.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1031.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1033.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1033.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1033.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1033.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1035.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1035.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1035.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1035.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1036.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1036.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1036.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1036.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1037.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1037.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1037.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1037.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1038.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1038.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1038.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1038.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1040.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1040.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1040.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1040.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1042.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1042.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1042.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1042.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1044.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1044.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1044.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1044.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1046.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1046.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1046.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1046.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1047.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1047.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1047.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1047.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1048.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1048.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1048.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1048.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1049.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1049.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1049.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1049.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1050.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1050.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1050.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1050.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1053.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1053.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1053.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1053.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1055.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1055.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1055.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1055.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1056.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1056.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1056.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1056.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1057.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1057.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1057.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1057.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1058.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1058.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1058.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1058.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1059.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1059.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1059.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1059.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1060.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1060.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1060.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1060.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1062.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1062.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1062.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1062.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1063.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1063.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1063.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1063.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1064.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1064.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1064.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1064.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1065.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1065.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1065.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1065.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1069.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1069.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1069.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1069.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1070.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1070.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1070.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1070.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1071.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1071.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1071.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1071.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1073.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1073.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1073.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1073.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1074.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1074.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1074.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1074.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1075.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1075.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1075.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1075.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1076.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1076.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1076.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1076.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1077.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1077.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1077.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1077.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1081.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1081.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1081.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1081.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1082.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1082.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1082.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1082.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1083.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1083.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1083.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1083.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1084.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1084.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1084.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1084.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1085.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1085.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1085.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1085.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1086.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1086.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1086.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1086.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1087.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1087.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1087.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1087.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1088.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1088.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1088.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1088.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1089.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1089.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1089.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1089.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1090.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1090.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1090.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1090.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1096.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1096.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1096.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1096.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1097.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1097.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1097.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1097.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1098.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1098.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1098.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1098.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1099.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1099.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1099.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1099.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1100.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1100.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1100.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1100.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1101.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1101.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1101.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1101.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1102.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1102.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1102.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1102.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1103.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1103.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1103.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1103.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1105.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1105.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1105.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1105.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1107.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1107.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1107.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1107.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1110.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1110.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1110.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1110.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1112.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1112.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1112.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1112.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1113.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1113.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1113.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1113.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1114.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1114.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1114.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1114.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1115.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1115.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1115.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1115.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1117.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1117.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1117.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1117.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1118.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1118.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1118.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1118.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1119.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1119.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1119.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1119.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1121.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1121.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1121.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1121.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1122.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1122.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1122.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1122.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1123.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1123.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1123.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1123.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1124.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1124.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1124.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1124.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1126.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1126.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1126.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1126.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1127.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1127.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1127.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1127.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1128.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1128.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1128.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1128.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1130.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1130.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1130.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1130.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1132.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1132.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1132.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1132.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1134.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1134.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1134.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1134.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1135.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1135.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1135.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1135.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1136.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1136.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1136.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1136.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1137.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1137.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1137.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1137.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1138.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1138.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1138.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1138.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1139.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1139.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1139.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1139.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1140.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1140.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1140.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1140.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1141.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1141.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1141.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1141.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1142.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1142.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1142.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1142.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1143.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1143.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1143.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1143.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1144.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1144.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1144.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1144.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1145.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1145.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1145.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1145.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1146.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1146.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1146.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1146.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1147.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1147.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1147.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1147.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1148.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1148.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1148.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1148.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1150.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1150.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1150.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1150.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1151.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1151.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1151.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1151.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1152.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1152.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1152.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1152.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1153.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1153.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1153.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1153.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1154.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1154.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1154.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1154.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1155.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1155.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1155.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1155.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1156.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1156.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1156.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1156.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1158.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1158.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1158.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1158.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1159.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1159.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1159.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1159.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1160.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1160.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1160.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1160.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1163.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1163.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1163.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1163.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1164.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1164.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1164.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1164.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1165.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1165.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1165.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1165.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1166.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1166.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1166.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1166.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1168.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1168.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1168.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1168.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1169.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1169.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1169.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1169.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1170.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1170.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1170.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1170.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1173.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1173.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1173.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1173.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1174.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1174.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1174.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1174.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1176.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1176.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1176.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1176.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1179.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1179.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1179.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1179.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1180.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1180.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1180.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1180.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1183.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1183.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1183.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1183.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1191.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1191.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1191.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1191.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1193.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1193.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1193.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1193.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1196.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1196.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1196.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1196.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1197.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1197.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1197.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1197.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1201.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1201.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1201.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1201.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1202.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1202.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1202.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1202.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1206.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1206.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1206.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1206.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1207.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1207.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1207.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1207.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1208.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1208.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1208.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1208.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1214.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1214.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1214.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1214.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1215.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1215.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1215.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1215.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1216.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1216.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1216.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1216.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1217.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1217.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1217.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1217.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1218.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1218.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1218.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1218.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1220.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1220.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1220.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1220.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1222.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1222.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1222.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1222.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1223.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1223.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1223.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1223.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1482.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1482.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1482.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1482.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1485.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1485.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1485.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1485.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1489.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1489.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1489.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1489.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1490.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1490.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1490.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1490.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1496.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1496.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1496.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1496.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1500.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1500.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1500.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1500.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1501.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1501.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1501.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1501.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1504.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1504.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1504.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1504.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1505.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1505.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1505.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1505.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1518.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1518.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1518.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1518.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1529.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1529.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1529.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1529.yaml -------------------------------------------------------------------------------- /elemental/media/atomics/T1531.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1531.md -------------------------------------------------------------------------------- /elemental/media/atomics/T1531.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/atomics/T1531.yaml -------------------------------------------------------------------------------- /elemental/media/elemental.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/elemental.png -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_apt29_thinktanks.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_apt29_thinktanks.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_apt29_tor.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_apt29_tor.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_babyshark.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_babyshark.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_bear_activity_gtr19.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_bear_activity_gtr19.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_carbonpaper_turla.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_carbonpaper_turla.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_chafer_mar18.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_chafer_mar18.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_cloudhopper.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_cloudhopper.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_empiremonkey.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_empiremonkey.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_equationgroup_dll_u_load.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_equationgroup_dll_u_load.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_equationgroup_lnx.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_equationgroup_lnx.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_hurricane_panda.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_hurricane_panda.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_judgement_panda_gtr19.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_judgement_panda_gtr19.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_oceanlotus_registry.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_oceanlotus_registry.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_pandemic.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_pandemic.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_slingshot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_slingshot.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_sofacy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_sofacy.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_stonedrill.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_stonedrill.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_ta17_293a_ps.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_ta17_293a_ps.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_tropictrooper.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_tropictrooper.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_turla_commands.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_turla_commands.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_turla_service_png.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_turla_service_png.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_unidentified_nov_18.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_unidentified_nov_18.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/apt_zxshell.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/apt_zxshell.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/av_exploiting.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/av_exploiting.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/av_password_dumper.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/av_password_dumper.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/av_webshell.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/av_webshell.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/crime_fireball.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/crime_fireball.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/lnx_auditd_alter_bash_profile.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/lnx_auditd_alter_bash_profile.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/lnx_auditd_masquerading_crond.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/lnx_auditd_masquerading_crond.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/lnx_auditd_user_discovery.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/lnx_auditd_user_discovery.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/lnx_auditd_web_rce.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/lnx_auditd_web_rce.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/lnx_data_compressed.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/lnx_data_compressed.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/lnx_network_sniffing.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/lnx_network_sniffing.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/lnx_shell_clear_cmd_history.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/lnx_shell_clear_cmd_history.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/lnx_shell_priv_esc_prep.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/lnx_shell_priv_esc_prep.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/lnx_sudo_cve_2019_14287.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/lnx_sudo_cve_2019_14287.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/net_dns_c2_detection.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/net_dns_c2_detection.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/net_susp_dns_txt_exec_strings.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/net_susp_dns_txt_exec_strings.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_data_compressed.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_data_compressed.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_downgrade_attack.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_downgrade_attack.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_exe_calling_ps.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_exe_calling_ps.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_malicious_commandlets.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_malicious_commandlets.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_malicious_keywords.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_malicious_keywords.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_ntfs_ads_access.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_ntfs_ads_access.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_prompt_credentials.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_prompt_credentials.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_psattack.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_psattack.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_shellcode_b64.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_shellcode_b64.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_suspicious_download.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_suspicious_download.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_suspicious_invocation_generic.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_suspicious_invocation_generic.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_suspicious_invocation_specific.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_suspicious_invocation_specific.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_suspicious_keywords.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_suspicious_keywords.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/powershell_winlogon_helper_dll.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/powershell_winlogon_helper_dll.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/proxy_cobalt_amazon.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/proxy_cobalt_amazon.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/proxy_cobalt_ocsp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/proxy_cobalt_ocsp.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/proxy_cobalt_onedrive.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/proxy_cobalt_onedrive.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/proxy_raw_paste_service_access.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/proxy_raw_paste_service_access.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_ads_executable.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_ads_executable.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_cactustorch.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_cactustorch.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_cmstp_execution.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_cmstp_execution.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_cobaltstrike_process_injection.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_cobaltstrike_process_injection.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_dhcp_calloutdll.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_dhcp_calloutdll.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_dns_serverlevelplugindll.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_dns_serverlevelplugindll.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_ghostpack_safetykatz.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_ghostpack_safetykatz.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_logon_scripts_userinitmprlogonscript.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_logon_scripts_userinitmprlogonscript.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_lsass_memdump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_lsass_memdump.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_mal_namedpipes.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_mal_namedpipes.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_malware_backconnect_ports.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_malware_backconnect_ports.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_malware_verclsid_shellcode.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_malware_verclsid_shellcode.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_mimikatz_detection_lsass.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_mimikatz_detection_lsass.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_mimikatz_inmemory_detection.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_mimikatz_inmemory_detection.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_mimikatz_trough_winrm.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_mimikatz_trough_winrm.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_password_dumper_lsass.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_password_dumper_lsass.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_powershell_exploit_scripts.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_powershell_exploit_scripts.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_powershell_network_connection.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_powershell_network_connection.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_quarkspw_filedump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_quarkspw_filedump.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_rdp_reverse_tunnel.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_rdp_reverse_tunnel.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_registry_persistence_key_linking.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_registry_persistence_key_linking.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_renamed_procdump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_renamed_procdump.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_rundll32_net_connections.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_rundll32_net_connections.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_ssp_added_lsa_config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_ssp_added_lsa_config.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_stickykey_like_backdoor.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_stickykey_like_backdoor.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_susp_download_run_key.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_susp_download_run_key.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_susp_driver_load.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_susp_driver_load.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_susp_file_characteristics.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_susp_file_characteristics.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_susp_image_load.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_susp_image_load.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_susp_lsass_dll_load.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_susp_lsass_dll_load.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_susp_powershell_rundll32.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_susp_powershell_rundll32.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_susp_rdp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_susp_rdp.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_susp_reg_persist_explorer_run.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_susp_reg_persist_explorer_run.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_susp_run_key_img_folder.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_susp_run_key_img_folder.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_svchost_dll_search_order_hijack.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_svchost_dll_search_order_hijack.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_uac_bypass_eventvwr.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_uac_bypass_eventvwr.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_uac_bypass_sdclt.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_uac_bypass_sdclt.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_webshell_creation_detect.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_webshell_creation_detect.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_win_binary_github_com.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_win_binary_github_com.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_win_binary_susp_com.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_win_binary_susp_com.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_win_reg_persistence.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_win_reg_persistence.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_wmi_event_subscription.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_wmi_event_subscription.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_wmi_persistence_commandline_event_consumer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_wmi_persistence_commandline_event_consumer.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_wmi_persistence_script_event_consumer_write.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_wmi_persistence_script_event_consumer_write.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/sysmon_wmi_susp_scripting.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/sysmon_wmi_susp_scripting.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/web_cve_2018_2894_weblogic_exploit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/web_cve_2018_2894_weblogic_exploit.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_GPO_scheduledtasks.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_GPO_scheduledtasks.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_account_discovery.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_account_discovery.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_admin_rdp_login.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_admin_rdp_login.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_admin_share_access.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_admin_share_access.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_alert_active_directory_user_control.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_alert_active_directory_user_control.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_alert_ad_user_backdoors.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_alert_ad_user_backdoors.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_alert_enable_weak_encryption.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_alert_enable_weak_encryption.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_alert_lsass_access.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_alert_lsass_access.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_alert_mimikatz_keywords.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_alert_mimikatz_keywords.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_alert_ruler.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_alert_ruler.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_apt_bluemashroom.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_apt_bluemashroom.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_atsvc_task.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_atsvc_task.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_attrib_hiding_files.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_attrib_hiding_files.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_bypass_squiblytwo.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_bypass_squiblytwo.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_change_default_file_association.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_change_default_file_association.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_cmdkey_recon.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_cmdkey_recon.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_cmstp_com_object_access.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_cmstp_com_object_access.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_control_panel_item.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_control_panel_item.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_data_compressed_with_rar.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_data_compressed_with_rar.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_dcsync.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_dcsync.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_disable_event_logging.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_disable_event_logging.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_encoded_frombase64string.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_encoded_frombase64string.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_encoded_iex.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_encoded_iex.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_etw_trace_evasion.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_etw_trace_evasion.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_exploit_cve_2015_1641.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_exploit_cve_2015_1641.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_exploit_cve_2017_0261.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_exploit_cve_2017_0261.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_exploit_cve_2017_11882.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_exploit_cve_2017_11882.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_exploit_cve_2017_8759.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_exploit_cve_2017_8759.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_exploit_cve_2019_1378.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_exploit_cve_2019_1378.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_exploit_cve_2019_1388.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_exploit_cve_2019_1388.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_hack_rubeus.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_hack_rubeus.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_hack_smbexec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_hack_smbexec.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_hwp_exploits.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_hwp_exploits.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_impacket_lateralization.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_impacket_lateralization.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_impacket_secretdump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_impacket_secretdump.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_install_reg_debugger_backdoor.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_install_reg_debugger_backdoor.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_kernel_and_3rd_party_drivers_exploits_token_stealing.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_kernel_and_3rd_party_drivers_exploits_token_stealing.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_lethalhta.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_lethalhta.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_lm_namedpipe.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_lm_namedpipe.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_local_system_owner_account_discovery.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_local_system_owner_account_discovery.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_mal_adwind.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_mal_adwind.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_mal_creddumper.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_mal_creddumper.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_mal_service_installs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_mal_service_installs.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_mal_ursnif.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_mal_ursnif.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_mal_wceaux_dll.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_mal_wceaux_dll.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_malware_dridex.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_malware_dridex.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_malware_notpetya.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_malware_notpetya.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_malware_script_dropper.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_malware_script_dropper.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_mavinject_proc_inj.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_mavinject_proc_inj.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_mmc_spawn_shell.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_mmc_spawn_shell.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_mshta_spawn_shell.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_mshta_spawn_shell.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_net_ntlm_downgrade.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_net_ntlm_downgrade.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_netsh_fw_add.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_netsh_fw_add.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_netsh_packet_capture.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_netsh_packet_capture.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_netsh_port_fwd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_netsh_port_fwd.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_netsh_port_fwd_3389.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_netsh_port_fwd_3389.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_network_sniffing.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_network_sniffing.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_office_shell.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_office_shell.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_office_spawn_exe_from_users_directory.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_office_spawn_exe_from_users_directory.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_overpass_the_hash.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_overpass_the_hash.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_pass_the_hash.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_pass_the_hash.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_pass_the_hash_2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_pass_the_hash_2.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_plugx_susp_exe_locations.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_plugx_susp_exe_locations.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_possible_applocker_bypass.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_possible_applocker_bypass.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_powershell_amsi_bypass.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_powershell_amsi_bypass.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_powershell_b64_shellcode.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_powershell_b64_shellcode.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_powershell_dll_execution.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_powershell_dll_execution.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_powershell_download.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_powershell_download.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_powershell_suspicious_parameter_variation.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_powershell_suspicious_parameter_variation.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_powershell_xor_commandline.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_powershell_xor_commandline.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_powersploit_empire_schtasks.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_powersploit_empire_schtasks.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_proc_wrong_parent.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_proc_wrong_parent.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_process_creation_bitsadmin_download.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_process_creation_bitsadmin_download.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_psexesvc_start.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_psexesvc_start.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_query_registry.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_query_registry.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_rare_schtask_creation.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_rare_schtask_creation.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_rare_schtasks_creations.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_rare_schtasks_creations.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_rare_service_installs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_rare_service_installs.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_rdp_bluekeep_poc_scanner.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_rdp_bluekeep_poc_scanner.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_rdp_localhost_login.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_rdp_localhost_login.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_rdp_potential_cve-2019-0708.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_rdp_potential_cve-2019-0708.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_rdp_reverse_tunnel.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_rdp_reverse_tunnel.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_renamed_binary.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_renamed_binary.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_renamed_paexec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_renamed_paexec.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_sdbinst_shim_persistence.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_sdbinst_shim_persistence.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_service_execution.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_service_execution.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_shell_spawn_susp_program.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_shell_spawn_susp_program.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_spn_enum.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_spn_enum.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_add_sid_history.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_add_sid_history.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_backup_delete.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_backup_delete.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_bcdedit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_bcdedit.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_bginfo.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_bginfo.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_calc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_calc.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_cdb.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_cdb.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_certutil_command.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_certutil_command.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_cli_escape.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_cli_escape.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_cmd_http_appdata.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_cmd_http_appdata.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_codeintegrity_check_failure.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_codeintegrity_check_failure.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_commands_recon_activity.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_commands_recon_activity.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_compression_params.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_compression_params.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_comsvcs_procdump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_comsvcs_procdump.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_control_dll_load.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_control_dll_load.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_csc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_csc.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_csc_folder.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_csc_folder.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_devtoolslauncher.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_devtoolslauncher.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_dhcp_config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_dhcp_config.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_dhcp_config_failed.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_dhcp_config_failed.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_dns_config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_dns_config.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_dnx.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_dnx.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_double_extension.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_double_extension.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_dsrm_password_change.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_dsrm_password_change.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_dxcap.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_dxcap.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_eventlog_clear.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_eventlog_clear.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_eventlog_cleared.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_eventlog_cleared.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_exec_folder.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_exec_folder.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_execution_path.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_execution_path.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_execution_path_webserver.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_execution_path_webserver.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_failed_logon_reasons.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_failed_logon_reasons.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_failed_logons_single_source.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_failed_logons_single_source.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_gup.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_gup.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_interactive_logons.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_interactive_logons.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_iss_module_install.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_iss_module_install.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_kerberos_manipulation.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_kerberos_manipulation.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_lsass_dump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_lsass_dump.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_mshta_execution.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_mshta_execution.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_msiexec_cwd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_msiexec_cwd.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_msmpeng_crash.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_msmpeng_crash.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_msoffice.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_msoffice.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_net_recon_activity.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_net_recon_activity.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_ntdsutil.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_ntdsutil.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_ntlm_auth.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_ntlm_auth.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_odbcconf.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_odbcconf.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_openwith.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_openwith.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_outlook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_outlook.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_outlook_temp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_outlook_temp.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_ping_hex_ip.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_ping_hex_ip.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_powershell_empire_launch.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_powershell_empire_launch.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_powershell_empire_uac_bypass.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_powershell_empire_uac_bypass.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_powershell_enc_cmd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_powershell_enc_cmd.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_powershell_hidden_b64_cmd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_powershell_hidden_b64_cmd.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_powershell_parent_combo.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_powershell_parent_combo.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_procdump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_procdump.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_prog_location_process_starts.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_prog_location_process_starts.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_ps_appdata.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_ps_appdata.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_psexec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_psexec.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_psr_capture_screenshots.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_psr_capture_screenshots.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_rasdial_activity.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_rasdial_activity.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_rc4_kerberos.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_rc4_kerberos.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_recon_activity.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_recon_activity.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_regsvr32_anomalies.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_regsvr32_anomalies.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_rottenpotato.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_rottenpotato.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_run_locations.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_run_locations.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_rundll32_activity.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_rundll32_activity.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_rundll32_by_ordinal.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_rundll32_by_ordinal.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_sam_dump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_sam_dump.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_samr_pwset.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_samr_pwset.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_schtask_creation.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_schtask_creation.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_script_execution.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_script_execution.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_sdelete.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_sdelete.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_security_eventlog_cleared.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_security_eventlog_cleared.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_svchost.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_svchost.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_sysvol_access.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_sysvol_access.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_taskmgr_localsystem.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_taskmgr_localsystem.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_taskmgr_parent.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_taskmgr_parent.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_time_modification.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_time_modification.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_tscon_localsystem.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_tscon_localsystem.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_tscon_rdp_redirect.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_tscon_rdp_redirect.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_vssadmin_ntds_activity.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_vssadmin_ntds_activity.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_whoami.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_whoami.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_wmi_execution.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_wmi_execution.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_susp_wmi_login.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_susp_wmi_login.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_system_exe_anomaly.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_system_exe_anomaly.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_tool_psexec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_tool_psexec.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_usb_device_plugged.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_usb_device_plugged.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_user_added_to_local_administrators.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_user_added_to_local_administrators.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_user_creation.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_user_creation.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_vul_java_remote_debugging.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_vul_java_remote_debugging.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_webshell_detection.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_webshell_detection.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_webshell_spawn.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_webshell_spawn.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_win10_sched_task_0day.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_win10_sched_task_0day.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_wmi_backdoor_exchange_transport_agent.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_wmi_backdoor_exchange_transport_agent.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_wmi_persistence.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_wmi_persistence.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_wmi_persistence_script_event_consumer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_wmi_persistence_script_event_consumer.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_wmi_spwns_powershell.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_wmi_spwns_powershell.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_workflow_compiler.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_workflow_compiler.yml -------------------------------------------------------------------------------- /elemental/media/sigma_rules/win_xsl_script_processing.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/media/sigma_rules/win_xsl_script_processing.yml -------------------------------------------------------------------------------- /elemental/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/elemental/requirements.txt -------------------------------------------------------------------------------- /images/97.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/images/97.png -------------------------------------------------------------------------------- /images/Atomic.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/images/Atomic.png -------------------------------------------------------------------------------- /images/AtomicYaml.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/images/AtomicYaml.png -------------------------------------------------------------------------------- /images/Sigma.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/images/Sigma.png -------------------------------------------------------------------------------- /images/Technique.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/images/Technique.png -------------------------------------------------------------------------------- /images/elementalUI.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Elemental-attack/Elemental/HEAD/images/elementalUI.png --------------------------------------------------------------------------------