LoFP
/
t1568.002
t1568.002
Title
Tags
false positives may be present if dns txt record contents are similar to benign dns txt record contents.
t1568.002
endpoint
splunk
false positives may be present if domain name is similar to dga generated domains.
t1568.002
endpoint
splunk
legitimate use of ngrok
t1090
t1102
t1567
t1568
t1568.002
t1572
linux
sigma
legitimate use of the ngrok service.
t1090
t1102
t1567
t1567.001
t1568
t1568.002
t1572
windows
sigma
LoFP
/
t1568.002