SMB Authentication Capture

GPTKB entity

Statements (18)
Predicate Object
gptkbp:instanceOf cybersecurity attack technique
gptkbp:cause credential theft
lateral movement
gptkbp:detects network monitoring
SIEM tools
gptkbp:documentedIn MITRE ATT&CK T1557.003
gptkbp:exploits authentication mechanisms
https://www.w3.org/2000/01/rdf-schema#label SMB Authentication Capture
gptkbp:mitigatedBy gptkb:SMB_signing
disabling SMBv1
strong authentication policies
gptkbp:relatedTo gptkb:pass-the-hash_attack
NTLM relay attack
gptkbp:requires network access
gptkbp:target gptkb:SMB_protocol
gptkbp:usedIn penetration testing
gptkbp:bfsParent gptkb:Responder
gptkbp:bfsLayer 7