Windows Post Exploitation Risk Behavior
Query Registry, System Network Connections Discovery, Permission Groups Discovery, System Network Configuration Discovery, OS Credential Dumping, System Info...
Query Registry, System Network Connections Discovery, Permission Groups Discovery, System Network Configuration Discovery, OS Credential Dumping, System Info...
Steal Application Access Token
Valid Accounts, Brute Force
Ingress Tool Transfer, Exploit Public-Facing Application, Command and Scripting Interpreter, External Remote Services
Steal or Forge Authentication Certificates
Domain or Tenant Policy Modification
Steal Application Access Token
Impair Defenses
Abuse Elevation Control Mechanism
Malicious Image, User Execution
Impair Defenses
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying
Exploit Public-Facing Application, External Remote Services
Ingress Tool Transfer, Exploit Public-Facing Application, Command and Scripting Interpreter, External Remote Services
Exploitation of Remote Services
File and Directory Permissions Modification, System Network Connections Discovery, System Owner/User Discovery, System Shutdown/Reboot, System Network Config...
Modify Registry
Transfer Data to Cloud Account