splunk
diff --git a/‎detections/endpoint/detect_linux_exploit_suggester_execution.yml
-57 b/‎detections/endpoint/detect_linux_exploit_suggester_execution.yml
-57
diff --git a/‎detections/endpoint/detect_mimipenguin.yml
-55 b/‎detections/endpoint/detect_mimipenguin.yml
-55
diff --git a/‎lookups/linux_tool_discovery_process.csv
+5 b/‎lookups/linux_tool_discovery_process.csv
+5
diff --git a/‎tests/endpoint/detect_linux_exploit_suggester_execution.test.yml
-12 b/‎tests/endpoint/detect_linux_exploit_suggester_execution.test.yml
-12
diff --git a/‎tests/endpoint/detect_mimipenguin.test.yml
-12 b/‎tests/endpoint/detect_mimipenguin.test.yml
-12
@@ -40,6 +40,11 @@ cat /etc/network/interfaces
 cat /etc/sysconfig/network
 cat /etc/resolv.conf
 cat /etc/networks
+cvelist-file:*
+exploit-db*
+strings -e /etc/apache2/apache2.conf
+strings -e /etc/ssh/sshd_config
+strings -e /etc/shadow
 iptables -L
 lsof -i
 netstat -antup