Contact DMCA Privacy

Robuta

Sponsor of the Day: Jerkmate
https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_pua_trufflehog/ PUA - TruffleHog Execution - Linux | Detection.FYI Detects execution of TruffleHog, a tool used to search for secrets in different platforms like Git, Jira, Slack, SharePoint, etc. that could be used … linux detection fyipuatrufflehogexecution https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_python_http_server_execution/ Python WebServer Execution - Linux | Detection.FYI Detects the execution of Python web servers via command line interface (CLI). After gaining access to target systems, adversaries may use Python's built-in... linux detection fyipythonwebserverexecution https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_local_groups/ Local Groups Discovery - Linux | Detection.FYI Detects enumeration of local system groups. Adversaries may attempt to find local system groups and permission settings linux detection fyilocal groupsdiscovery https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_vim_shell_execution/ Vim GTFOBin Abuse - Linux | Detection.FYI linux detection fyivimabuse https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-31324/file_event_lnx_sap_netweaver_webshell_creation/ Potential SAP NetWeaver Webshell Creation - Linux | Detection.FYI Detects the creation of suspicious files (jsp, java, class) in SAP NetWeaver directories, which may indicate exploitation attempts of vulnerabilities such as … linux detection fyisap netweaverpotentialwebshellcreation https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_script_interpretor_spawn_credential_scanner/ Script Interpreter Spawning Credential Scanner - Linux | Detection.FYI Detects a script interpreter process (like node.js or bun) spawning a known credential scanning tool (e.g., trufflehog, gitleaks). This behavior is indicative … linux detection fyiscriptinterpreterspawningcredential https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_remote_system_discovery/ Linux Remote System Discovery | Detection.FYI Detects the enumeration of other remote systems. discovery detection fyilinux remotesystem https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_ssm_agent_abuse/ Potential Linux Amazon SSM Agent Hijacking | Detection.FYI Detects potential Amazon SSM agent hijack attempts as outlined in the Mitiga research report. ssm agentdetection fyipotentiallinuxamazon