Implementing Detections for the Honeyhash

Implementing Detections for the Honeyhash

In our first post of this series, we explored the Honeyhash, and how it can be used to create a honeypot to catch attackers performing credential theft and pass-the-hash attacks.  Now that our trap is set, we need to make sure we can catch any attacker in the act who may fall for it. The concept of detection for the Honeyhash is simple.  We put a fake account in memory on a system, so let’s see if anybody tries to…

Read More Read More

STEALTHbits Cyber Kill Chain Attack Catalog: Active Directory Attacks and More

STEALTHbits Cyber Kill Chain Attack Catalog: Active Directory Attacks and More

Cyber Attack Reference Guide for Security Practitioners For over a year now, we’ve been documenting all the most common and clever techniques attackers have developed to compromise Active Directory credentials on their way to complete domain dominance.  Frustratingly, but not surprisingly, the quantity of attack methods to choose from and the frequency of attack prevalence have only risen over the past 12 months, which got us thinking… How – besides continuing to provide cutting edge solutions for credential and data…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.