From 0dca7593700d80c4674da2593ffe5221b4ed69c5 Mon Sep 17 00:00:00 2001
From: "@" <@>
Date: Fri, 23 Oct 2020 15:14:34 -0500
Subject: [PATCH] Renamed T1552.002

---
 Tactics/CredentialAccess.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Tactics/CredentialAccess.md b/Tactics/CredentialAccess.md
index 63cbcd0..54d6552 100644
--- a/Tactics/CredentialAccess.md
+++ b/Tactics/CredentialAccess.md
@@ -31,7 +31,7 @@ To focus on detection, we're looking for AccessChk.exe where the DisplayName doe
 TgtProcName = "accesschk.exe" AND TgtProcDisplayName != "Reports effective permissions for securable objects"
 `
 
-### T1552.002 Credentials in Registry
+### T1552.002 Registry Credential Enumeration
 Atomics: [T1552.002](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1552.002/T1552.002.md)
 
 This query detects enumeration and discovery of credentials within the Registry, including Putty sessions.