Category: Purple Team
-
SharpHound Detection
BloodHound is an attack path management solution which can discover hidden relationships in Active Directory by performing data analysis to identify paths in the domain that will lead to lateral movement and domain escalation. Data are retrieved from Domain Controllers and Domain-Joined systems via SharpHound which is the data collector…
-
Scheduled Task Tampering
The HAFNIUM threat actor is using an unconventional method to tamper scheduled tasks in order to establish persistence via modification of registry keys in their malware called Tarrask. The benefit of using registry keys is that enables the threat actor to create stealthy scheduled tasks for persistence by avoiding to…
Purple Team 