search
LinkedinTryHackme

Detecting Windows Attacks with Splunk

Detecting Common User/Domain Reconchevron-rightDetecting Password Sprayingchevron-rightDetecting Responder-like Attackschevron-rightDetecting Kerberoasting/AS-REProastingchevron-rightDetecting Pass-the-Hashchevron-rightDetecting Pass-the-Ticketchevron-rightDetecting Overpass-the-Hashchevron-rightDetecting Golden Tickets/Silver Ticketschevron-rightDetecting Unconstrained Delegation/Constrained Delegation Attackschevron-rightDetecting DCSync/DCShadowchevron-rightCreating Custom Splunk Applicationschevron-rightDetecting RDP Brute Force Attackschevron-rightDetecting Beaconing Malwarechevron-rightDetecting Nmap Port Scanningchevron-rightDetecting Kerberos Brute Force Attackschevron-rightDetecting Kerberoastingchevron-rightDetecting Golden Ticketschevron-rightDetecting Cobalt Strike's PSExecchevron-rightDetecting Zerologonchevron-rightDetecting Exfiltration (HTTP)chevron-rightDetecting Exfiltration (DNS)chevron-rightDetecting Ransomwarechevron-right
PreviousPractical Digital Forensics ScenarioNextDetecting Common User/Domain Recon