Security Memo
Search (Ctrl+K)
Search
Search
Dark mode
Light mode
Home
❯
tags
❯
sec
❯
Tag: sec/windows
Tag: sec/windows
50 items with this tag.
Jan 08, 2024
Cobalt Strike UAC bypass
sec/attack
sec/uacbypass
ttp/05-privilege-escalation
sec/windows
Jan 08, 2024
Cobalt Strike elevated persistence via WMI events
ttp/04-persistence
sec/windows
Jan 08, 2024
Cobalt Strike elevated persistence via service creation
ttp/04-persistence
sec/windows
sec/system
Jan 08, 2024
Cobalt Strike persistence through COM hijacking
sec/windows
ttp/04-persistence
Jan 08, 2024
Cobalt Strike persistence through registry autorun
sec/windows
ttp/04-persistence
Jan 08, 2024
Cobalt Strike persistence via startup folder
sec/windows
ttp/04-persistence
Jan 08, 2024
Cobalt Strike persistence via task scheduler
sec/windows
ttp/04-persistence
Jan 08, 2024
Distributed Component Object Model
ad
sec/windows
concept
protocol
Jan 08, 2024
HTTP tunneling through deep packet inspection
sec/pivoting
sec/windows
status/to-improve
how-to
Jan 08, 2024
IPv4-to-IPv4 proxy via netsh
sec/pivoting
sec/windows
how-to
Jan 08, 2024
IPv6 DNS spoofing
sec/attack
ad
ttp/09-lateral-movement
ttp/07-credential-access
sec/windows
Jan 08, 2024
JuicyPotato
sec/tool
sec/exploit
sec/windows
ttp/05-privilege-escalation
Jan 08, 2024
Microsoft Office macro attack
sec/attack
ttp/02-initial-access
sec/clientside
sec/windows
Jan 08, 2024
Object Linking and Embedding
sec/attack
sec/windows
ttp/09-lateral-movement
ad
sec/clientside
Jan 08, 2024
PrintNightmare
ad
sec/windows
ttp/05-privilege-escalation
Jan 08, 2024
PsExec
ad
sec/windows
ttp/09-lateral-movement
sec/smb
sec/pivoting
sec/localadmin
Jan 08, 2024
RCE via log file poisoning
sec/attack
sec/rce
ttp/02-initial-access
sec/windows
sec/linux
Jan 08, 2024
RDP hijacking
sec/attack
ttp/09-lateral-movement
ad
sec/windows
sec/localadmin
Jan 08, 2024
S4U2Self abuse
ttp/09-lateral-movement
ad
sec/windows
Jan 08, 2024
UAC Bypass via fodhelper.exe
sec/uacbypass
ttp/05-privilege-escalation
sec/windows
Jan 08, 2024
UAC bypass
sec/uacbypass
ttp/05-privilege-escalation
sec/windows
Jan 08, 2024
URL file attack
sec/attack
ad
sec/windows
sec/clientside
ttp/02-initial-access
Jan 08, 2024
WMI
sec/windows
concept
Jan 08, 2024
Windows Remote Management (WinRM)
sec/windows
ttp/09-lateral-movement
Jan 08, 2024
Windows enumeration
ttp/08-discovery
sec/windows
Jan 08, 2024
Windows local service enumeration
sec/windows
ttp/08-discovery
Jan 08, 2024
dump and crack domain cached credentials
sec/domainadmin
ttp/07-credential-access
ad
sec/windows
Jan 08, 2024
golden ticket
ttp/04-persistence
ad
sec/windows
sec/domainadmin
Jan 08, 2024
lateral movement via DCOM
ttp/09-lateral-movement
sec/windows
ad
Jan 08, 2024
netsh
sec/tool
sec/windows/cmd
Jan 08, 2024
overpass-the-hash
ad
sec/attack
ttp/09-lateral-movement
sec/windows
Jan 08, 2024
pass-the-hash
ad
sec/attack
ttp/09-lateral-movement
sec/pivoting
sec/windows
Jan 08, 2024
pass-the-key
ad
sec/attack
ttp/09-lateral-movement
sec/windows
Jan 08, 2024
pass-the-ticket
ad
sec/attack
ttp/09-lateral-movement
sec/windows
Jan 08, 2024
print spool exploit
sec/attack
sec/windows
ttp/09-lateral-movement
ttp/05-privilege-escalation
ad
sec/domainuser
Jan 08, 2024
registry autorun via GPO
ttp/04-persistence
sec/windows
ad
sec/localadmin
Jan 08, 2024
remote MSI package installation via WMI
ad
sec/windows
ttp/09-lateral-movement
Jan 08, 2024
remote process creation via WMI
ttp/09-lateral-movement
ad
sec/windows
sec/localadmin
Jan 08, 2024
remote scheduled task creation via WMI
ttp/09-lateral-movement
ad
sec/windows
sec/localadmin
Jan 08, 2024
remote scheduled task creation via schtask
ttp/09-lateral-movement
ad
sec/windows
sec/localadmin
Jan 08, 2024
remote service creation via WMI
ad
sec/windows
ttp/09-lateral-movement
sec/localadmin
Jan 08, 2024
remote service creation via sc.exe
ttp/09-lateral-movement
ad
sec/windows
sec/localadmin
Jan 08, 2024
resource-based constrained delegation
ttp/09-lateral-movement
ad
sec/windows
status/to-do
Jan 08, 2024
runas.exe
sec/attack
sec/windows
sec/pivoting
ttp/09-lateral-movement
Jan 08, 2024
scheduled task credential
ttp/07-credential-access
ad
sec/windows
Jan 08, 2024
secretsdump
ad
sec/windows
ttp/07-credential-access
sec/tool
Jan 08, 2024
shadow credentials attack
ttp/09-lateral-movement
ad
sec/windows
Jan 08, 2024
unquoted service path
sec/attack
sec/windows
ttp/05-privilege-escalation
Jan 08, 2024
weak service binary permissions
sec/attack
sec/windows
ttp/05-privilege-escalation
Jan 08, 2024
weak service permissions
sec/attack
sec/windows
ttp/05-privilege-escalation