Common Information
| Type | Value |
|---|---|
| Value |
Tool - T1588.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may buy, steal, or download software tools that can be used during targeting. Tools can be open or closed source, free or commercial. A tool can be used for malicious purposes by an adversary, but (unlike malware) were not intended to be used for those purposes (ex: [PsExec](https://attack.mitre.org/software/S0029)). Tool acquisition can involve the procurement of commercial software licenses, including for red teaming tools such as [Cobalt Strike](https://attack.mitre.org/software/S0154). Commercial software may be obtained through purchase, stealing licenses (or licensed copies of the software), or cracking trial versions.(Citation: Recorded Future Beacon 2019) Adversaries may obtain tools to support their operations, including to support execution of post-compromise behaviors. In addition to freely downloading or purchasing software, adversaries may steal software and/or software licenses from third-party entities (including other adversaries). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2010-01-05 | 33 | How to Document Servers with SYDI | ||
| Details | Website | 2010-01-01 | 6 | Safe, Reliable, Hash Dumping | Rapid7 Blog | ||
| Details | Website | 2009-12-30 | 16 | Matt's Guide to Vendor Response | ||
| Details | Website | 2009-12-30 | 28 | Dec. 29 CVE-2008-3005 / MS08-043 Darkmoon RAT Excel Russia Foreign Minister Meeting from spoofed daisuke_hasegawa@mofa.go.jp Dec 2009 06:50:10 -0000 | ||
| Details | Website | 2009-12-29 | 7 | Meterpreter Pivoting Improved | ||
| Details | Website | 2009-12-17 | 2 | 'lit' it | ||
| Details | Website | 2009-12-17 | 2 | Sourcefire VRT Labs | ||
| Details | Website | 2009-12-11 | 15 | Something about Python and network analysis | ||
| Details | Website | 2009-12-11 | 0 | I hope you're happy Bejtlich...you cost me a ton of sleep | ||
| Details | Website | 2009-12-04 | 0 | Best Practices: What is 'best'? | ||
| Details | Website | 2009-11-23 | 0 | Explore Images with Google Image Swirl | ||
| Details | Website | 2009-11-22 | 4 | Even More Linky Goodness... | ||
| Details | Website | 2009-11-18 | 3 | Working with Volume Shadow Copies | ||
| Details | Website | 2009-11-10 | 0 | Turbodiff v1.01 BETA Released - Detect Differences Between Binaries - Darknet - Hacking Tools, Hacker News & Cyber Security | ||
| Details | Website | 2009-11-04 | 2 | Link-alicious | ||
| Details | Website | 2009-11-04 | 0 | UCSniff 3.0 Released - VoIP/IP Video Sniffing Tool - Darknet - Hacking Tools, Hacker News & Cyber Security | ||
| Details | Website | 2009-11-02 | 3 | Paranoia and the rise of fake antivirus | ||
| Details | Website | 2009-10-27 | 0 | Yokoso! - Web Infrastructure Fingerprinting & Delivery Tool - Darknet - Hacking Tools, Hacker News & Cyber Security | ||
| Details | Website | 2009-10-21 | 0 | Rapid7 make bold statement acquiring Metasploit Project | ||
| Details | Website | 2009-10-15 | 1 | MS09-050, SMBv2 and the SDL - Microsoft Security Blog | ||
| Details | Website | 2009-10-10 | 2 | MIR-ROR 1.2 to debut at Digitial Crimes Consortium 2009 | ||
| Details | Website | 2009-10-08 | 1 | Trust Technologies: Domain and Forest Trusts | ||
| Details | Website | 2009-09-30 | 5 | A Discussion with the creator of the Social Engineers Toolkit - Security Through Education | ||
| Details | Website | 2009-09-18 | 103 | Password / Word lists :: malicious.link — welcome | ||
| Details | Website | 2009-09-16 | 2 | Time to Revisit Zeus Almighty |