open-menu
closeme
WMI Reconnaissance
calendar
Mar 26, 2024
·
attack.execution
attack.t1047
attack.discovery
attack.t1087
attack.t1087.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Use of PsLogList
calendar
Mar 11, 2024
·
attack.discovery
attack.t1087
attack.t1087.001
attack.t1087.002
·
Share on:
twitter
facebook
linkedin
copy
Network Reconnaissance Activity
calendar
Feb 26, 2024
·
attack.discovery
attack.t1087
attack.t1082
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - winPEAS Execution
calendar
Feb 1, 2024
·
attack.privilege_escalation
attack.t1082
attack.t1087
attack.t1046
·
Share on:
twitter
facebook
linkedin
copy
Malicious PowerShell Commandlets - PoshModule
calendar
Jan 29, 2024
·
attack.execution
attack.discovery
attack.t1482
attack.t1087
attack.t1087.001
attack.t1087.002
attack.t1069.001
attack.t1069.002
attack.t1069
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Malicious PowerShell Commandlets - ProcessCreation
calendar
Jan 29, 2024
·
attack.execution
attack.discovery
attack.t1482
attack.t1087
attack.t1087.001
attack.t1087.002
attack.t1069.001
attack.t1069.002
attack.t1069
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Malicious PowerShell Commandlets - ScriptBlock
calendar
Jan 29, 2024
·
attack.execution
attack.discovery
attack.t1482
attack.t1087
attack.t1087.001
attack.t1087.002
attack.t1069.001
attack.t1069.002
attack.t1069
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Potential Pikabot Discovery Activity
calendar
Jan 29, 2024
·
attack.discovery
attack.t1016
attack.t1049
attack.t1087
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Execution of SOAPHound Tool with Specific Arguments
calendar
Jan 27, 2024
·
attack.discovery
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
PUA - Seatbelt Execution
calendar
Dec 1, 2023
·
attack.discovery
attack.t1526
attack.t1087
attack.t1083
·
Share on:
twitter
facebook
linkedin
copy
Chopper Webshell Process Pattern
calendar
Nov 10, 2023
·
attack.persistence
attack.t1505.003
attack.t1018
attack.t1033
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
Webshell Detection With Command Line Keywords
calendar
Nov 10, 2023
·
attack.persistence
attack.t1505.003
attack.t1018
attack.t1033
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
Webshell Hacking Activity Patterns
calendar
Nov 10, 2023
·
attack.persistence
attack.t1505.003
attack.t1018
attack.t1033
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
SharpHound Recon Account Discovery
calendar
Jun 22, 2023
·
attack.t1087
attack.discovery
·
Share on:
twitter
facebook
linkedin
copy
Reconnaissance Activity Using BuiltIn Commands
calendar
Apr 21, 2023
·
attack.discovery
attack.t1087
attack.t1082
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Hacktool Ruler
calendar
Feb 1, 2023
·
attack.discovery
attack.execution
attack.t1087
attack.t1114
attack.t1059
attack.t1550.002
·
Share on:
twitter
facebook
linkedin
copy
Emotet Child Process Spawn Pattern
calendar
Jan 8, 2023
·
attack.discovery
attack.t1087
·
Share on:
twitter
facebook
linkedin
copy
to-top