02 May 14:40

2XXE-SRA

Index 2025 v1.0.3 Latest

Latest

v1.0.3 (May 2025)

Update DLL sideload TID from T1574.002 to T1574.001 as T1574.002 was revoked in ATT&CK v17 (see: https://attack.mitre.org/resources/updates/updates-april-2025/)

Assets 3

12 Feb 19:09

2XXE-SRA

Index 2025 v1.0.2

v1.0.2 (February 2025)

Update detection link for Azure diagnostic

Assets 3

31 Jan 19:26

2XXE-SRA

Index 2025 v1.0.1

2025-v1.0.1

ver bump

Assets 3

08 Jan 16:52

2XXE-SRA

Index 2025 v1.0.0

2025-v1.0.0

2025

Assets 3

03 Jul 19:44

2XXE-SRA

Indexes 2024 v1.0.2

v1.0.2

Misc cleanup

Assets 6

12 Feb 19:28

2XXE-SRA

Indexes 2024 v1.0.1

v1.0.1

Fix for Winlogon command

Assets 6

08 Jan 18:04

2XXE-SRA

Indexes 2024 v1

2024 Indexes release

Assets 6

15 Jun 15:04

2XXE-SRA

Indexes 2023 v1.2

ID updates

Assets 2

28 Apr 14:15

2XXE-SRA

FSI 2023 v1.1

FSI Changelog v1.1

Test Cases

Credential Access

Updated hashdump guidance to also include mimikatz equivalent command

Discovery

Updated local/domain enumeration test case guidance to remove overlapping commands
Added LDAP user enumeration

Execution

Cut LNK exe

Defense Evasion

Added rundll32 exe proxy execution

Persistence

Cut webshell

Misc RHI/HI

Updated guidance for hashdump test case

Assets 2

17 Mar 14:03

2XXE-SRA

Indexes 2023 v1

2023-v1

hindex test case change, guidance updates, reexport

Assets 2