ATT&CK 기법 · Discovery

System Owner/User Discovery T1033

이 기법을 다룬 REVELARE 한국어 위협 분석 2편 · Discovery

이 기법을 다룬 분석

Silver Fox의 ValleyRAT, 깨끗한 ntdll로 EDR을 끊은 7분 분석

ACRStealer: 한국 1위 인포스틸러가 샌드박스를 무력화한 4가지 방법

MITRE 공식 정의

Adversaries may attempt to identify the primary user, currently logged in user, set of users that commonly uses a system, or whether a user is actively using the system. They may do this, for example, by retrieving account usernames or by using [OS Credential Dumping](https://attack.mitre.org/techniques/T1003). The information may be collected in a number of different ways using other Discovery techniques, because user and username details are prevalent throughout a system an…

attack.mitre.org ↗ATT&CK 매트릭스

플랫폼: Linux, macOS, Network Devices, Windows