Retrieve unsecured information in GPP

/static/assets/windows-logo.svg
Load and run and assembly to retrieve plaintext credentials and other sensitive account information pushed through Group Policy Preferences.
locked
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.

Login

Test this TTP

Download Operator (1.7.0)
Test this TTP using one of our Operator chains
Conti (Discovery)

2021-09-21

/static/assets/windows-logo.svg
Perform the initial discovery and credential access techniques used in Conti ransomware playbook.