From ca103ff7f84d5b6069baeb781f435e68488343b0 Mon Sep 17 00:00:00 2001
From: nasbench <nasreddineb@splunk.com>
Date: Mon, 8 Dec 2025 20:26:15 +0100
Subject: [PATCH] add react2snort

---
 .../react2shell/react2shell.log                     |  3 +++
 .../react2shell/react2shell.yml                     | 13 +++++++++++++
 .../emerging_threats/react2shell/react2shell.yml    |  2 +-
 3 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 datasets/cisco_secure_firewall_threat_defense/react2shell/react2shell.log
 create mode 100644 datasets/cisco_secure_firewall_threat_defense/react2shell/react2shell.yml

diff --git a/datasets/cisco_secure_firewall_threat_defense/react2shell/react2shell.log b/datasets/cisco_secure_firewall_threat_defense/react2shell/react2shell.log
new file mode 100644
index 00000000..25c691cc
--- /dev/null
+++ b/datasets/cisco_secure_firewall_threat_defense/react2shell/react2shell.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:01c4370bbcd4261c457fc9d7a8ab907f836eb7918b4e841150c77456cee9806a
+size 2331
diff --git a/datasets/cisco_secure_firewall_threat_defense/react2shell/react2shell.yml b/datasets/cisco_secure_firewall_threat_defense/react2shell/react2shell.yml
new file mode 100644
index 00000000..b83782c3
--- /dev/null
+++ b/datasets/cisco_secure_firewall_threat_defense/react2shell/react2shell.yml
@@ -0,0 +1,13 @@
+author: Nasreddine Bencherchali, Splunk
+id: f0aeed06-629e-4d1e-9dae-b4687c779668
+date: '2025-12-08'
+description: Generated datasets for React2Shell exploitation 
+environment: NA
+directory: react2shell
+mitre_technique:
+- T1190
+datasets:
+- name: react2shell_ftd
+  path: /datasets/cisco_secure_firewall_threat_defense/react2shell/react2shell.log
+  sourcetype: cisco:sfw:estreamer
+  source: not_applicable
diff --git a/datasets/emerging_threats/react2shell/react2shell.yml b/datasets/emerging_threats/react2shell/react2shell.yml
index b8e96163..595691cd 100644
--- a/datasets/emerging_threats/react2shell/react2shell.yml
+++ b/datasets/emerging_threats/react2shell/react2shell.yml
@@ -3,7 +3,7 @@ id: f0beed06-629e-4d1e-9dae-b4687c779668
 date: '2025-12-08'
 description: Generated datasets for React2Shell exploitation
 environment: attack_range
-directory: reacr2shell
+directory: react2shell
 mitre_technique:
 - T1059
 - T1059.001