Unix1 abuse funcs

ssh-keyscanssh-keyscan

Platform
Unix
Abuse functions
1

Description

ssh-keyscan is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MITRE crosswalk): T1005. Defenders should monitor execution of ssh-keyscan under non-administrative or sudo contexts and alert when its arguments match the abuse-function signatures.

Abuse functions· 1

file-read
sudosuidunprivileged

Abuses1

TypeTargetConfidenceTier
TechniqueData from Local Systemt1005100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

LOLbin
ssh-keygen
LOLbin
check_by_ssh
LOLbin
ssh
LOLbin
sshpass
LOLbin
ssh-agent
LOLbin
clamscan
Sourced from GTFOBins. Curated by Adam Lundqvist, SQUR.