Mirrors/keyboardcrunch-sentinelone-attack-queries
1
0
Fork 0
mirror of https://github.com/keyboardcrunch/SentinelOne-ATTACK-Queries synced 2026-06-08 17:17:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
19 Commits 1 Branch 0 Tags
a11206d450ff717c24ee0edf4780a453d3a9b4fa
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
keyboardcrunch a11206d450 Create README.md
2020-09-15 22:35:58 -05:00
DefenseEvasion.md
Create DefenseEvasion.md
2020-09-15 22:28:41 -05:00
LICENSE
Initial commit
2020-09-14 19:36:19 -05:00
PrivilegeEscalation.md
Update and rename queries.md to PrivilegeEscalation.md
2020-09-15 22:09:46 -05:00
README.md
Create README.md
2020-09-15 22:35:58 -05:00

README.md

SentinelOne-ATTACK-Queries

MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity

This project aims to document (mostly Windows) SentinelOne queries for detecting TTPs generated by Red Canary Co's Atomic Red Team framework.

Privilege Escalation

Defense Evasion

Persistence

Impact

Discovery

Command and Control

Collection

Execution

Exfiltration

Credential Access

Lateral Movement

Initial Access

Reference in New Issue View Git Blame Copy Permalink
S
Description
Mirror of https://github.com/keyboardcrunch/SentinelOne-ATTACK-Queries
Readme MIT 110 KiB
Languages
Markdown 100%