attack.t1201 | Detection.FYI

Password Policy Enumerated
May 18, 2023 · attack.discovery attack.t1201 ·
Share on:
Detects when the password policy is enumerated.

Read More
Net.exe Execution
Feb 21, 2023 · attack.discovery attack.t1007 attack.t1049 attack.t1018 attack.t1135 attack.t1201 attack.t1069.001 attack.t1069.002 attack.t1087.001 attack.t1087.002 attack.lateral_movement attack.t1021.002 attack.s0039 ·
Share on:
Detects execution of Net.exe, whether suspicious or benign.

Read More
Password Policy Discovery With Get-AdDefaultDomainPasswordPolicy
Jan 27, 2023 · attack.discovery attack.t1201 ·
Share on:
Detetcts PowerShell activity in which Get-Addefaultdomainpasswordpolicy is used to get the default password policy for an Active Directory domain.

Read More
Password Policy Discovery
Jan 10, 2023 · attack.discovery attack.t1201 ·
Share on:
Detects password policy discovery commands

Read More
Cisco Discovery
Jan 4, 2023 · attack.discovery attack.t1083 attack.t1201 attack.t1057 attack.t1018 attack.t1082 attack.t1016 attack.t1049 attack.t1033 attack.t1124 ·
Share on:
Find information about network devices that is not stored in config files

Read More