Network Sniffing (Windows)


Adversaries may sniff network traffic to capture information about an environment, including authentication material passed over the network. 

Products, Sensors, and Dependencies

ProductDependenciesData sourceAccess requiredProtocolData CollectedNotes
Tenable Vulnerability ManagementAdvanced Network ScanWindows machinesAuthenticated ScanWMINetwork ConfigurationPlugin ID: 24272


Network Interfaces Enumeration

Attack Path Technique Details

Framework: MITRE ATT&CK

Family: Credential Access, Discovery

Technique: Network Sniffing

Sub-Technique: Network Sniffing

Platform: Windows

Tenable Release Date: 2022 Q2