p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

island: Modify mongo query so 'Account Discovery' PBA also gets reported in T1086

This commit is contained in:
Shreya Malviya 2021-10-13 13:37:39 +05:30
parent e3045c255a
commit effd9dd957
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
monkey/monkey_island/cc/services/attack/technique_reports/T1086.py
View File

@ -42,6 +42,7 @@ class T1086(AttackTechnique):
"telem_category": "post_breach",
"$or": [
{"data.command": {"$regex": r"\.ps1"}},
{"data.command": {"$regex": "powershell"}},
{"data.result": {"$regex": r"\.ps1"}},
],
},