mirror of
https://github.com/keyboardcrunch/SentinelOne-ATTACK-Queries
synced 2026-06-08 17:17:21 +00:00
@
80 lines
2.7 KiB
Markdown
80 lines
2.7 KiB
Markdown
## Credential Access
|
|
|
|
|
|
### T1056.004 Credential API Hooking
|
|
Atomics: [T1056.004](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1056.004/T1056.004.md)
|
|
|
|
|
|
### T1552.001 Credentials In Files
|
|
Atomics: [T1552.001](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1552.001/T1552.001.md)
|
|
|
|
|
|
### T1555.003 Credentials from Web Browsers
|
|
Atomics: [T1555.003](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1555.003/T1555.003.md)
|
|
|
|
|
|
### T1552.002 Credentials in Registry
|
|
Atomics: [T1552.002](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1552.002/T1552.002.md)
|
|
|
|
|
|
### T1056.002 GUI Input Capture
|
|
Atomics: [T1056.002](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1056.002/T1056.002.md)
|
|
|
|
|
|
### T1552.006 Group Policy Preferences
|
|
Atomics: [T1552.006](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1552.006/T1552.006.md)
|
|
|
|
|
|
### T1558.003 Kerberoasting
|
|
Atomics: [T1558.003](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1558.003/T1558.003.md)
|
|
|
|
|
|
### T1056.001 Keylogging
|
|
Atomics: [T1056.001](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1056.001/T1056.001.md)
|
|
|
|
|
|
### T1003.004 LSA Secrets
|
|
Atomics: [T1003.004](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1003.004/T1003.004.md)
|
|
|
|
|
|
### T1003.001 LSASS Memory
|
|
Atomics: [T1003.001](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1003.001/T1003.001.md)
|
|
|
|
|
|
### T1003.003 NTDS
|
|
Atomics: [T1003.003](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1003.003/T1003.003.md)
|
|
|
|
|
|
### T1040 Network Sniffing
|
|
Atomics: [T1040](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1040/T1040.md)
|
|
|
|
|
|
### T1003 OS Credential Dumping
|
|
Atomics: [T1003](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1003/T1003.md)
|
|
|
|
|
|
### T1110.002 Password Cracking
|
|
Atomics: [T1110.002](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1110.002/T1110.002.md)
|
|
|
|
|
|
### T1556.002 Password Filter DLL
|
|
Atomics: [T1556.002](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1556.002/T1556.002.md)
|
|
|
|
|
|
### T1110.001 Password Guessing
|
|
Atomics: [T1110.001](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1110.001/T1110.001.md)
|
|
|
|
|
|
### T1110.003 Password Spraying
|
|
Atomics: [T1110.003](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1110.003/T1110.003.md)
|
|
|
|
|
|
### T1552.004 Private Keys
|
|
Atomics: [T1552.004](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1552.004/T1552.004.md)
|
|
|
|
|
|
### T1003.002 Security Account Manager
|
|
Atomics: [T1003.002](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1003.002/T1003.002.md)
|
|
|
|
|