Home/ MITRE Matrix/ Defense Evasion/ T1207

T1207Rogue Domain Controller

T1207 — Rogue Domain Controller is a MITRE ATT&CK technique in the Defense Evasion tactic. Clankerusecase tracks 6 detection use cases covering it.

Defense Evasion

View on the matrix → Filter Detection Library MITRE official spec ↗

6Use cases

0Articles

0Sub-techniques

1Tactic

Use cases covering this technique (6)

Windows AD DCShadow Privileges ACL Addition ESCU actions · alerting P Windows AD Domain Controller Promotion ESCU actions · alerting P Windows AD Short Lived Domain Controller SPN Attribute ESCU actions · alerting P Windows AD Short Lived Server Object ESCU actions · alerting P Windows AD Replication Service Traffic ESCU actions · alerting P Windows AD Rogue Domain Controller Network Activity ESCU actions · alerting P