Hide Navigation Hide TOC Addition of SID History to Active Directory Object (2632954e-db1c-49cb-9936-67d1ef1d17d2) An attacker can use the SID history attribute to gain additional privileges. Cluster A Galaxy A Cluster B Galaxy B Level SID-History Injection - T1134.005 (b7dc639b-24cd-482d-a7f1-8897eda21023) Attack Pattern Addition of SID History to Active Directory Object (2632954e-db1c-49cb-9936-67d1ef1d17d2) Sigma-Rules 1 SID-History Injection - T1134.005 (b7dc639b-24cd-482d-a7f1-8897eda21023) Attack Pattern Access Token Manipulation - T1134 (dcaa092b-7de9-4a21-977f-7fcb77e89c48) Attack Pattern 2