open-menu
closeme
Whoami.EXE Execution Anomaly
calendar
Oct 1, 2024
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Whoami.EXE Execution From Privileged Process
calendar
Oct 1, 2024
·
attack.privilege-escalation
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Whoami.EXE Execution With Output Option
calendar
Oct 1, 2024
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Chopper Webshell Process Pattern
calendar
Aug 12, 2024
·
attack.persistence
attack.t1505.003
attack.t1018
attack.t1033
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
Cisco Discovery
calendar
Aug 12, 2024
·
attack.discovery
attack.t1083
attack.t1201
attack.t1057
attack.t1018
attack.t1082
attack.t1016
attack.t1049
attack.t1033
attack.t1124
·
Share on:
twitter
facebook
linkedin
copy
Computer Discovery And Export Via Get-ADComputer Cmdlet
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Computer Discovery And Export Via Get-ADComputer Cmdlet - PowerShell
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Enumerate All Information With Whoami.EXE
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
ESXi Network Configuration Discovery Via ESXCLI
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
ESXi Storage Information Discovery Via ESXCLI
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
ESXi System Information Discovery Via ESXCLI
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
ESXi VM List Discovery Via ESXCLI
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
ESXi VSAN Information Discovery Via ESXCLI
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
Get-ADUser Enumeration Using UserAccountControl Flags
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Group Membership Reconnaissance Via Whoami.EXE
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
HackTool - SharpLdapWhoami Execution
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - SharpView Execution
calendar
Aug 12, 2024
·
attack.discovery
attack.t1049
attack.t1069.002
attack.t1482
attack.t1135
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Local Accounts Discovery
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
attack.t1087.001
·
Share on:
twitter
facebook
linkedin
copy
Possible DCSync Attack
calendar
Aug 12, 2024
·
attack.t1033
attack.discovery
·
Share on:
twitter
facebook
linkedin
copy
Potential Dridex Activity
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
attack.discovery
attack.t1135
attack.t1033
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
Renamed Whoami Execution
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Security Privileges Enumeration Via Whoami.EXE
calendar
Aug 12, 2024
·
attack.privilege-escalation
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
SharpHound Recon Sessions
calendar
Aug 12, 2024
·
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Suspicious PowerShell Get Current User
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
System Owner or User Discovery
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
User Discovery And Export Via Get-ADUser Cmdlet
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
User Discovery And Export Via Get-ADUser Cmdlet - PowerShell
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Webshell Detection With Command Line Keywords
calendar
Aug 12, 2024
·
attack.persistence
attack.t1505.003
attack.t1018
attack.t1033
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
Webshell Hacking Activity Patterns
calendar
Aug 12, 2024
·
attack.persistence
attack.t1505.003
attack.t1018
attack.t1033
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
WhoAmI as Parameter
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Whoami Utility Execution
calendar
Aug 12, 2024
·
attack.discovery
attack.t1033
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Whoami Recon Writing Output to File
calendar
Mar 26, 2024
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
WinEvent Security Query
calendar
Feb 23, 2024
·
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
SocGholish Script File Whoami Output to File (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.discovery
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
to-top