Search Evasion Techniques
Names, Techniques, Definitions, Keywords
3 item(s) found so far for this keyword.
Use Alternate Authentication Material: Pass the Ticket Defense Evasion [Mitre]
Adversaries may "pass the ticket" using stolen Kerberos tickets to move laterally within an environment, bypassing normal system access controls. Pass the ticket (PtT) is a method of authenticating to a system using Kerberos tickets without having access to an account's password. Kerberos authentication can be used as the first step to lateral movement to a remote system.
When preforming …
Valid Accounts: Default Accounts Defense Evasion [Mitre]
Adversaries may obtain and abuse credentials of a default account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion. Default accounts are those that are built-into an OS, such as the Guest or Administrator accounts on Windows systems. Default accounts also include default factory/provider set accounts on other types of systems, software, or devices, including the …
Stolen certificate Antivirus/EDR Evasion
To avoid detection, attackers can use stolen certificates from known companies. It allows the malware to bypass security solution.