Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
GNU General Public License v3.0
133
stars
41
forks
source link
16.B) System Owner/User Discovery, Execution through API #38
Open
Cyb3rWard0g opened 4 years ago
Description
The attacker enumerates the domain’s security identifier (SID) (T1033) via the Windows API (T1106).