Credential Access Chains


Release Date (Newest)
Filterfilter
Search for chains, TTPs, themes, and text

Browse By:

Platforms

  • All
  • Windows
  • Linux
  • Global
  • Darwin
  • Android

Themes

Tags

Licenses

Are Agent Tesla malware procedures mitigated on this host?

2022-09-12

/static/assets/windows-logo.svg
Emulates tactics found in Agent Tesla.
Can this host mitigate procedures used in LokiBot malware?

2022-08-23

/static/assets/windows-logo.svg
Emulates LokiBot Password Stealer's procedures for credential harvesting.
GTsST Iron Viking AWFULSHRED

2022-06-22

/static/assets/linux-logo.svg
SSH worm which installs a wiper on the machine it has infected
Python AD discovery

2022-04-06

/static/assets/windows-logo.svg/static/assets/linux-logo.svg
Use Python packet and protocol libraries to perform Active Directory discovery.
Sliver BOF and Execute-Assembly

2022-03-01

/static/assets/windows-logo.svg
Add a COFF loader, run BOFs and execute-assembly ttps.
Conti Collect and Exfiltrate

2022-02-08

/static/assets/windows-logo.svg
Automatically collect information and exfiltrate with rclone to a cloud service.
Conti Privilege Escalation and Persistence

2022-01-25

/static/assets/windows-logo.svg
Use PrintNightmare & ZeroLogon exploits to gain privileges and extract the krbtgt NTLM hash from a DC.
Conti (Discovery)

2021-09-21

/static/assets/windows-logo.svg
Perform the initial discovery and credential access techniques used in Conti ransomware playbook.