open-menu
closeme
HackTool - SharpLdapWhoami Execution
calendar
Dec 1, 2023
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Whoami.EXE Execution
calendar
Nov 10, 2023
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Chopper Webshell Process Pattern
calendar
Nov 10, 2023
·
attack.persistence
attack.t1505.003
attack.t1018
attack.t1033
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
Webshell Detection With Command Line Keywords
calendar
Nov 10, 2023
·
attack.persistence
attack.t1505.003
attack.t1018
attack.t1033
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
Webshell Hacking Activity Patterns
calendar
Nov 10, 2023
·
attack.persistence
attack.t1505.003
attack.t1018
attack.t1033
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
Computer Discovery And Export Via Get-ADComputer Cmdlet
calendar
Oct 18, 2023
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Get-ADUser Enumeration Using UserAccountControl Flags
calendar
Oct 18, 2023
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
HackTool - SharpView Execution
calendar
Oct 18, 2023
·
attack.discovery
attack.t1049
attack.t1069.002
attack.t1482
attack.t1135
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
User Discovery And Export Via Get-ADUser Cmdlet
calendar
Oct 18, 2023
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Computer Discovery And Export Via Get-ADComputer Cmdlet - PowerShell
calendar
Oct 17, 2023
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Suspicious PowerShell Get Current User
calendar
Oct 17, 2023
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
User Discovery And Export Via Get-ADUser Cmdlet - PowerShell
calendar
Oct 17, 2023
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
ESXi Network Configuration Discovery Via ESXCLI
calendar
Sep 6, 2023
·
attack.discovery
attack.t1033
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
ESXi Storage Information Discovery Via ESXCLI
calendar
Sep 6, 2023
·
attack.discovery
attack.t1033
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
ESXi System Information Discovery Via ESXCLI
calendar
Sep 6, 2023
·
attack.discovery
attack.t1033
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
ESXi VM List Discovery Via ESXCLI
calendar
Sep 6, 2023
·
attack.discovery
attack.t1033
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
ESXi VSAN Information Discovery Via ESXCLI
calendar
Sep 6, 2023
·
attack.discovery
attack.t1033
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
Possible DCSync Attack
calendar
Jun 22, 2023
·
attack.t1033
attack.discovery
·
Share on:
twitter
facebook
linkedin
copy
SharpHound Recon Sessions
calendar
Jun 22, 2023
·
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Potential Dridex Activity
calendar
Jun 20, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
attack.discovery
attack.t1135
attack.t1033
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
SocGholish Script File Whoami Output to File (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
WinEvent Security Query
calendar
Apr 2, 2023
·
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Group Membership Reconnaissance Via Whoami.EXE
calendar
Feb 28, 2023
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Security Privileges Enumeration Via Whoami.EXE
calendar
Feb 28, 2023
·
attack.privilege_escalation
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Whoami.EXE Execution From Privileged Process
calendar
Feb 28, 2023
·
attack.privilege_escalation
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Whoami Utility Execution
calendar
Feb 28, 2023
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Whoami.EXE Execution Anomaly
calendar
Feb 28, 2023
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Local Accounts Discovery
calendar
Feb 21, 2023
·
attack.discovery
attack.t1033
attack.t1087.001
·
Share on:
twitter
facebook
linkedin
copy
Renamed Whoami Execution
calendar
Feb 1, 2023
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
WhoAmI as Parameter
calendar
Feb 1, 2023
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Cisco Discovery
calendar
Jan 4, 2023
·
attack.discovery
attack.t1083
attack.t1201
attack.t1057
attack.t1018
attack.t1082
attack.t1016
attack.t1049
attack.t1033
attack.t1124
·
Share on:
twitter
facebook
linkedin
copy
System Owner or User Discovery
calendar
Oct 25, 2022
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
to-top