├── README.org
├── recommendations
    └── kerberos
    │   ├── enforceUserLogonRestriction.md
    │   ├── maxLifeUserTicket.md
    │   ├── maxLifeUserTicketRenewal.md
    │   ├── maxLifetimeSvcTicket.md
    │   └── maxToleranceCompClockSync.md
└── techniques
    └── webCredentialHarvest
        ├── README.org
        ├── detection
            ├── browserCredHarvesting.spl
            ├── browserCredHarvesting.yml
            └── splunkNotebookTest.ipynb
        └── validation
            ├── coffLoader_firefoxDecrypt.png
            ├── firefoxDecrypt.png
            └── sharpChrome.png


/README.org:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/README.org


--------------------------------------------------------------------------------
/recommendations/kerberos/enforceUserLogonRestriction.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/recommendations/kerberos/enforceUserLogonRestriction.md


--------------------------------------------------------------------------------
/recommendations/kerberos/maxLifeUserTicket.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/recommendations/kerberos/maxLifeUserTicket.md


--------------------------------------------------------------------------------
/recommendations/kerberos/maxLifeUserTicketRenewal.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/recommendations/kerberos/maxLifeUserTicketRenewal.md


--------------------------------------------------------------------------------
/recommendations/kerberos/maxLifetimeSvcTicket.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/recommendations/kerberos/maxLifetimeSvcTicket.md


--------------------------------------------------------------------------------
/recommendations/kerberos/maxToleranceCompClockSync.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/recommendations/kerberos/maxToleranceCompClockSync.md


--------------------------------------------------------------------------------
/techniques/webCredentialHarvest/README.org:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/techniques/webCredentialHarvest/README.org


--------------------------------------------------------------------------------
/techniques/webCredentialHarvest/detection/browserCredHarvesting.spl:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/techniques/webCredentialHarvest/detection/browserCredHarvesting.spl


--------------------------------------------------------------------------------
/techniques/webCredentialHarvest/detection/browserCredHarvesting.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/techniques/webCredentialHarvest/detection/browserCredHarvesting.yml


--------------------------------------------------------------------------------
/techniques/webCredentialHarvest/detection/splunkNotebookTest.ipynb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/techniques/webCredentialHarvest/detection/splunkNotebookTest.ipynb


--------------------------------------------------------------------------------
/techniques/webCredentialHarvest/validation/coffLoader_firefoxDecrypt.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/techniques/webCredentialHarvest/validation/coffLoader_firefoxDecrypt.png


--------------------------------------------------------------------------------
/techniques/webCredentialHarvest/validation/firefoxDecrypt.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/techniques/webCredentialHarvest/validation/firefoxDecrypt.png


--------------------------------------------------------------------------------
/techniques/webCredentialHarvest/validation/sharpChrome.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cybergoatpsyops/detections/HEAD/techniques/webCredentialHarvest/validation/sharpChrome.png


--------------------------------------------------------------------------------