Attack Tool(s): Impacket, PowerShell, Metasploit, Kernel Driver Utility (KDU), SharpStay
- Impacket: https://github.com/SecureAuthCorp/impacket
- PowerShell: Native Windows tool.
- Metasploit: https://www.metasploit.com
- KDU: https://github.com/hfiref0x/KDU
- SharpStay: https://github.com/0xthirteen/SharpStay
Detection Link(s):
- Endpoint Security Protection Analysis
- Memory Analysis
- Endpoint Security
