aws | Detection.FYI

cloudtrail

Nov 2, 2023 ·
Share on:

Read More

Recent Posts

Unusual Parent Process For Cmd.EXE
HackTool - WinPwn Execution
HackTool - WinPwn Execution - ScriptBlock
CMSTP Execution Process Access
Credential Dumping Activity By Python Based Tool
Credential Dumping Activity Via Lsass
Credential Dumping Attempt Via Svchost
Credential Dumping Attempt Via WerFault

Language

SIGMA 3581 ELASTIC 993 MQL 304

Tags

ATTACK.DEFENSE_EVASION 1263 ATTACK.EXECUTION 777 USE-CASE-THREAT-DETECTION 651 DOMAIN-ENDPOINT 610 ATTACK.PERSISTENCE 516 DATA-SOURCE-ELASTIC-DEFEND 471 ATTACK.PRIVILEGE_ESCALATION 379 OS-WINDOWS 378 ATTACK.CREDENTIAL_ACCESS 301 DETECTION.EMERGING_THREATS 296 DATA-SOURCE-ELASTIC-ENDGAME 267 TACTIC-DEFENSE-EVASION 253 ATTACK.COMMAND_AND_CONTROL 243 RESOURCES-INVESTIGATION-GUIDE 243