ioc[.]one - OSINT Cyber Threat Intelligence Database

Red Team从0到1的实践与思考

Tags

attack-pattern:

Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Domain Fronting - T1090.004 Exploitation For Privilege Escalation - T1404 Powershell - T1059.001 Scheduled Task - T1053.005 Spearphishing Attachment - T1566.001 Spearphishing Attachment - T1598.002 Windows Service - T1543.003 Custom Command And Control Protocol - T1094 Domain Fronting - T1172 Exploitation For Privilege Escalation - T1068 New Service - T1050 Powershell - T1086 Scheduled Task - T1053 Spearphishing Attachment - T1193 Valid Accounts - T1078 Spearphishing Attachment Valid Accounts

Show in Graph

Common Information

Type	Value
UUID	35940764-1bd2-4746-bf08-f3c4f7fd7e93
Fingerprint	b94c8bb4b7aeea63
Analysis status	IN_PROGRESS
Considered CTI value	0
Text language
Published	April 16, 2019, midnight
Added to db	Dec. 19, 2024, 3:45 p.m.
Last updated	Dec. 23, 2024, 8:08 p.m.
Headline	Red Team从0到1的实践与思考
Title	Red Team从0到1的实践与思考
Detected Hints/Tags/Attributes	40/1/39

Source URLs

	Redirection	Url
Details	Source	https://www.secrss.com/articles/9991

URL Provider

Details	Provider	Source level domain
Details	secrss.com	www.secrss.com

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	27		cve-2016-7255
Details	Domain	418		attack.mitre.org
Details	Domain	4705		github.com
Details	Domain	3		weakpass.com
Details	Domain	1		redteamsummit.com
Details	Domain	6752		163.com
Details	Github username	4		cybermonitor
Details	Github username	1		bluscreenofjeff
Details	Github username	5		0x09al
Details	Github username	3		paulsec
Details	Github username	3		maldevel
Details	Github username	14		byt3bl33d3r
Details	Github username	2		arno0x
Details	Github username	5		iagox86
Details	Github username	7		ne0nd0g
Details	Github username	17		danielmiessler
Details	MITRE ATT&CK Techniques	55		T1193
Details	MITRE ATT&CK Techniques	50		T1086
Details	MITRE ATT&CK Techniques	24		T1094
Details	MITRE ATT&CK Techniques	221		T1068
Details	MITRE ATT&CK Techniques	39		T1050
Details	MITRE ATT&CK Techniques	502		T1053
Details	MITRE ATT&CK Techniques	343		T1078
Details	Threat Actor Identifier - APT	807		APT29
Details	Threat Actor Identifier - APT	301		APT32
Details	Url	15		https://attack.mitre.org/groups
Details	Url	9		https://attack.mitre.org/matrices/enterprise
Details	Url	1		https://github.com/cybermonitor/apt_cybercriminal_campagin_collections
Details	Url	1		https://github.com/bluscreenofjeff/red-team-infrastructure-wiki
Details	Url	2		https://github.com/0x09al/dropboxc2c
Details	Url	3		https://github.com/paulsec/twittor
Details	Url	2		https://github.com/maldevel/gdog
Details	Url	2		https://github.com/byt3bl33d3r/gcat
Details	Url	2		https://github.com/arno0x/dbc2
Details	Url	3		https://github.com/iagox86/dnscat2
Details	Url	3		https://github.com/ne0nd0g/merlin
Details	Url	1		http://weakpass.com
Details	Url	1		https://github.com/danielmiessler/seclists/tree/master/passwords
Details	Url	1		https://redteamsummit.com