Ctrlk

Introduction
Windows Artifacts
Windows DFIR & MITTR
SOC Related
- Cached Credentials
- Domain Controller Password Spraying

Powered by GitBook

Page cover

On this page

Was this helpful?

Windows Artifacts

Account Usage

Authentications SAM Artifacts Authentications (Windows Event Log)Group Membership RDP SSH Rouge Local Accounts CrowdStrike Searches

PreviousServer File/Folder Locations NextAuthentications SAM Artifacts

Last updated 1 year ago

Was this helpful?