From 29c898c5b965612b7508fa12356ec62ac7f97d00 Mon Sep 17 00:00:00 2001 From: Nasreddine Bencherchali Date: Fri, 6 Dec 2024 21:04:51 +0100 Subject: [PATCH 1/2] Update atomic_red_team.yml --- .../T1566.002/atomic_red_team/atomic_red_team.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/datasets/attack_techniques/T1566.002/atomic_red_team/atomic_red_team.yml b/datasets/attack_techniques/T1566.002/atomic_red_team/atomic_red_team.yml index 1ae18a25..5f55eef1 100644 --- a/datasets/attack_techniques/T1566.002/atomic_red_team/atomic_red_team.yml +++ b/datasets/attack_techniques/T1566.002/atomic_red_team/atomic_red_team.yml @@ -6,7 +6,7 @@ description: Evilginx2 DNS activity captured by Stream. Custom attack_range conf which was running Stream and resolving DNS via DC. environment: attack_range_evilginx2 dataset: -- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1566.002/atomic_red_team/attack_data_stream:dns.json +- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1566.002/atomic_red_team/attack_data_stream_dns.json - https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1566.002/atomic_red_team/attack_data_network_resolution_dm.json - https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1566.002/atomic_red_team/windows-security.log - https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1566.002/atomic_red_team/windows-sysmon.log From 1c3d6ad4ba729ec4c95438fc1838626e7a0266e8 Mon Sep 17 00:00:00 2001 From: Nasreddine Bencherchali Date: Fri, 6 Dec 2024 21:05:54 +0100 Subject: [PATCH 2/2] Rename attack_data_stream:dns.json to attack_data_stream_dns.json --- .../{attack_data_stream:dns.json => attack_data_stream_dns.json} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename datasets/attack_techniques/T1566.002/atomic_red_team/{attack_data_stream:dns.json => attack_data_stream_dns.json} (100%) diff --git a/datasets/attack_techniques/T1566.002/atomic_red_team/attack_data_stream:dns.json b/datasets/attack_techniques/T1566.002/atomic_red_team/attack_data_stream_dns.json similarity index 100% rename from datasets/attack_techniques/T1566.002/atomic_red_team/attack_data_stream:dns.json rename to datasets/attack_techniques/T1566.002/atomic_red_team/attack_data_stream_dns.json