Unix1 abuse funcs

check_raidcheck_raid

Platform
Unix
Abuse functions
1

Description

check_raid is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MITRE crosswalk): T1005. Defenders should monitor execution of check_raid under non-administrative or sudo contexts and alert when its arguments match the abuse-function signatures.

Abuse functions· 1

file-read
sudounprivileged

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

LOLbin
check_memory
LOLbin
check_statusfile
LOLbin
check_log
LOLbin
look
LOLbin
file
LOLbin
readelf
Sourced from GTFOBins. Curated by Adam Lundqvist, SQUR.