Agent Skills: hunting-for-dcsync-attacks
Detect DCSync attacks by analyzing Windows Event ID 4662 for unauthorized DS-Replication-Get-Changes requests from non-domain-controller accounts.
UncategorizedID: plurigrid/asi/hunting-for-dcsync-attacks
165
Install this agent skill to your local
Skill Files
Browse the full folder contents for hunting-for-dcsync-attacks.
Loading file tree…
Select a file to preview its contents.