Skip to content

Commit

Permalink
Fix linux.forensics.environment variables spellcheck (#899)
Browse files Browse the repository at this point in the history 
Co-authored-by: Mike Cohen <[email protected]>
  • Loading branch information
@ibyf0r3ns1cs @scudette
ibyf0r3ns1cs and scudette authored Aug 28, 2024
1 parent 358e224 commit 6c2be16
Showing 1 changed file with 0 additions and 2 deletions.
2 changes: 0 additions & 2 deletions content/exchange/artifacts/Linux.Forensics.EnvironmentVariables.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@ name: Linux.Forensics.EnvironmentVariables
author: Idan Beit-Yosef @ ibyf0r3ns1cs
description: |
This artifact detects potential persistence mechanisms on Linux systems by analyzing environment variable files and login scripts.
Adversaries may modify these files to establish persistence by injecting commands that execute malicious scripts or binaries upon user login or shell initialization.
This artifact focuses on identifying such modifications by scanning for environment variable alterations, network utilities, and scripting languages commonly used in attacks.
**MITRE ATT&CK**: [T1546.004](https://attack.mitre.org/techniques/T1546/004/)
Expand Down

0 comments on commit 6c2be16

Please sign in to comment.