T1086 (PowerShell)

GPTKB entity

Statements (19)
Predicate Object
gptkbp:instanceOf MITRE ATT&CK technique
gptkbp:canBe bypassing security controls
downloading files
adversaries
executing arbitrary commands
gptkbp:describes PowerShell is a command-line shell and scripting language used for system administration and automation.
gptkbp:detects Monitor PowerShell command-line activity
https://www.w3.org/2000/01/rdf-schema#label T1086 (PowerShell)
gptkbp:mitigatedBy Enable PowerShell logging
Restrict PowerShell usage to authorized users
gptkbp:name gptkb:PowerShell
gptkbp:partOf gptkb:MITRE_ATT&CK_framework
gptkbp:platform gptkb:Windows
gptkbp:replacedBy T1059.001 (PowerShell)
gptkbp:status deprecated
gptkbp:technique T1086
gptkbp:usedFor Execution
gptkbp:bfsParent gptkb:SofacyCHOPSTICK
gptkbp:bfsLayer 7