forked from thinhhoangpham/tcp_timearcs
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathevent_type_mapping.json
More file actions
50 lines (50 loc) · 2.3 KB
/
event_type_mapping.json
File metadata and controls
50 lines (50 loc) · 2.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
{
"normal": -1,
"scan /usr/bin/nmap": 0,
"failed attack framework-2.6/msfcli iis_nsiislog_po": 1,
"failed attack framework-2.6/msfcli windows_ssl_pct": 2,
"failed attack framework-2.6/msfcli cabrightstor_di": 3,
"failed attack exploit/iis-asp-overflow": 4,
"failed attack or scan exploit/bin/iis_nsiislog.pl": 5,
"phishing email exploit/malware/trawler": 6,
"no precursor client compromise exfil/sams_launch_v": 7,
"c2 + tcp control channel exfil - no precursor nc": 8,
"post-phishing client compromise + malicious downlo": 9,
"post-phishing c2 echo": 10,
"post-phishing c2 + tcp control channel exfil nc": 11,
"post-phishing icmp exfil nc": 12,
"post-phishing c2 heartbeat exploit/malware/malclie": 13,
"post-phishing c2 exploit/malware/malclient.pl": 14,
"post-phishing c2 + tcp control channel exfil explo": 15,
"client compromise exfil/sams_launch_vulnerable_cli": 16,
"c2 remote command execution nc": 17,
"ddos": 18,
"out2in": 19,
"compromised_server": 20,
"post-phishing tcp exfil nc": 21,
"c2+ tcp control channel exfil - no precursor nc": 22,
"c2+ tcp control channel exfil nc": 23,
"failed attack or scan exploit/bin/webstar_ftp_user": 24,
"client compromise": 25,
"malware ddos": 26,
"out2in dns": 27,
"spambot client compromise": 28,
"spambot malicious download": 29,
"spam bot": 30,
"noisy phishing email exploit/malware/trawler": 31,
"noisy phishing email exploit/malware/trawler.pl": 32,
"noisy client compromise + malicious download exfil": 33,
"noisy c2+ tcp control channel exfil nc": 34,
"noisy c2+ tcp control channel exfil fork": 35,
"c2 + control channel exfil - no precursor nc": 36,
"router-rewrite /home/administrator/attack-scripts/": 37,
"break-DNS_1_exploit echo": 38,
"break-DNS_1 /home/administrator/attack-scripts/sdu": 39,
"dns-rewrite /home/administrator/attack-scripts/sdu": 40,
"c2 heartbeat exploit/malware/malclient.pl": 41,
"c2 exploit/malware/malclient.pl": 42,
"c2 + tcp control channel exfil exploit/malware/mal": 43,
"router-redirect /home/administrator/attack-scripts": 44,
"noisy-blackhole_exploit echo": 45,
"noisy-blackhole_64-127 /home/administrator/attack-": 46
}