Statements (19)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
MITRE ATT&CK technique
|
| gptkbp:canBe |
bypassing security controls
downloading files adversaries executing arbitrary commands |
| gptkbp:describes |
PowerShell is a command-line shell and scripting language used for system administration and automation.
|
| gptkbp:detects |
Monitor PowerShell command-line activity
|
| https://www.w3.org/2000/01/rdf-schema#label |
T1086 (PowerShell)
|
| gptkbp:mitigatedBy |
Enable PowerShell logging
Restrict PowerShell usage to authorized users |
| gptkbp:name |
gptkb:PowerShell
|
| gptkbp:partOf |
gptkb:MITRE_ATT&CK_framework
|
| gptkbp:platform |
gptkb:Windows
|
| gptkbp:replacedBy |
T1059.001 (PowerShell)
|
| gptkbp:status |
deprecated
|
| gptkbp:technique |
T1086
|
| gptkbp:usedFor |
Execution
|
| gptkbp:bfsParent |
gptkb:SofacyCHOPSTICK
|
| gptkbp:bfsLayer |
7
|