Reconstruire son Active Directory après compromission
Tags
| attack-pattern: | Model Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | c47e02ba-c0d5-4441-8669-a93d5df7e1f6 |
| Fingerprint | 4064ab39b0f285c8 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 16, 2023, 4:39 p.m. |
| Added to db | March 16, 2023, 5:51 p.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | Reconstruire son Active Directory après compromission |
| Title | Reconstruire son Active Directory après compromission |
| Detected Hints/Tags/Attributes | 31/1/25 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 207 | learn.microsoft.com |
|
| Details | Domain | 4 | www.pingcastle.com |
|
| Details | Domain | 1 | fr.purple-knight.com |
|
| Details | Domain | 2 | public.cyber.mil |
|
| Details | Domain | 397 | www.microsoft.com |
|
| Details | Domain | 1 | lgpo.zip |
|
| Details | Domain | 1 | www.geekmunity.fr |
|
| Details | File | 7 | url.txt |
|
| Details | File | 4 | cyber.mil |
|
| Details | File | 38 | details.aspx |
|
| Details | File | 1 | lgpo.zip |
|
| Details | File | 1 | lgpo.exe |
|
| Details | Url | 1 | https://www.cybermalveillance.gouv.fr/tous-nos-contenus/actualites/ransomware-rancongiciel-definition |
|
| Details | Url | 1 | https://learn.microsoft.com/fr-fr/sysinternals/downloads/psexec |
|
| Details | Url | 1 | https://learn.microsoft.com/en-us/previous-versions/windows/desktop/policy/group-policy-objects |
|
| Details | Url | 1 | https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh801901(v=ws.11 |
|
| Details | Url | 1 | https://learn.microsoft.com/en-us/powershell/module/scheduledtasks/get-scheduledtask?view=windowsserver2022 |
|
| Details | Url | 1 | https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-service?view=powershell-7.2 |
|
| Details | Url | 1 | https://learn.microsoft.com/fr-fr/windows-server/identity/ad-ds/manage/component-updates/ca-backup-and-restore-windows-powershell-cmdlets |
|
| Details | Url | 2 | https://www.pingcastle.com/download |
|
| Details | Url | 1 | https://fr.purple-knight.com/request-form |
|
| Details | Url | 1 | https://public.cyber.mil/stigs/gpo |
|
| Details | Url | 1 | https://www.microsoft.com/en-us/download |
|
| Details | Url | 1 | https://learn.microsoft.com/en-us/security/compass/privileged-access-access-model |
|
| Details | Url | 1 | https://www.geekmunity.fr/?p=1876 |