capture network configuration via ifconfig

edit on GitHub
search on VirusTotal

rule:
  meta:
    name: capture network configuration via ifconfig
    namespace: collection/network
    authors:
      - joakim@intezeer.com
    scopes:
      static: basic block
      dynamic: call
    att&ck:
      - Discovery::System Network Configuration Discovery [T1016]
  features:
    - and:
      - os: linux
      - api: system
      - substring: "ifconfig"

last edited: 2023-11-24 10:35:00