Remote Desktop Application vs MSTSC Forensics: The RDP Artifacts You Might Be Missing
14. Februar 2024
Many threat actors utilize Remote Desktop Protocol (RDP) to move laterally within an environment once they have compromised it. There has been quite a bit of documentation around forensic artifacts associated with the Microsoft MSTSC client which has been around since 1998. However, there is also a Microsoft Remote Desktop App that is available in the Microsoft store.