Saturday, May 25, 2024



Artifacts that may be indicative of UNC2452 and other threat actor activity are detected using a PowerShell module.


  1. Signing Certificate with an Unusual Validity Period.
  2. Inconsistent Signature Certificate
  3. Azure Active Directory Backdoor (any.sts)
  4. Domains that are federated
  5. Domains that haven’t been confirmed.

Disclaimer: The intended use for the tool is strictly educational and should not be used for any other purposes.

Download link:



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us