T1168

Job scheduling can be used by adversaries to schedule running malicious code at some specified date and time.

Adding it as a PBA:
- LINUX: There are multiple methods supported by Linux for creating pre-scheduled and periodic background jobs.

• at: not all systems have at so skip this (or check if it exists and then proceed?)
• cron: attempt to add some file with some command (commented) to /etc/cron.hourly directory then delete it

- WINDOWS: not applicable (T1053)

Mapping the technique to the ATT&CK matrix