Big dump of snapattack logs

Author: RavenTait

datasets/attack_techniques/T1001/snapattack/snapattack.log

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:76c77dc261b4e0afc62ef81c33073eea8858b6626f946b1c7849af9d94b1c6dd
+size 1949

datasets/attack_techniques/T1001/snapattack/snapattack.yml

@@ -0,0 +1,14 @@
+author: Raven Tait, Splunk
+id: 359d5738-ce1c-40f4-8360-d544dab6db59
+date: '2026-04-01'
+description: Generated datasets for Windows String Manipulation Techniques in attack
+    range.
+environment: attack_range
+directory: snapattack
+mitre_technique:
+- T1001
+datasets:
+-   name: snapattack
+    sourcetype: XmlWinEventLog
+    source: XmlWinEventLog:Security
+    path: /datasets/attack_techniques/T1001/snapattack/snaattack.log

datasets/attack_techniques/T1003.001/snapattack/snapattack.log

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c22994ec5fa481609dfbb3403dc51d803cb1f0665d3aab29da8f5e8a9766f4af
+size 58587

datasets/attack_techniques/T1003.001/snapattack/snapattack.yml

@@ -0,0 +1,14 @@
+author: Raven Tait, Splunk
+id: 23bcd20e-abc1-43fa-bd6f-117cb360633e
+date: '2026-04-01'
+description: Generated datasets for Windows Evidence of LSASS Shtinkering - AppCrash
+    Reports in attack range.
+environment: attack_range
+directory: snapattack
+mitre_technique:
+- T1003.001
+datasets:
+-   name: snapattack
+    sourcetype: XmlWinEventLog
+    source: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
+    path: /datasets/attack_techniques/T1003.001/snapattack/snaattack.log

datasets/attack_techniques/T1003.002/snapattack/snapattack.log

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f19d2035e279d3a5faaf7ac2a18f71d296f965cbe6389f8a905806ba50565b02
+size 7063

datasets/attack_techniques/T1003.002/snapattack/snapattack.yml

@@ -0,0 +1,14 @@
+author: Raven Tait, Splunk
+id: df5b874a-91f8-4eca-bf06-2570a6f7834b
+date: '2026-04-01'
+description: Generated datasets for Windows Usage of Mimikatz lsadump::sam module
+    (PoSh) in attack range.
+environment: attack_range
+directory: snapattack
+mitre_technique:
+- T1003.002
+datasets:
+-   name: snapattack
+    sourcetype: XmlWinEventLog
+    source: XmlWinEventLog:Microsoft-Windows-PowerShell/Operational
+    path: /datasets/attack_techniques/T1003.002/snapattack/snaattack.log

datasets/attack_techniques/T1003.003/snapattack/snapattack.log

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:50290b7f98c2059cb340a40c02fddc932a9815a1be32eef9074e839ae595ef4f
+size 7772

datasets/attack_techniques/T1003.003/snapattack/snapattack.yml

@@ -0,0 +1,14 @@
+author: Raven Tait, Splunk
+id: 53065f7f-c068-4a10-8009-26bb81ba80f9
+date: '2026-04-01'
+description: Generated datasets for Windows Explorer mounting a ntdsutil snapshot
+    in attack range.
+environment: attack_range
+directory: snapattack
+mitre_technique:
+- T1003.003
+datasets:
+-   name: snapattack
+    sourcetype: XmlWinEventLog
+    source: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
+    path: /datasets/attack_techniques/T1003.003/snapattack/snaattack.log

datasets/attack_techniques/T1003.004/snapattack/snapattack.log

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4ba0ba771f144bd9f8847a0e9e40e21d15b7e966d19d64031e408611da6608f6
+size 4872

datasets/attack_techniques/T1003.004/snapattack/snapattack.yml

@@ -0,0 +1,14 @@
+author: Raven Tait, Splunk
+id: e30f8af0-68c6-4d63-93f7-c835dee26282
+date: '2026-04-01'
+description: Generated datasets for Windows Usage of Mimikatz lsadump::secrets module
+    (Sysmon) in attack range.
+environment: attack_range
+directory: snapattack
+mitre_technique:
+- T1003.004
+datasets:
+-   name: snapattack
+    sourcetype: XmlWinEventLog
+    source: XmlWinEventLog:Security
+    path: /datasets/attack_techniques/T1003.004/snapattack/snaattack.log