Ctrlk

Introduction
Windows Artifacts
Windows DFIR & MITTR
SOC Related
- Cached Credentials
- Domain Controller Password Spraying

Powered by GitBook

Page cover

On this page

Was this helpful?

Windows Artifacts

Processes

at.exe explorer.exe lsass.exe lsaiso.exe PuTTy.exe runtimebroker.exe services.exe smss.exe System svchost.exe winlogon.exe wininit.exe

PreviousBrowser History Finder Nextat.exe

Last updated 1 year ago

Was this helpful?