diff --git a/datasets/attack_techniques/T1484/DCShadowPermissions/DCShadowPermissions.yml b/datasets/attack_techniques/T1484/DCShadowPermissions/DCShadowPermissions.yml
new file mode 100644
index 00000000..3a0656ae
--- /dev/null
+++ b/datasets/attack_techniques/T1484/DCShadowPermissions/DCShadowPermissions.yml
@@ -0,0 +1,11 @@
+author: Dean Luxton
+id: ab8cde6c-5099-4955-928c-5707b62b9d7f 
+date: '2023-11-10'
+description: Executing the Set-DCShadowPermissions.ps1 powershell script to apply the minimal permissions required to perform a DCShadow attack.  
+environment: attack_range
+dataset:
+- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1484/DCShadowPermissions/windows-security-xml.log
+sourcetypes:
+- XmlWinEventLog
+references:
+- https://raw.githubusercontent.com/samratashok/nishang/master/ActiveDirectory/Set-DCShadowPermissions.ps1
diff --git a/datasets/attack_techniques/T1484/DCShadowPermissions/windows-security-xml.log b/datasets/attack_techniques/T1484/DCShadowPermissions/windows-security-xml.log
new file mode 100644
index 00000000..8af71e52
--- /dev/null
+++ b/datasets/attack_techniques/T1484/DCShadowPermissions/windows-security-xml.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:98968c96049d919758ee345e7b143c6e94c463da14b41e85252a279b87fd44e1
+size 3742