T1059 (Command-Line Interface)
GPTKB entity
Statements (28)
Predicate | Object |
---|---|
gptkbp:instanceOf |
MITRE ATT&CK technique
|
gptkbp:category |
Execution
|
gptkbp:citation |
https://attack.mitre.org/techniques/T1059/
|
gptkbp:describes |
Adversaries may abuse command-line interfaces to interact with systems and execute commands.
|
gptkbp:detects |
Monitor command-line process execution and command-line arguments.
|
gptkbp:discoveredBy |
2017
|
https://www.w3.org/2000/01/rdf-schema#label |
T1059 (Command-Line Interface)
|
gptkbp:mitigatedBy |
Restrict command-line and scripting activities where possible.
|
gptkbp:partOf |
gptkb:MITRE_ATT&CK_framework
|
gptkbp:platform |
gptkb:Windows
gptkb:macOS gptkb:Linux |
gptkbp:subtechnique |
T1059.001 (PowerShell)
T1059.002 (AppleScript) T1059.003 (Windows Command Shell) T1059.004 (Unix Shell) T1059.005 (Visual Basic) T1059.006 (Python) T1059.007 (JavaScript) T1059.008 (Network Device CLI) |
gptkbp:tactics |
Execution
|
gptkbp:technique |
T1059
|
gptkbp:usedBy |
gptkb:APT3
gptkb:Lazarus_Group gptkb:APT28 gptkb:FIN7 |
gptkbp:bfsParent |
gptkb:SofacyCHOPSTICK
|
gptkbp:bfsLayer |
7
|