mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 08:47:18 +00:00
add legitimate tools
This commit is contained in:
parent
19452d8c1f
commit
5355910a8f
1 changed files with 13 additions and 1 deletions
|
@ -7844,7 +7844,19 @@
|
|||
},
|
||||
"uuid": "a577bb0d-9732-449a-80f7-5e6c93e6046c",
|
||||
"value": "Reductor"
|
||||
},
|
||||
{
|
||||
"value": "ProcDump",
|
||||
"description": "Legitimate tool - command-line tool used to monitor a running process and dump memory depending on customcriteria. The attackers use this tool to dump the LSASS process to gatherWINDOWScredentials hashes"
|
||||
},
|
||||
{
|
||||
"value": "CertMig",
|
||||
"description": "Legitimate tool - command-line tool used to import and export certificates on a machine. The attackers use this toolto gather credentials used for VPN authentication to the clients’ networks"
|
||||
},
|
||||
{
|
||||
"value": "Netscan",
|
||||
"description": "Legitimate tool - tool used to scan IPv4/IPv6 networks and remotely execute PowerShell commands."
|
||||
}
|
||||
],
|
||||
"version": 125
|
||||
"version": 126
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue