ProxyShell ProxyNotShell Behavior Detected
Exploit Public-Facing Application, External Remote Services
Exploit Public-Facing Application, External Remote Services
Modify Registry
Query Registry, System Network Connections Discovery, Permission Groups Discovery, System Network Configuration Discovery, OS Credential Dumping, System Info...
File and Directory Permissions Modification, System Network Connections Discovery, System Owner/User Discovery, System Shutdown/Reboot, System Network Config...
Domain Policy Modification
Transfer Data to Cloud Account
Steal or Forge Authentication Certificates
Exploitation of Remote Services
Valid Accounts, Brute Force
Ingress Tool Transfer, Exploit Public-Facing Application, Command and Scripting Interpreter, External Remote Services
Ingress Tool Transfer, Exploit Public-Facing Application, Command and Scripting Interpreter, External Remote Services
Abuse Elevation Control Mechanism
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying