22 January 2023
- 14:3714:37, 22 January 2023 diff hist +11 N Writeup Created page with "{{Writeup}}" current Tag: Visual edit: Switched
- 13:3613:36, 22 January 2023 diff hist +717 N Serverless Created page with "Adversaries may purchase and configure serverless cloud infrastructure, such as Cloudflare Workers or AWS Lambda functions, that can be used during targeting. By utilizing serverless infrastructure, adversaries can make it more difficult to attribute infrastructure used during operations back to them. Once acquired, the serverless runtime environment can be leveraged to either respond directly to infected machines or to Proxy traffic to an adversary-owned command and co..." current Tag: Visual edit
- 13:3513:35, 22 January 2023 diff hist +582 N Web Services Created page with "Adversaries may register for web services that can be used during targeting. A variety of popular websites exist for adversaries to register for a web-based service that can be abused during later stages of the adversary lifecycle, such as during Command and Control (Web Service) or Exfiltration Over Web Service. Using common services, such as those offered by Google or Twitter, makes it easier for adversaries to hide in expected noise. By utilizing a web service, advers..." current Tag: Visual edit
- 13:3413:34, 22 January 2023 diff hist +497 N Botnet Created page with "Adversaries may buy, lease, or rent a network of compromised systems that can be used during targeting. A botnet is a network of compromised systems that can be instructed to perform coordinated tasks.[1] Adversaries may purchase a subscription to use an existing botnet from a booter/stresser service. With a botnet at their disposal, adversaries may perform follow-on activity such as large-scale Phishing or Distributed Denial of Service (DDoS).[2][3][4][5] category:Ac..." current
- 13:3413:34, 22 January 2023 diff hist +767 N Server Created page with "Adversaries may buy, lease, or rent physical servers that can be used during targeting. Use of servers allows an adversary to stage, launch, and execute an operation. During post-compromise activity, adversaries may utilize servers for various tasks, including for Command and Control. Instead of compromising a third-party Server or renting a Virtual Private Server, adversaries may opt to configure and run their own servers in support of operations. Adversaries may only..." current
- 13:2913:29, 22 January 2023 diff hist +38 N Recon Redirected page to Category:Reconnaissance current Tag: New redirect
- 13:2713:27, 22 January 2023 diff hist +887 N Virtual Private Server Created page with "Adversaries may rent Virtual Private Servers (VPSs) that can be used during targeting. There exist a variety of cloud service providers that will sell virtual machines/containers as a service. By utilizing a VPS, adversaries can make it difficult to physically tie back operations to them. The use of cloud infrastructure can also make it easier for adversaries to rapidly provision, modify, and shut down their infrastructure. Acquiring a VPS for use in later stages of the..." current Tag: Visual edit: Switched
- 13:2713:27, 22 January 2023 diff hist +759 N DNS Server Created page with "Adversaries may set up their own Domain Name System (DNS) servers that can be used during targeting. During post-compromise activity, adversaries may utilize DNS traffic for various tasks, including for Command and Control (ex: Application Layer Protocol). Instead of hijacking existing DNS servers, adversaries may opt to configure and run their own DNS servers in support of operations. By running their own DNS servers, adversaries can have more control over how they adm..." current Tag: Visual edit
- 13:2213:22, 22 January 2023 diff hist +821 N Category:Acquire Infrastructure Created page with "Adversaries may buy, lease, or rent infrastructure that can be used during targeting. A wide variety of infrastructure exists for hosting and orchestrating adversary operations. Infrastructure solutions include physical or cloud servers, domains, and third-party web services.[1] Additionally, botnets are available for rent or purchase. Use of these infrastructure solutions allows an adversary to stage, launch, and execute an operation. Solutions may help adversary opera..." current
- 13:2013:20, 22 January 2023 diff hist +604 N Category:Resource Development Created page with "The adversary is trying to establish resources they can use to support operations. Resource Development consists of techniques that involve adversaries creating, purchasing, or compromising/stealing resources that can be used to support targeting. Such resources include infrastructure, accounts, or capabilities. These resources can be leveraged by the adversary to aid in other phases of the adversary lifecycle, such as using purchased domains to support Command and Cont..." Tag: Visual edit
- 13:1113:11, 22 January 2023 diff hist +399 RCATs No edit summary Tag: Visual edit: Switched
- 13:0713:07, 22 January 2023 diff hist +31 RCATs No edit summary Tag: Visual edit: Switched
- 13:0213:02, 22 January 2023 diff hist +1 RCATs:Privacy policy No edit summary current
- 13:0013:00, 22 January 2023 diff hist +295 RCATs:About No edit summary current
- 12:5612:56, 22 January 2023 diff hist +8 N File:Gaming-logo-generator-with-a-masked-shooter-character-2734l-2927.png No edit summary current
- 12:4412:44, 22 January 2023 diff hist +8 N File:Logo-template-featuring-gaming-weapons-3019 (1).png No edit summary current
- 12:4312:43, 22 January 2023 diff hist +9 N File:Gaming-logo-maker-featuring-robotic-animal-graphics-1028-el1 (2).png No edit summary current
- 12:3812:38, 22 January 2023 diff hist −28 Category:Reconnaissance Removed redirect to Reconnaissance Tags: Removed redirect Reverted Visual edit
- 12:3712:37, 22 January 2023 diff hist +71 Category:Reconnaissance Redirected page to Reconnaissance Tags: New redirect Reverted Visual edit
- 12:1612:16, 22 January 2023 diff hist −27 RCATs No edit summary
- 03:2403:24, 22 January 2023 diff hist 0 RCATs No edit summary Tag: Visual edit
- 03:2303:23, 22 January 2023 diff hist 0 RCATs No edit summary Tag: Visual edit
- 03:1703:17, 22 January 2023 diff hist +27 RCATs No edit summary Tag: Visual edit: Switched
- 03:1503:15, 22 January 2023 diff hist +305 RCATs No edit summary Tag: Visual edit
- 02:3402:34, 22 January 2023 diff hist +33 N CrackMapExec Created page with "CrackMapExec Page Coming Soon...." current Tag: Visual edit
- 02:3302:33, 22 January 2023 diff hist +327 SMB No edit summary Tag: Visual edit: Switched
21 January 2023
- 17:2217:22, 21 January 2023 diff hist +387 RCATs No edit summary Tag: Visual edit
- 01:1601:16, 21 January 2023 diff hist +35 Category:Phishing for Information No edit summary Tag: Visual edit
- 01:1601:16, 21 January 2023 diff hist +13 N File:Spearphish.png No edit summary current
- 01:0701:07, 21 January 2023 diff hist +1,001 Spearphishing Link No edit summary current
- 01:0601:06, 21 January 2023 diff hist +898 Spearphishing Attachment No edit summary
- 01:0301:03, 21 January 2023 diff hist +1,101 N Spearphishing Service Created page with "Attackers may use spearphishing tactics to trick individuals into revealing sensitive information that can be used to identify potential targets. This type of spearphishing, known as "spearphishing for information" is different from traditional spearphishing where the goal is to execute malicious code. This type of spearphishing is targeted at a specific individual, company or industry, and messages are sent through various social media services, personal webmail, and ot..." Tag: Visual edit
- 01:0201:02, 21 January 2023 diff hist +828 N Category:Phishing for Information Created page with "Attackers may use phishing tactics to trick individuals into revealing sensitive information that can be used to identify potential targets. This type of phishing, known as "phishing for information," is different from traditional phishing where the goal is to execute malicious code. Phishing for information can take the form of targeted spearphishing, where specific individuals, companies or industries are targeted, or non-targeted phishing, such as in mass credential h..." Tag: Visual edit
- 00:5300:53, 21 January 2023 diff hist −251 Category:Active Scanning No edit summary current
- 00:5000:50, 21 January 2023 diff hist −106 Category:Reconnaissance No edit summary
- 00:0700:07, 21 January 2023 diff hist +928 N Wordlist Scanning Created page with "Adversaries may scan victims for vulnerabilities that can be used during targeting. Vulnerability scans typically check if the configuration of a target host/application (ex: software and version) potentially aligns with the target of a specific exploit the adversary may seek to use. These scans may also include more broad attempts to Gather Victim Host Information that can be used to identify more commonly known, exploitable vulnerabilities. Vulnerability scans typical..." current Tag: Visual edit
- 00:0500:05, 21 January 2023 diff hist +928 N Vulnerability Scanning Created page with "Adversaries may scan victims for vulnerabilities that can be used during targeting. Vulnerability scans typically check if the configuration of a target host/application (ex: software and version) potentially aligns with the target of a specific exploit the adversary may seek to use. These scans may also include more broad attempts to Gather Victim Host Information that can be used to identify more commonly known, exploitable vulnerabilities. Vulnerability scans typical..." current Tag: Visual edit
20 January 2023
- 23:5823:58, 20 January 2023 diff hist +884 N Category:Active Scanning Created page with "Category:Reconnaissance Adversaries may execute active reconnaissance scans to gather information that can be used during targeting. Active scans are those where the adversary probes victim infrastructure via network traffic, as opposed to other forms of reconnaissance that do not involve direct interaction. Adversaries may perform different forms of active scanning depending on what information they seek to gather. These scans can also be performed in various ways,..." Tag: Visual edit
- 23:5623:56, 20 January 2023 diff hist +611 N Category:Reconnaissance Created page with "The adversary is trying to gather information they can use to plan future operations. Reconnaissance consists of techniques that involve adversaries actively or passively gathering information that can be used to support targeting. Such information may include details of the victim organization, infrastructure, or staff/personnel. This information can be leveraged by the adversary to aid in other phases of the adversary lifecycle, such as using gathered information to p..." Tag: Visual edit
- 23:3523:35, 20 January 2023 diff hist −576 RCATs Replaced content with "alt=rcats|left|thumb|500x500px" Tags: Replaced Manual revert Visual edit
- 23:3423:34, 20 January 2023 diff hist +570 RCATs:About No edit summary
- 23:3323:33, 20 January 2023 diff hist +61 N RCATs:Privacy policy Created page with "We will never sell or use your personal data for evil! -RCATs"
- 23:3223:32, 20 January 2023 diff hist +10 RCATs:General disclaimer No edit summary current
- 23:2523:25, 20 January 2023 diff hist +1,048 N RCATs:General disclaimer Created page with "The information and materials provided on this website are for educational purposes only. We make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will we be..."
- 23:2523:25, 20 January 2023 diff hist −1,048 RCATs:About Blanked the page Tag: Blanking
- 23:2523:25, 20 January 2023 diff hist +1,048 N RCATs:About Created page with "The information and materials provided on this website are for educational purposes only. We make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will we be..."
- 23:0423:04, 20 January 2023 diff hist −82 RCATs No edit summary Tags: Manual revert Reverted Visual edit
- 23:0323:03, 20 January 2023 diff hist +82 RCATs No edit summary Tags: Reverted Visual edit
- 22:5922:59, 20 January 2023 diff hist −31 RCATs No edit summary Tags: Manual revert Reverted Visual edit
- 22:5722:57, 20 January 2023 diff hist +11 RCATs No edit summary Tags: Reverted Visual edit