From c197f877521ffd5aab0e1af88ab4de7adee31e7d Mon Sep 17 00:00:00 2001
From: signalblur <45216760+signalblur@users.noreply.github.com>
Date: Tue, 2 Jul 2024 19:17:40 -0400
Subject: [PATCH] Update proc_creation_lnx_webshell_execution.yml

---
 .../process_creation/proc_creation_lnx_webshell_execution.yml    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/rules/linux/process_creation/proc_creation_lnx_webshell_execution.yml b/rules/linux/process_creation/proc_creation_lnx_webshell_execution.yml
index b9208629240..7b9b7bd0b14 100644
--- a/rules/linux/process_creation/proc_creation_lnx_webshell_execution.yml
+++ b/rules/linux/process_creation/proc_creation_lnx_webshell_execution.yml
@@ -3,6 +3,7 @@ id: 3b3d279e-a97a-4c5c-8be0-64b21ead5fa1
 description: Detects processes where the executable or image path contains common web root directories to identify potential webshells.
 status: experimental
 author: David Burkett, @signalblur
+date: 2024/07/02
 tags:
     - attack.t1505.003
 date: 2024/06/28