Skip to content

Commit 3d5907d

Browse files
patel-bhavinpatel-bhavin
authored
updating to new folder (#1119)
1 parent 5557049 commit 3d5907d

File tree

2 files changed

+13
-0
lines changed

2 files changed

+13
-0
lines changed

datasets/attack_techniques/T1071.004/long_dns_query/atomic_red_team.yml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
author: Bhavin Patel, Splunk
2+
id: d1c13a02-9fa8-4d72-8e80-a75db51ed88e
3+
date: '2026-01-22'
4+
description: 'Contains DNS query data from the windows machine where powershell is trying to make a query to a long domain name'
5+
environment: attack_range
6+
directory: atomic_red_team
7+
mitre_technique:
8+
- T1071.004
9+
datasets:
10+
- name: dns-sysmon
11+
path: /datasets/attack_techniques/T1071.004/long_dns_query/dns-sysmon.log
12+
sourcetype: XmlWinEventLog
13+
source: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational

datasets/attack_techniques/T1021.002/atomic_red_team/dns-sysmon.log renamed to datasets/attack_techniques/T1071.004/long_dns_query/dns-sysmon.log

File renamed without changes.

0 commit comments

Comments
 (0)