Iis webserver log deletion via commandline utilities

Intel Name: Iis webserver log deletion via commandline utilities

Date of Scan: October 8, 2025

Impact: Medium

Summary:
Detects attempts to remove Internet Information Services (IIS) log files using command‑line tools — a frequently used defense‑evasion tactic where attackers erase evidence of their activity. Adversaries commonly exploit vulnerabilities in web applications hosted on IIS to gain initial access, and then delete IIS logs to hinder forensic analysis and avoid detection.

More Details