enumerate device drivers on Linux

edit on GitHub
search on VirusTotal

rule:
  meta:
    name: enumerate device drivers on Linux
    namespace: collection
    authors:
      - "@mr-tz"
    scopes:
      static: function
      dynamic: thread
    att&ck:
      - Discovery::Device Driver Discovery [T1652]
  features:
    - and:
      - os: linux
      - api: system
      - or:
        - substring: "lsmod"
        - substring: "modinfo"

last edited: 2023-11-24 10:34:28