CtrlK

Introduction
Windows Artifacts
Windows DFIR & MITTR
SOC Related
- Cached Credentials
- Domain Controller Password Spraying

Powered by GitBook

On this page

Was this helpful?

Windows Artifacts
Persistence

CrowdStrike Searches

Files Written to Startup Folder Files Written to Startup Folder from the Internet Local Account Creation/Deletion Azure Account Creation/Deletion Scheduled Tasks

PreviousStartup Programs NextFiles Written to Startup Folder

Last updated 1 year ago

Was this helpful?