A legitimate commercial vulnerability scanner.
| TA0043 | TA0042 | TA0001 | TA0002 | TA0003 | TA0004 | TA0005 | TA0006 | TA0007 | TA0008 | TA0009 | TA0011 | TA0010 | TA0040 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
| IP:Port | Timestamp |
|---|
| Domain | Timestamp |
|---|
| URL | Timestamp |
|---|
Tool: Acunetix Web Vulnerability Scanner
Names: Acunetix Web Vulnerability Scanner
Description: A legitimate commercial vulnerability scanner.
Category: Tools
Type: Vulnerability scanner
Information: https://www.acunetix.com/web-vulnerability-scanner/
Last-card-change: 2020-04-20
Source: https://apt.etda.or.th/cgi-bin/listtools.cgi
| TA0043 | TA0042 | TA0001 | TA0002 | TA0003 | TA0004 | TA0005 | TA0006 | TA0007 | TA0008 | TA0009 | TA0011 | TA0010 | TA0040 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
T1569.002 SYSTEM SERVICES : SERVICE EXECUTION the net start and net stop commands can be used in net to execute or stop windows services. | T1136.001 CREATE ACCOUNT : LOCAL ACCOUNT the net user username \password commands in net can be used to create a local account. T1136.002 CREATE ACCOUNT : DOMAIN ACCOUNT the net user username \password \domain commands in net can be used to create a domain account. | T1070.005 INDICATOR REMOVAL : NETWORK SHARE CONNECTION REMOVAL the net use \system\share /delete command can be used in net to remove an established connection to a network share. | T1087.001 ACCOUNT DISCOVERY : LOCAL ACCOUNT commands under net user can be used in net to gather information about and manipulate user accounts. T1087.002 ACCOUNT DISCOVERY : DOMAIN ACCOUNT net commands used with the /domain flag can be used to gather information about and manipulate user accounts on the current domain. T1135 NETWORK SHARE DISCOVERY the net view \remotesystem and net share commands in net can be used to find shared drives and directories on remote and local systems respectively. T1201 PASSWORD POLICY DISCOVERY the net accounts and net accounts /domain commands with net can be used to obtain password policy information. T1069.001 PERMISSION GROUPS DISCOVERY : LOCAL GROUPS commands such as net group and net localgroup can be used in net to gather information about and manipulate groups. T1069.002 PERMISSION GROUPS DISCOVERY : DOMAIN GROUPS commands such as net group /domain can be used in net to gather information about and manipulate groups. T1018 REMOTE SYSTEM DISCOVERY commands such as net view can be used in net to gather information about available remote systems. T1049 SYSTEM NETWORK CONNECTIONS DISCOVERY commands such as net use and net session can be used in net to gather information about network connections from a particular host. T1007 SYSTEM SERVICE DISCOVERY the net start command can be used in net to find information about windows services. T1124 SYSTEM TIME DISCOVERY the net time command can be used in net to determine the local or remote system time. | T1021.002 REMOTE SERVICES : SMB/WINDOWS ADMIN SHARES lateral movement can be done with net through net use commands to connect to the on remote systems. |