Detects the use of TruffleSnout.exe an iterative AD discovery toolkit for offensive operators, situational awareness and targeted low noise enumeration.
Read MoreHackTool - SharpView Execution
Feb 13, 2023 · attack.discovery attack.t1049 attack.t1069.002 attack.t1482 attack.t1135 attack.t1033 ·Adversaries may look for details about the network configuration and settings of systems they access or through information discovery of remote systems
Read MoreRenamed AdFind Execution
Detects the use of a renamed Adfind.exe. AdFind continues to be seen across majority of breaches. It is used to domain trust discovery to plan out subsequent steps in the attack chain.
Read More