Theft/Dumping using tools such as WCE, Mimikatz, gsecdump to
collect plaintext or hashed usernames and passwords
2. SQL Injection an input validation attack specific to database applications where SQL code is inserted into application queries to manipulate the database.
3. Process Hollowing a new instance of a legitimate process is launched and memory that contains original code is promptly deallocated (hollowed) and replaced with malicious code
4. DLL Side Loading a malicious DLL in a specific Windows directory is loaded instead of the legitimate one due to a vulnerable feature
5. Adversarial managed infrastructure Command & Control (C2) utilizing a managed infrastructure (IPs, domains, applications) to maintain communications with implanted malware
6. show more content
Encrypted Outbound Sessions an encrypted interactive session by an adversary which takes advantage of less restrictive outbound connections
9. Reverse RDP Tunnel using a reverse SSH tunnel to access RDP
10. Compromised Certificates stealing certificates to sign malware, encrypt outbound sessions to avoid detection, and Man-in-the-Middle attacks to decrypt sensitive data.
11. Replacing Valid Binaries authorized and legitimate system utilities are replaced with attacker supplied ones to create malicious effects
12. Pass-the-Hash to steal and reuse password hash values, which can be used directly as an authenticator to access services on behalf of the user through single sign-on (SSO) authentication
13. Privilege Escalation when a user gets access to more resources or functionality than they are normally allowed, which is most often through known exploits or zero-day attacks against the local OS
14. Vulnerability Exploitation
a. 0-day Vulnerabilities Exploitation an attackthat takes advantage of a vulnerability for which no patch is yet available.
b. Known Vulnerabilities Exploitation an attack that takes advantage of a vulnerability for which a software patch is
Other samples, services and questions:
When you use PaperHelp, you save one valuable — TIME
You can spend it for more important things than paper writing.