open-menu
closeme
Nltest.EXE Execution
calendar
Dec 1, 2023
·
attack.discovery
attack.t1016
attack.t1018
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
Potential Recon Activity Via Nltest.EXE
calendar
Dec 1, 2023
·
attack.discovery
attack.t1016
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
PUA - AdFind Suspicious Execution
calendar
Nov 27, 2023
·
attack.discovery
attack.t1018
attack.t1087.002
attack.t1482
attack.t1069.002
stp.1u
·
Share on:
twitter
facebook
linkedin
copy
Potential Active Directory Reconnaissance/Enumeration Via LDAP
calendar
Nov 3, 2023
·
attack.discovery
attack.t1069.002
attack.t1087.002
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
BloodHound Collection Files
calendar
Oct 28, 2023
·
attack.discovery
attack.t1087.001
attack.t1087.002
attack.t1482
attack.t1069.001
attack.t1069.002
attack.execution
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - Bloodhound/Sharphound Execution
calendar
Oct 18, 2023
·
attack.discovery
attack.t1087.001
attack.t1087.002
attack.t1482
attack.t1069.001
attack.t1069.002
attack.execution
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - SharpView Execution
calendar
Oct 18, 2023
·
attack.discovery
attack.t1049
attack.t1069.002
attack.t1482
attack.t1135
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
Renamed AdFind Execution
calendar
Oct 18, 2023
·
attack.discovery
attack.t1018
attack.t1087.002
attack.t1482
attack.t1069.002
·
Share on:
twitter
facebook
linkedin
copy
DNS Server Discovery Via LDAP Query
calendar
Oct 4, 2023
·
attack.discovery
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
Malicious PowerShell Commandlets - PoshModule
calendar
May 15, 2023
·
attack.execution
attack.discovery
attack.t1482
attack.t1087
attack.t1087.001
attack.t1087.002
attack.t1069.001
attack.t1069.002
attack.t1069
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
SocGholish NLTest Domain Trust Enumeration (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.discovery
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
Malicious PowerShell Commandlets - ProcessCreation
calendar
Apr 21, 2023
·
attack.execution
attack.discovery
attack.t1482
attack.t1087
attack.t1087.001
attack.t1087.002
attack.t1069.001
attack.t1069.002
attack.t1069
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Malicious PowerShell Commandlets - ScriptBlock
calendar
Apr 21, 2023
·
attack.execution
attack.discovery
attack.t1482
attack.t1087
attack.t1087.001
attack.t1087.002
attack.t1069.001
attack.t1069.002
attack.t1069
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - TruffleSnout Execution
calendar
Feb 16, 2023
·
attack.discovery
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
Domain Trust Discovery Via Dsquery
calendar
Feb 3, 2023
·
attack.discovery
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
AdFind Discovery
calendar
Jan 8, 2023
·
attack.remote_system_discovery
attack.domain_trust_discovery
attack.T1018
attack.T1482
attack.TT1482
attack.T1069.002
attack.T1087.002
attack.s0552
·
Share on:
twitter
facebook
linkedin
copy
to-top