Χρήση του εργαλείου sysmon για τον εντοπισμό επιθέσεων εσωτερικής μετακίνησης ενός επιτιθέμενου
Application of the sysmon tool for the identification of internal lateral movements of an attacker
View/
Keywords
Sysmon ; Ανίχνευση ; Εσωτερική μετακίνησηAbstract
Through this dissertation, the reader can be informed about the use, operation and capabilities of the Sysmon tool as well as a way to install and configure the tool. At the same time, the reader is informed about the ways in which an attacker's internal movements can be detected in a network with Windows Domain. In addition, during this report, a detailed presentation and analysis of the methodologies, techniques and tools used by an attacker in order to move internally (Lateral Movement) in a network with Windows Domain, with the ultimate goal of becoming a domain admin or steal data.