Home/ MITRE Matrix/ Discovery/ T1049

T1049System Network Connections Discovery

T1049 — System Network Connections Discovery is a MITRE ATT&CK technique in the Discovery tactic. Clankerusecase tracks 9 detection use cases covering it.

Discovery

View on the matrix → Filter Detection Library MITRE official spec ↗

9Use cases

0Articles

0Sub-techniques

1Tactic

Use cases covering this technique (9)

GetNetTcpconnection with PowerShell ESCU actions · hunting P GetNetTcpconnection with PowerShell Script Block ESCU actions · hunting P Network Connection Discovery With Arp ESCU actions · hunting P Network Connection Discovery With Netstat ESCU actions · hunting P Windows Common Abused Cmd Shell Risk Behavior ESCU actions · alerting P Windows Network Connection Discovery Via Net ESCU actions · hunting P Windows Post Exploitation Risk Behavior ESCU actions · alerting P Windows System Network Connections Discovery Netsh ESCU actions · hunting P Network Connection Discovery With Net ESCU actions · hunting P