πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Search…
πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Introduction
Red Team
Red Team Techniques
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Credential Access
T1552: Unsecured Credentials
T1558: Steal or Forge Kerberos Tickets
T1003: OS Credential Dumping
T1040: Network Sniffing
T1556: Modify Authentication Process
T1557: Man-in-the-Middle
T1056: Input Capture
T1187: Forced Authentication
T1555: Credentials from Password Stores
T1110: Brute Force
Discovery
Lateral Movement
Active Directory
Active Directory
Active Directory Attacks
Red Team Infrastructure
RED TEAM INFRASTRUCTURE
Domain Name and Categorization
Reconnaissance
Weaponization
Delivery
Situational Awareness
Credential Dumping
Persistence
Defense Evasion
Privilege Escalation
Lateral Movement
Powered By GitBook
Credential Access
The adversary is trying to steal account names and passwords.
Credential Access consists of techniques for stealing credentials like account names and passwords. Techniques used to get credential include keylogging or credential dumping. Using legitimate credentials can give adversaries access to systems, make them harder to detect, and provide the opportunity to create more accounts to help achieve their goals.
Previous
De-obfuscate/Decode Files or Information
Next
T1552: Unsecured Credentials
Last modified 1yr ago
Copy link