Data Exfiltration Tips/Tricks
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 6fcb4949-a7a9-42c3-9d60-5d1c89e40c0d |
| Fingerprint | 1c423f50eda1ffa1 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 24, 2023, 6:08 a.m. |
| Added to db | March 24, 2023, 7:23 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | Data Exfiltration Tips/Tricks |
| Title | Data Exfiltration Tips/Tricks |
| Detected Hints/Tags/Attributes | 50/1/45 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 228 | system.io |
|
| Details | Domain | 291 | raw.githubusercontent.com |
|
| Details | Domain | 339 | system.net |
|
| Details | Domain | 12 | linenum.sh |
|
| Details | Domain | 2 | helloworld.py |
|
| Details | Domain | 2 | sourcecode.zip |
|
| Details | File | 1 | c:\link\to file\example.txt |
|
| Details | File | 1 | c:\link\to\save\file\encoded.txt |
|
| Details | File | 1 | c:\path\to\encode-file\encoded.txt |
|
| Details | File | 1 | c:\path\to\save\decode-file\decoded.txt |
|
| Details | File | 2125 | cmd.exe |
|
| Details | File | 32 | powerview.ps1 |
|
| Details | File | 1 | c:\users\public\downloads\powerview.ps1 |
|
| Details | File | 1 | 'powerviewasync.ps1 |
|
| Details | File | 27 | invoke-mimikatz.ps1 |
|
| Details | File | 1 | psupload.ps1 |
|
| Details | File | 2 | helloworld.py |
|
| Details | File | 33 | nc.exe |
|
| Details | File | 1 | c:\users\john\desktop\sourcecode.zip |
|
| Details | File | 1 | myroot.txt |
|
| Details | File | 79 | file.txt |
|
| Details | File | 1 | 'ftp-file.txt |
|
| Details | File | 15 | urllib.url |
|
| Details | File | 41 | request.url |
|
| Details | Github username | 22 | powershellmafia |
|
| Details | Github username | 18 | empireproject |
|
| Details | Github username | 1 | juliourena |
|
| Details | Github username | 4 | rebootuser |
|
| Details | IPv4 | 1 | 10.10.10.32 |
|
| Details | IPv4 | 1 | 192.168.220.133 |
|
| Details | IPv4 | 1 | 192.168.49.129 |
|
| Details | IPv4 | 619 | 0.0.0.0 |
|
| Details | IPv4 | 1 | 192.168.49.128 |
|
| Details | Url | 1 | https://raw.githubusercontent.com/powershellmafia/powersploit/dev/recon/powerview.ps1','c:\users\public\downloads\powerview.ps1 |
|
| Details | Url | 4 | https://raw.githubusercontent.com/powershellmafia/powersploit/master/recon/powerview.ps1 |
|
| Details | Url | 1 | https://raw.githubusercontent.com/empireproject/empire/master/data/module_source/credentials/invoke-mimikatz.ps1 |
|
| Details | Url | 1 | https://raw.githubusercontent.com/powershellmafia/powersploit/dev/recon/powerview.ps1 |
|
| Details | Url | 1 | https://raw.githubusercontent.com/juliourena/plaintext/master/powershell/psupload.ps1 |
|
| Details | Url | 2 | https://raw.githubusercontent.com/rebootuser/linenum/master/linenum.sh |
|
| Details | Url | 1 | https://raw.githubusercontent.com/juliourena/plaintext/master/scripts/helloworld.py |
|
| Details | Url | 1 | ftp://192.168.49.128/file.txt |
|
| Details | Url | 1 | ftp://192.168.49.128/ftp-hosts |
|
| Details | Url | 1 | http://192.168.49.128:8000/upload |
|
| Details | Url | 1 | https://192.168.49.128/upload |
|
| Details | Url | 1 | http://192.168.49.128:8000 |