Powerpipe MCP Server →
Powerpipe Hub 
Hub
Mods
turbot/tailpipe-mod-github-audit-log-detections
Overview
3Dashboards
17Benchmarks
24Queries
1Variables
GitHub

Benchmark: TA0008 Lateral Movement

Overview

The adversary is trying to move through your environment.

Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network. Following through on their primary objective often requires exploring the network to find their target and subsequently gaining access to it. Reaching their objective often involves pivoting through multiple systems and accounts to gain. Adversaries might install their own remote access tools to accomplish Lateral Movement or use legitimate credentials with native network and operating system tools, which may be stealthier.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/tailpipe-mod-github-audit-log-detections

Start the Powerpipe server:

powerpipe server

Open http://localhost:9033 in your browser and select TA0008 Lateral Movement.

Run this benchmark in your terminal:

powerpipe benchmark run github_audit_log_detections.benchmark.mitre_attack_v161_ta0008

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run github_audit_log_detections.benchmark.mitre_attack_v161_ta0008 --share

Benchmarks

Tags

category = Detections
mitre_attack_tactic_id = TA0008
mitre_attack_version = v16.1
plugin = github
service = GitHub/Organization
type = Benchmark