You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
sparrow tool
About this tag
The sparrow tool tag on WindowsForum.com covers discussions related to the Sparrow tool, a PowerShell-based toolkit developed by Microsoft for detecting post-compromise threat activity in Microsoft cloud environments. Content under this tag focuses on using Sparrow to identify indicators of compromise, particularly in the context of the SolarWinds Orion supply chain attack. Topics include running Sparrow against Azure Active Directory and Microsoft 365 tenants to uncover malicious activity, interpreting its output, and integrating it with incident response workflows. The tag is relevant for security professionals and IT administrators managing Microsoft cloud security and threat hunting.
Original release date: January 8, 2021
Summary
This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.
This Alert is a companion alert to Link Removed...