When installing or demonstrating appliances it can be useful to trigger detections. Triggering a detection in a monitored network proves that the appliances are installed correctly, that the sensor is communicating with the brain and that packet capture is set up correctly for the test workstations.
These curl commands trigger BitCoin mining detections:
curl -A "cpuminger" http://www.google.com curl -A “cgminer” www.google.com
The same commands as above, but using PowerShell.
powershell.exe Invoke-WebRequest "http://google.com" -UserAgent "cpuminger" -UseBasicParsing
powershell.exe Invoke-WebRequest "http://google.com" -UserAgent "cgminer" -UseBasicParsing
This 'hydra' command (part of the Kali Linux distribution) generates a Brute Force Attack detection, ensure you are using a current version of hydra.
hydra -l vectra -P /usr/share/wordlists/rockyou_500.txt ssh://10.1.0.50 –vV