sparrow tool

About this tag
The sparrow tool tag on WindowsForum.com covers discussions related to the Sparrow tool, a PowerShell-based toolkit developed by Microsoft for detecting post-compromise threat activity in Microsoft cloud environments. Content under this tag focuses on using Sparrow to identify indicators of compromise, particularly in the context of the SolarWinds Orion supply chain attack. Topics include running Sparrow against Azure Active Directory and Microsoft 365 tenants to uncover malicious activity, interpreting its output, and integrating it with incident response workflows. The tag is relevant for security professionals and IT administrators managing Microsoft cloud security and threat hunting.
  1. News

    AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments

    Original release date: January 8, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This Alert is a companion alert to Link Removed...
Back
Top