T1059 (Command-Line Interface)
GPTKB entity
Statements (28)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:MITRE_ATT&CK_technique
|
| gptkbp:category |
Execution
|
| gptkbp:citation |
https://attack.mitre.org/techniques/T1059/
|
| gptkbp:describes |
Adversaries may abuse command-line interfaces to interact with systems and execute commands.
|
| gptkbp:detects |
Monitor command-line process execution and command-line arguments.
|
| gptkbp:discoveredBy |
2017
|
| gptkbp:mitigatedBy |
Restrict command-line and scripting activities where possible.
|
| gptkbp:partOf |
gptkb:MITRE_ATT&CK_framework
|
| gptkbp:platform |
gptkb:Windows
gptkb:macOS gptkb:Linux |
| gptkbp:subtechnique |
T1059.001 (PowerShell)
T1059.002 (AppleScript) T1059.003 (Windows Command Shell) T1059.004 (Unix Shell) T1059.005 (Visual Basic) T1059.006 (Python) T1059.007 (JavaScript) T1059.008 (Network Device CLI) |
| gptkbp:tactics |
Execution
|
| gptkbp:technique |
T1059
|
| gptkbp:usedBy |
gptkb:APT3
gptkb:Lazarus_Group gptkb:APT28 gptkb:FIN7 |
| gptkbp:bfsParent |
gptkb:SofacyCHOPSTICK
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
T1059 (Command-Line Interface)
|