attack.t1201 | Detection.FYI

Password Policy Discovery - Linux

Dec 1, 2024 · attack.discovery attack.t1201 ·
Share on:

Detects password policy discovery commands

Read More
Cisco Discovery

Aug 12, 2024 · attack.discovery attack.t1083 attack.t1201 attack.t1057 attack.t1018 attack.t1082 attack.t1016 attack.t1049 attack.t1033 attack.t1124 ·
Share on:

Find information about network devices that is not stored in config files

Read More
HackTool - CrackMapExec Execution

Aug 12, 2024 · attack.execution attack.persistence attack.privilege-escalation attack.credential-access attack.discovery attack.t1047 attack.t1053 attack.t1059.003 attack.t1059.001 attack.t1110 attack.t1201 ·
Share on:

This rule detect common flag combinations used by CrackMapExec in order to detect its use even if the binary has been replaced.

Read More
Password Policy Discovery With Get-AdDefaultDomainPasswordPolicy

Aug 12, 2024 · attack.discovery attack.t1201 ·
Share on:

Detetcts PowerShell activity in which Get-Addefaultdomainpasswordpolicy is used to get the default password policy for an Active Directory domain.

Read More
Password Policy Enumerated

Aug 12, 2024 · attack.discovery attack.t1201 ·
Share on:

Detects when the password policy is enumerated.

Read More