<<< Hide Navigation Hide TOC >>>
AD Groups Or Users Enumeration Using PowerShell - PoshModule (815bfc17-7fc6-4908-a55e-2f37b98cedb4)
Adversaries may attempt to find domain-level groups and permission settings. The knowledge of domain-level permission groups can help adversaries determine which groups exist and which users belong to a particular group. Adversaries may use this information to determine which users have elevated permissions, such as domain administrators.
Cluster A![]() |
Galaxy A![]() |
Cluster B![]() |
Galaxy B![]() |
Level![]() |
---|---|---|---|---|
AD Groups Or Users Enumeration Using PowerShell - PoshModule (815bfc17-7fc6-4908-a55e-2f37b98cedb4) | Sigma-Rules | Local Groups - T1069.001 (a01bf75f-00b2-4568-a58f-565ff9bf202b) | Attack Pattern | 1 |
Permission Groups Discovery - T1069 (15dbf668-795c-41e6-8219-f0447c0e64ce) | Attack Pattern | Local Groups - T1069.001 (a01bf75f-00b2-4568-a58f-565ff9bf202b) | Attack Pattern | 2 |