mirror of
https://github.com/keyboardcrunch/SentinelOne-ATTACK-Queries
synced 2026-06-08 17:17:21 +00:00
@
43 lines
1.4 KiB
Markdown
43 lines
1.4 KiB
Markdown
## Execution
|
|
|
|
### T1053.002 At (Windows)
|
|
Atomics: [T1053.002](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1053.002/T1053.002.md)
|
|
|
|
|
|
### T1559.002 Dynamic Data Exchange
|
|
Atomics: [T1559.002](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1559.002/T1559.002.md)
|
|
|
|
|
|
### T1204.002 Malicious File
|
|
Atomics: [T1204.002](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1204.002/T1204.002.md)
|
|
|
|
|
|
### T1106 Native API
|
|
Atomics: [T1106](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1106/T1106.md)
|
|
|
|
|
|
### T1059.001 PowerShell
|
|
Atomics: [T1059.001](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1059.001/T1059.001.md)
|
|
|
|
|
|
### T1053.005 Scheduled Task
|
|
Atomics: [T1053.005](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1053.005/T1053.005.md)
|
|
|
|
|
|
### T1569.002 Service Execution
|
|
Atomics: [T1569.002](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1569.002/T1569.002.md)
|
|
|
|
|
|
### T1059.005 Visual Basic
|
|
Atomics: [T1059.005](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1059.005/T1059.005.md)
|
|
|
|
|
|
### T1059.003 Windows Command Shell
|
|
Atomics: [T1059.003](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1059.003/T1059.003.md)
|
|
|
|
|
|
### T1047 Windows Management Instrumentation
|
|
Atomics: [T1047](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1047/T1047.md)
|
|
|
|
|