open-menu
closeme
OS Architecture Discovery Via Grep
calendar
Apr 1, 2024
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Potential GobRAT File Discovery Via Grep
calendar
Apr 1, 2024
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
PUA - System Informer Execution
calendar
Apr 1, 2024
·
attack.persistence
attack.privilege_escalation
attack.discovery
attack.defense_evasion
attack.t1082
attack.t1564
attack.t1543
·
Share on:
twitter
facebook
linkedin
copy
Network Reconnaissance Activity
calendar
Feb 26, 2024
·
attack.discovery
attack.t1087
attack.t1082
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Bitbucket User Details Export Attempt Detected
calendar
Feb 26, 2024
·
attack.collection
attack.reconnaissance
attack.discovery
attack.t1213
attack.t1082
attack.t1591.004
·
Share on:
twitter
facebook
linkedin
copy
Bitbucket User Permissions Export Attempt
calendar
Feb 26, 2024
·
attack.reconnaissance
attack.t1213
attack.t1082
attack.t1591.004
·
Share on:
twitter
facebook
linkedin
copy
System Disk And Volume Reconnaissance Via Wmic.EXE
calendar
Feb 9, 2024
·
attack.execution
attack.discovery
attack.t1047
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
HackTool - winPEAS Execution
calendar
Feb 1, 2024
·
attack.privilege_escalation
attack.t1082
attack.t1087
attack.t1046
·
Share on:
twitter
facebook
linkedin
copy
Cisco Discovery
calendar
Jan 29, 2024
·
attack.discovery
attack.t1083
attack.t1201
attack.t1057
attack.t1018
attack.t1082
attack.t1016
attack.t1049
attack.t1033
attack.t1124
·
Share on:
twitter
facebook
linkedin
copy
System Information Discovery Using System_Profiler
calendar
Jan 10, 2024
·
attack.discovery
attack.defense_evasion
attack.t1082
attack.t1497.001
·
Share on:
twitter
facebook
linkedin
copy
System Information Discovery Using Ioreg
calendar
Jan 10, 2024
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
HackTool - PCHunter Execution
calendar
Jan 1, 2024
·
attack.execution
attack.discovery
attack.t1082
attack.t1057
attack.t1012
attack.t1083
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
System Information Discovery Using sw_vers
calendar
Dec 21, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Uncommon System Information Discovery Via Wmic.EXE
calendar
Dec 21, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
HackTool - WinPwn Execution
calendar
Dec 4, 2023
·
attack.credential_access
attack.defense_evasion
attack.discovery
attack.execution
attack.privilege_escalation
attack.t1046
attack.t1082
attack.t1106
attack.t1518
attack.t1548.002
attack.t1552.001
attack.t1555
attack.t1555.003
·
Share on:
twitter
facebook
linkedin
copy
HackTool - WinPwn Execution - ScriptBlock
calendar
Dec 4, 2023
·
attack.credential_access
attack.defense_evasion
attack.discovery
attack.execution
attack.privilege_escalation
attack.t1046
attack.t1082
attack.t1106
attack.t1518
attack.t1548.002
attack.t1552.001
attack.t1555
attack.t1555.003
·
Share on:
twitter
facebook
linkedin
copy
Potential Suspicious Activity Using SeCEdit
calendar
Nov 2, 2023
·
attack.discovery
attack.persistence
attack.defense_evasion
attack.credential_access
attack.privilege_escalation
attack.t1562.002
attack.t1547.001
attack.t1505.005
attack.t1556.002
attack.t1562
attack.t1574.007
attack.t1564.002
attack.t1546.008
attack.t1546.007
attack.t1547.014
attack.t1547.010
attack.t1547.002
attack.t1557
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Container Residence Discovery Via Proc Virtual FS
calendar
Oct 28, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Potential Container Discovery Via Inodes Listing
calendar
Oct 28, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Domain User Enumeration Network Recon 01
calendar
Oct 18, 2023
·
attack.discovery
attack.t1087.002
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Execution of Systeminfo
calendar
Oct 17, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Command Arguments from Explorer or Wermgr
calendar
Sep 1, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Kernel Dump Using Dtrace
calendar
Aug 28, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Docker Container Discovery Via Dockerenv Listing
calendar
Aug 24, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Reconnaissance Activity Using BuiltIn Commands
calendar
Apr 21, 2023
·
attack.discovery
attack.t1087
attack.t1082
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
System Information Discovery - Auditd
calendar
Mar 27, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Execution of Hostname
calendar
Mar 5, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Query of MachineGUID
calendar
Mar 2, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Driverquery Lookup
calendar
Jan 9, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
System and Hardware Information Discovery
calendar
Nov 27, 2022
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
System Information Discovery
calendar
Oct 25, 2022
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
to-top