Detections
Analytics
Command and Scripting Interpreter: Python (Windows)
Description
Adversaries may abuse Python commands and scripts for execution. Python is a very popular scripting/programming language, with capabilities to perform many functions. Python can be executed interactively from the command-line (via the python.exe interpreter) or via scripts (.py) that can be written and distributed to different systems. Python code can also be compiled into binary executables.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Authenticated Scan | SMB | Microsoft Windows Installed Software Enumeration | Plugin ID: 20811 |
References
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Execution
Technique: Command and Scripting Interpreter
Sub-Technique: Python
Platform: Windows
Products Required: Tenable Vulnerability Management
Tenable Release Date: 2022 Q2