System Service Discovery (Windows)


Adversaries may try to gather information about registered local system services. Adversaries may obtain information about services using tools as well as OS utility commands such as sc query, tasklist /svc, systemctl --type=service, and net start.

Products, Sensors, and Dependencies

ProductDependenciesData sourceAccess requiredProtocolData CollectedNotes
Tenable Vulnerability ManagementAdvanced Network ScanWindows machinesAuthenticated ScanSMBWindows ServicesPlugin ID: 44401


Service information Information

Attack Path Technique Details

Framework: MITRE ATT&CK

Family: Discovery

Platform: Windows

Tenable Release Date: 2022 Q2