technique
https://en.wikipedia.org/wiki/Link-Local_Multicast_Name_Resolution
Wikipedia. (2016, July 7). Link-Local Multicast Name Resolution. Retrieved November 17, 2017.
technique
https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-und
Salvati, M. (2017, June 2). Practical guide to NTLM Relaying in 2017 (A.K.A getting a foothold in under 5 minutes). Retrieved February 7, 2019.
technique
https://attack.mitre.org/techniques/T1171
technique
https://www.circl.lu/services/passive-dns/
CIRCL Computer Incident Response Center. (n.d.). Passive DNS. Retrieved October 20, 2020.
technique
https://dnsdumpster.com/
Hacker Target. (n.d.). DNS Dumpster. Retrieved October 20, 2020.
technique
https://www.whois.net/
NTT America. (n.d.). Whois Lookup. Retrieved October 20, 2020.
technique
https://attack.mitre.org/techniques/T1590/005
technique
https://pages.arbornetworks.com/rs/082-KNA-087/images/13th_Worldwide_Infrastructure_Security_Report.
Philippe Alcoy, Steinthor Bjarnason, Paul Bowen, C.F. Chui, Kirill Kasavchnko, and Gary Sockrider of Netscout Arbor. (2018, January). Insight into the Global Threat Landscape - Netscout Arbor's 13th Annual Worldwide Infrastructure Security Report. Retrieved April 22, 2019.
technique
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/netflow/configuration/15-mt/nf-15-mt-book/nf-detct
Cisco. (n.d.). Detecting and Analyzing Network Threats With NetFlow. Retrieved April 25, 2019.
technique
https://www.cloudflare.com/learning/ddos/syn-flood-ddos-attack/
Cloudflare. (n.d.). What is a SYN flood attack?. Retrieved April 22, 2019.