πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Search…
πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Introduction
Red Team
Red Team Techniques
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Credential Access
T1552: Unsecured Credentials
Group Policy Preferences
Private Keys
Credentials in Registry
Credentials in Files
T1558: Steal or Forge Kerberos Tickets
T1003: OS Credential Dumping
T1040: Network Sniffing
T1556: Modify Authentication Process
T1557: Man-in-the-Middle
T1056: Input Capture
T1187: Forced Authentication
T1555: Credentials from Password Stores
T1110: Brute Force
Discovery
Lateral Movement
Active Directory
Active Directory
Active Directory Attacks
Red Team Infrastructure
RED TEAM INFRASTRUCTURE
Domain Name and Categorization
Reconnaissance
Weaponization
Delivery
Situational Awareness
Credential Dumping
Persistence
Defense Evasion
Privilege Escalation
Lateral Movement
Powered By GitBook
T1552: Unsecured Credentials
Adversaries may search compromised systems to find and obtain insecurely stored credentials. These credentials can be stored and/or misplaced in many locations on a system, including plaintext files (e.g. Bash History), operating system or application-specific repositories (e.g. Credentials in Registry), or other specialized files/artifacts (e.g. Private Keys).
Red Team Techniques - Previous
Credential Access
Next
Group Policy Preferences
Last modified 1yr ago
Copy link