Hide Navigation Hide TOC

User Discovery And Export Via Get-ADUser Cmdlet (1114e048-b69c-4f41-bc20-657245ae6e3f)

Detects usage of the Get-ADUser cmdlet to collect user information and output it to a file

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
User Discovery And Export Via Get-ADUser Cmdlet (1114e048-b69c-4f41-bc20-657245ae6e3f)	Sigma-Rules	System Owner/User Discovery - T1033 (03d7999c-1f4c-42cc-8373-e7690d318104)	Attack Pattern	1