logo
Red wilds
Operational procedures for endpoint attacks
  • Privacy greenhouse
  • Defence blues
  • Purple crossroads
  • Indigo observatory
  • Contact
Initializing search
      • Unseen University Power & Light Co.
      • The Scarlet Semaphore
      • Myrddin’s menagerie
      • Creating all kinds of labs
      • Where the falcons and foxes roam
        • A canopy of apple-blossom
        • Social engineering
        • Where wild boars plough through endpoints
        • Wolverines do not ask for permissions
        • Riches in the ground
        • The device is just the keyring
          • Field notes from the identity layer
          • Operational procedures for endpoint attacks
            • Runbook: Endpoint initial access
            • Runbook: EDR bypass
            • Runbook: Credential and token harvesting
            • Runbook: Pivot from endpoint to cloud
          • Operational procedures for endpoint attacks
            • Runbook: Endpoint initial access
            • Runbook: EDR bypass
            • Runbook: Credential and token harvesting
            • Runbook: Pivot from endpoint to cloud
          • Attack chain playbooks for endpoint operations
          • Controls and detection for endpoint attacks
        • Poking physics with network packets
      • Where the raccoons burrow and rummage
      • Where squirrels swipe the crown jewels

    Operational procedures for endpoint attacks¶

    Runbooks:

    • Runbook: Endpoint initial access
    • Runbook: EDR bypass
    • Runbook: Credential and token harvesting
    • Runbook: Pivot from endpoint to cloud
    2026-03-25 00:01
    © Copyright 2025, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7