References

Type
Url
Description

technique

https://en.wikipedia.org/wiki/Link-Local_Multicast_Name_Resolution

Wikipedia. (2016, July 7). Link-Local Multicast Name Resolution. Retrieved November 17, 2017.


technique

https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-und

Salvati, M. (2017, June 2). Practical guide to NTLM Relaying in 2017 (A.K.A getting a foothold in under 5 minutes). Retrieved February 7, 2019.


technique

https://attack.mitre.org/techniques/T1171


technique

https://www.circl.lu/services/passive-dns/

CIRCL Computer Incident Response Center. (n.d.). Passive DNS. Retrieved October 20, 2020.


technique

https://dnsdumpster.com/

Hacker Target. (n.d.). DNS Dumpster. Retrieved October 20, 2020.


technique

https://www.whois.net/

NTT America. (n.d.). Whois Lookup. Retrieved October 20, 2020.


technique

https://attack.mitre.org/techniques/T1590/005


technique

https://pages.arbornetworks.com/rs/082-KNA-087/images/13th_Worldwide_Infrastructure_Security_Report.

Philippe Alcoy, Steinthor Bjarnason, Paul Bowen, C.F. Chui, Kirill Kasavchnko, and Gary Sockrider of Netscout Arbor. (2018, January). Insight into the Global Threat Landscape - Netscout Arbor's 13th Annual Worldwide Infrastructure Security Report. Retrieved April 22, 2019.


technique

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/netflow/configuration/15-mt/nf-15-mt-book/nf-detct

Cisco. (n.d.). Detecting and Analyzing Network Threats With NetFlow. Retrieved April 25, 2019.


technique

https://www.cloudflare.com/learning/ddos/syn-flood-ddos-attack/

Cloudflare. (n.d.). What is a SYN flood attack?. Retrieved April 22, 2019.