CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
ee80e6bc1eb5d96af9768332229197e1cf76682c
hayabusa/sample-evtx/EVTX-ATTACK-SAMPLES/Lateral Movement
T
History
..
DFIR_RDP_Client_TimeZone_RdpCoreTs_104_example.evtx
dfir_rdpsharp_target_RdpCoreTs_168_68_131.evtx
ImpersonateUser-via local Pass The Hash Sysmon and Security.evtx
lateral_movement_startup_3_11.evtx
LM_4624_mimikatz_sekurlsa_pth_source_machine.evtx
LM_5145_Remote_FileCopy.evtx
LM_add_new_namedpipe_tp_nullsession_registry_turla_like_ttp.evtx
LM_DCOM_MSHTA_LethalHTA_Sysmon_3_1.evtx
LM_dcom_shwnd_shbrwnd_mmc20_failed_traces_system_10016.evtx
LM_ImageLoad_NFSH_Sysmon_7.evtx
LM_impacket_docmexec_mmc_sysmon_01.evtx
LM_NewShare_Added_Sysmon_12_13.evtx
LM_PowershellRemoting_sysmon_1_wsmprovhost.evtx
LM_regsvc_DirectoryServiceExtPt_Lsass_NTDS_AdamXpn.evtx
LM_REMCOM_5145_TargetHost.evtx
lm_remote_registry_sysmon_1_13_3.evtx
LM_Remote_Service01_5145_svcctl.evtx
LM_Remote_Service02_7045.evtx
LM_renamed_psexecsvc_5145.evtx
LM_ScheduledTask_ATSVC_target_host.evtx
lm_sysmon_18_remshell_over_namedpipe.evtx
LM_sysmon_1_12_13_3_tsclient_SharpRdp.evtx
LM_sysmon_3_12_13_1_SharpRDP.evtx
LM_sysmon_3_DCOM_ShellBrowserWindow_ShellWindows.evtx
LM_sysmon_psexec_smb_meterpreter.evtx
LM_sysmon_remote_task_src_powershell.evtx
LM_tsclient_startup_folder.evtx
LM_typical_IIS_webshell_sysmon_1_10_traces.evtx
LM_winrm_exec_sysmon_1_winrshost.evtx
LM_winrm_target_wrmlogs_91_wsmanShellStarted_poorLog.evtx
LM_WMI_4624_4688_TargetHost.evtx
LM_wmi_PoisonHandler_Mr-Un1k0d3r_sysmon_1_13.evtx
LM_WMIC_4648_rpcss.evtx
LM_wmiexec_impacket_sysmon_whoami.evtx
LM_xp_cmdshell_MSSQL_Events.evtx
MSSQL_15281_xp_cmdshell_exec_failed_attempt.evtx
net_share_drive_5142.evtx
powercat_revShell_sysmon_1_3.evtx
remote task update 4624 4702 same logonid.evtx
remote_file_copy_system_proc_file_write_sysmon_11.evtx
RemotePowerShell_MS_Windows-Remote_Management_EventID_169.evtx
sharprdp_sysmon_7_mstscax.dll.evtx
smb_bi_auth_conn_spoolsample.evtx
smbmap_upload_exec_sysmon.evtx
spoolsample_5145.evtx
sysmon_1_exec_via_sql_xpcmdshell.evtx
wmi_remote_registry_sysmon.evtx