PetitPotam…from attack to detection via Microsoft Defender for Identity (MDI)

The attack

PSPKIAudit

PetitPotam

NTLMRelayx

Rubeus

MimiKatz — DCSync

MimiKatz — Pass the hash

Microsoft Defender for Identity

Microsoft 365 Defender

Mitigation

--

--

--

Chief Technology Officer @ Nedscaper

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

wXCASH Update #5

Fingerprinting WAF Rules via Timing Based Side Channel Attacks

DUCATO Protocol Security Audit Provided by CertiK

Understanding and Securing RFC/RFID

Outsourcing Password Management 101

HTTPS: an awesome, secure tale (pt 1)

Confusion Matrix From a CyberSecrurity Analyst Perspective

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Derk van der Woude

Derk van der Woude

Chief Technology Officer @ Nedscaper

More from Medium

Harbor 2 as Apptainer image registry

Attack Surface’s of Industrial Control Systems

Threat Detection & Hunting with Google Chronicle Security

Know more about SOAR platform in cybersecurity: (Orchestration, Automation and Response)

Soar Platform, Security Orchestration and automation