T1110.002

Password Cracking

Adversaries may use password cracking to attempt to recover usable credentials, such as plaintext passwords, when credential material such as password hashes are obtained. [OS Credential Dumping](https://attack.mitre.org/techniques/T1003) can be used to obtain password hashes, this may only get an adversary so far when [Pass the Hash](https://attack.mitre.org/techniques/T1550/002) is not an option. Further, adversaries may leverage [Data from Configuration Repository](https://attack.mitre.org/t...

LinuxmacOSWindowsNetwork DevicesOffice SuiteIdentity Provider

Detections

Sources

Threat Actors

BY SOURCE

1elastic1sigma

PROCEDURES (2)

Process Creation Monitoring1 detections

Auto-extracted: 1 detections for process creation monitoring

Network Connection Monitoring1 detections

Auto-extracted: 1 detections for network connection monitoring

THREAT ACTORS (4)

APT3 Dragonfly FIN6 Salt Typhoon

DETECTIONS (2)

HackTool - Hashcat Password Cracker Execution

sigmahigh

Potential Linux Hack Tool Launched

elasticmedium