open-menu
closeme
Malicious PowerShell Commandlets - ProcessCreation
calendar
Dec 1, 2024
·
attack.execution
attack.discovery
attack.t1482
attack.t1087
attack.t1087.001
attack.t1087.002
attack.t1069.001
attack.t1069.002
attack.t1069
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Renamed AdFind Execution
calendar
Nov 25, 2024
·
attack.discovery
attack.t1018
attack.t1087.002
attack.t1482
attack.t1069.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Active Directory Reconnaissance/Enumeration Via LDAP
calendar
Aug 27, 2024
·
attack.discovery
attack.t1069.002
attack.t1087.002
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
BloodHound Collection Files
calendar
Aug 12, 2024
·
attack.discovery
attack.t1087.001
attack.t1087.002
attack.t1482
attack.t1069.001
attack.t1069.002
attack.execution
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
DNS Server Discovery Via LDAP Query
calendar
Aug 12, 2024
·
attack.discovery
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
Domain Trust Discovery Via Dsquery
calendar
Aug 12, 2024
·
attack.discovery
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
HackTool - Bloodhound/Sharphound Execution
calendar
Aug 12, 2024
·
attack.discovery
attack.t1087.001
attack.t1087.002
attack.t1482
attack.t1069.001
attack.t1069.002
attack.execution
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - SharpView Execution
calendar
Aug 12, 2024
·
attack.discovery
attack.t1049
attack.t1069.002
attack.t1482
attack.t1135
attack.t1033
·
Share on:
twitter
facebook
linkedin
copy
HackTool - TruffleSnout Execution
calendar
Aug 12, 2024
·
attack.discovery
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
Malicious PowerShell Commandlets - PoshModule
calendar
Aug 12, 2024
·
attack.execution
attack.discovery
attack.t1482
attack.t1087
attack.t1087.001
attack.t1087.002
attack.t1069.001
attack.t1069.002
attack.t1069
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Malicious PowerShell Commandlets - ScriptBlock
calendar
Aug 12, 2024
·
attack.execution
attack.discovery
attack.t1482
attack.t1087
attack.t1087.001
attack.t1087.002
attack.t1069.001
attack.t1069.002
attack.t1069
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Nltest.EXE Execution
calendar
Aug 12, 2024
·
attack.discovery
attack.t1016
attack.t1018
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
Potential Recon Activity Via Nltest.EXE
calendar
Aug 12, 2024
·
attack.discovery
attack.t1016
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
PUA - AdFind Suspicious Execution
calendar
Aug 12, 2024
·
attack.discovery
attack.t1018
attack.t1087.002
attack.t1482
attack.t1069.002
stp.1u
·
Share on:
twitter
facebook
linkedin
copy
Enumerating Domain Trust Relationships with Nltest.exe
calendar
Mar 26, 2024
·
attack.discovery
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
AdFind Discovery
calendar
Feb 23, 2024
·
attack.discovery
attack.t1018
attack.t1482
attack.t1069.002
attack.t1087.002
attack.s0552
·
Share on:
twitter
facebook
linkedin
copy
SocGholish NLTest Domain Trust Enumeration (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.discovery
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
to-top