T1059 (Command-Line Interface)

GPTKB entity

Statements (28)
Predicate Object
gptkbp:instanceOf MITRE ATT&CK technique
gptkbp:category Execution
gptkbp:citation https://attack.mitre.org/techniques/T1059/
gptkbp:describes Adversaries may abuse command-line interfaces to interact with systems and execute commands.
gptkbp:detects Monitor command-line process execution and command-line arguments.
gptkbp:discoveredBy 2017
https://www.w3.org/2000/01/rdf-schema#label T1059 (Command-Line Interface)
gptkbp:mitigatedBy Restrict command-line and scripting activities where possible.
gptkbp:partOf gptkb:MITRE_ATT&CK_framework
gptkbp:platform gptkb:Windows
gptkb:macOS
gptkb:Linux
gptkbp:subtechnique T1059.001 (PowerShell)
T1059.002 (AppleScript)
T1059.003 (Windows Command Shell)
T1059.004 (Unix Shell)
T1059.005 (Visual Basic)
T1059.006 (Python)
T1059.007 (JavaScript)
T1059.008 (Network Device CLI)
gptkbp:tactics Execution
gptkbp:technique T1059
gptkbp:usedBy gptkb:APT3
gptkb:Lazarus_Group
gptkb:APT28
gptkb:FIN7
gptkbp:bfsParent gptkb:SofacyCHOPSTICK
gptkbp:bfsLayer 7