Computer Discovery And Export Via Get-ADComputer Cmdlet (435e10e4-992a-4281-96f3-38b11106adde)
Detects usage of the Get-ADComputer cmdlet to collect computer information and output it to a file
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| System Owner/User Discovery - T1033 (03d7999c-1f4c-42cc-8373-e7690d318104) | Attack Pattern | Computer Discovery And Export Via Get-ADComputer Cmdlet (435e10e4-992a-4281-96f3-38b11106adde) | Sigma-Rules | 1 |