From 07feaff522f1bc62815216274ce79d1d079aeaad Mon Sep 17 00:00:00 2001
From: Bhavin Patel <bhavin.j.patel91@gmail.com>
Date: Fri, 23 Feb 2024 12:10:40 -0800
Subject: [PATCH] new files

---
 .../T1567/web_upload_nginx/web_upload_nginx.log       |  3 +++
 .../T1567/web_upload_nginx/web_upload_nginx.yml       | 11 +++++++++++
 2 files changed, 14 insertions(+)
 create mode 100644 datasets/attack_techniques/T1567/web_upload_nginx/web_upload_nginx.log
 create mode 100644 datasets/attack_techniques/T1567/web_upload_nginx/web_upload_nginx.yml

diff --git a/datasets/attack_techniques/T1567/web_upload_nginx/web_upload_nginx.log b/datasets/attack_techniques/T1567/web_upload_nginx/web_upload_nginx.log
new file mode 100644
index 00000000..0bc21674
--- /dev/null
+++ b/datasets/attack_techniques/T1567/web_upload_nginx/web_upload_nginx.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:82b6c267e8eac610f41db7f061b6a060e894a753a5389fc7d60220b55a465f0e
+size 539
diff --git a/datasets/attack_techniques/T1567/web_upload_nginx/web_upload_nginx.yml b/datasets/attack_techniques/T1567/web_upload_nginx/web_upload_nginx.yml
new file mode 100644
index 00000000..78967e0f
--- /dev/null
+++ b/datasets/attack_techniques/T1567/web_upload_nginx/web_upload_nginx.yml
@@ -0,0 +1,11 @@
+author: Bhavin Patel, Splunk
+id: 15c6f211-a960-4f60-b111-bd2ae129ef7d
+date: '2023-02-21'
+description: Simulate Large Web upload with high bytes out
+environment: attack_range
+dataset:
+- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1567/web_upload_nginx/web_upload_nginx.log
+sourcetypes:
+- nginx:plus:kv
+references:
+- https://attack.mitre.org/techniques/T1567/
\ No newline at end of file