Skip to content

Commit

Permalink
Merge pull request #847 from dluxtron/master
Browse files Browse the repository at this point in the history
Adding Portscan Datasets
  • Loading branch information
mvelazc0 authored Oct 20, 2023
2 parents bb4dbb3 + 2ba0727 commit 29f52ac
Show file tree
Hide file tree
Showing 4 changed files with 18 additions and 1 deletion.
3 changes: 3 additions & 0 deletions datasets/attack_techniques/T1046/nmap/horizontal.log
Git LFS file not shown
11 changes: 11 additions & 0 deletions datasets/attack_techniques/T1046/nmap/nmap.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
author: Dean Luxton
id: 62c7bcd1-3eea-4ca7-9e73-d286b375d543
date: '2023-10-20'
description: Manual generation of nmap portscanning activity within attack range.
environment: attack_range
dataset:
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1046/nmap/horizontal.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1046/nmap/vertical.log
sourcetypes:
- aws:cloudwatchlogs:vpcflow

3 changes: 3 additions & 0 deletions datasets/attack_techniques/T1046/nmap/vertical.log
Git LFS file not shown
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ dataset:
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1098/aws_iam_delete_policy/aws_iam_delete_policy.json
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1098/aws_iam_failure_group_deletion/aws_iam_failure_group_deletion.json
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1098/aws_iam_successful_group_deletion/aws_iam_successful_group_deletion.json
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1098/xml-windows-security.log
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1098/account_manipulation/xml-windows-security.log
sourcetypes:
- WinEventLog:Security
- aws:cloudtrail
Expand Down

0 comments on commit 29f52ac

Please sign in to comment.