Impact and persistence TTPs #129
Conversation
gerbsec
requested review from
d3sch41n,
cedowens,
d0n601 and
CrimsonK1ng
as code owners
|
Hi @gerbsec! Thank you for your pull request and welcome to our community. Action RequiredIn order to merge any pull request (code, docs, etc.), we require contributors to sign our Contributor License Agreement, and we don't seem to have one on file for you. ProcessIn order for us to review and merge your suggested changes, please sign at https://code.facebook.com/cla. If you are contributing on behalf of someone else (eg your employer), the individual CLA may not be sufficient and your employer may need to sign the corporate CLA. Once the CLA is signed, our tooling will perform checks and validations. Afterwards, the pull request will be tagged with If you have received this in error or have any questions, please contact us at cla@meta.com. Thanks! |
|
Thank you for signing our Contributor License Agreement. We can now accept your code for this (and any) Meta Open Source project. Thanks! |
| You can run the TTP using the following command (adjust arguments as needed): | ||
|
|
||
| ```bash | ||
| ttpforge run forgearmory//impact/data-encrypt/LOTL-ransomware/LOTL-ransomware.yaml \ |
There was a problem hiding this comment.
Looks like the directory to execute should be forgearmory//impact/ltol-ransomware/lotl-ransomware.yaml
|
Hey @gerbsec! Thanks so much for the submission and sorry for the delay on responding. The TTPs look awesome, I just left a few little nits before accepting the pull request. |
|
@d0n601 has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator. |
Proposed Changes
Adding TTP's for general use!
Related Issue(s)
N/A
Testing
Ran the TTPs on Ubuntu 22.04, 20.04 and Latest Kali Linux 8/27/24
Documentation
Documentation for usage and requirements in the format provided by Meta included.
Checklist
mage runprecommitlocally and fixed any issues that arose.