← Back to Explore
T1059.013
Container CLI/API
Adversaries may abuse built-in CLI tools or API calls to execute malicious commands in containerized environments. The Docker CLI is used for managing containers via an exposed API point from the `dockerd` daemon. Some common examples of Docker CLI include Docker Desktop CLI and Docker Compose, but users are also able to use SDKs to interact with the API. For example, Docker SDK for Python can be used to run commands within a Python application.(Citation: Docker Desktop CLI) Adversaries may le...
Containers
1
Detections
1
Sources
1
Threat Actors
BY SOURCE
1splunk_escu
PROCEDURES (1)
General Monitoring1 detections
Auto-extracted: 1 detections for general monitoring