Detection Validation
Testing & Validation
Rules instrumented with simulation frameworks or regression datasets to validate your detection pipeline end-to-end.
47
Simulations
149
Datasets
42
Fully instrumented
154
Testable rules
47 results
Binary Padding - Linux
highlinux
atomic-red-teamT1027.001
ARTPad Binary to Change Hash - Linux/macOS dd
ffe2346c-abd5-4b45-a713-bf5f1ebd573a
Windows AMSI Related Registry Tampering Via CommandLine
highwindows· process_creation
atomic-red-teamT1562.001
ARTAMSI Bypass - Create AMSIEnable Reg Key
728eca7b-0444-4f6f-ac36-437e3d751dc0
Interactive AT Job
highwindows· process_creation
Boot Configuration Tampering Via Bcdedit.EXE
highwindows· process_creation
atomic-red-teamT1490
ARTWindows - Disable Windows Recovery Console Repair
cf21060a-80b3-4238-a595-22525de4ab81
Suspicious Download From File-Sharing Website Via Bitsadmin
highwindows· process_creation
File With Suspicious Extension Downloaded Via Bitsadmin
highwindows· process_creation
File Download Via Bitsadmin To A Suspicious Target Folder
highwindows· process_creation
Potential Reconnaissance For Cached Credentials Via Cmdkey.EXE
highwindows· process_creation
Suspicious Curl.EXE Download
highwindows· process_creation
Findstr GPP Passwords
highwindows· process_creation
Hypervisor-protected Code Integrity (HVCI) Related Registry Tampering Via CommandLine
highwindows· process_creation
atomic-red-teamT1562.001
ARTDisable Hypervisor-Enforced Code Integrity (HVCI)
70bd71e6-eba4-4e00-92f7-617911dbe020
PUA - AdFind Suspicious Execution
highwindows· process_creation