πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Search…
πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Introduction
Red Team
Red Team Techniques
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Credential Access
T1552: Unsecured Credentials
T1558: Steal or Forge Kerberos Tickets
T1003: OS Credential Dumping
T1040: Network Sniffing
T1556: Modify Authentication Process
T1557: Man-in-the-Middle
T1056: Input Capture
Web Portal Capture
GUI Input Capture
Keylogging
T1187: Forced Authentication
T1555: Credentials from Password Stores
T1110: Brute Force
Discovery
Lateral Movement
Active Directory
Active Directory
Active Directory Attacks
Red Team Infrastructure
RED TEAM INFRASTRUCTURE
Domain Name and Categorization
Reconnaissance
Weaponization
Delivery
Situational Awareness
Credential Dumping
Persistence
Defense Evasion
Privilege Escalation
Lateral Movement
Powered By GitBook
T1056: Input Capture
Adversaries may log user keystrokes to intercept credentials as the user types them. Keylogging is likely to be used to acquire credentials for new access opportunities when OS Credential Dumping efforts are not effective, and may require an adversary to intercept keystrokes on a system for substantial period of time before credentials can be successfully captured.
​
​
Previous
LLMNR/NBT-NS Poisoning and SMB Relay
Next
Web Portal Capture
Last modified 1yr ago
Copy link