![MENASEC - Applied Security Research: An overview of Windows EventID 4648 - Logon with explicit credentials MENASEC - Applied Security Research: An overview of Windows EventID 4648 - Logon with explicit credentials](https://2.bp.blogspot.com/-UklS_476-Is/XH0uLDgeXBI/AAAAAAAAAXQ/dxC5cDeEAe0aD6y32N6AX6UoEz0EFpBQwCLcBGAs/s1600/4648_NetUse.jpg)
MENASEC - Applied Security Research: An overview of Windows EventID 4648 - Logon with explicit credentials
![Detecting Lateral Movement 101 (Part-2): Hunting for malcode Execution via WMI using Windows Event Log Analysis | by imp hash | Medium Detecting Lateral Movement 101 (Part-2): Hunting for malcode Execution via WMI using Windows Event Log Analysis | by imp hash | Medium](https://miro.medium.com/v2/resize:fit:534/1*G0exbGItNNlWz52T0ghnKA.png)
Detecting Lateral Movement 101 (Part-2): Hunting for malcode Execution via WMI using Windows Event Log Analysis | by imp hash | Medium
MENASEC - Applied Security Research: An overview of Windows EventID 4648 - Logon with explicit credentials
![4776(S, F) The computer attempted to validate the credentials for an account. - Windows Security | Microsoft Learn 4776(S, F) The computer attempted to validate the credentials for an account. - Windows Security | Microsoft Learn](https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/images/event-4776.png)
4776(S, F) The computer attempted to validate the credentials for an account. - Windows Security | Microsoft Learn
![MENASEC - Applied Security Research: An overview of Windows EventID 4648 - Logon with explicit credentials MENASEC - Applied Security Research: An overview of Windows EventID 4648 - Logon with explicit credentials](https://4.bp.blogspot.com/-irclAMli5RA/XH0uIIv7UII/AAAAAAAAAXM/MogAHH5lS_s5RNc0UeyZhoNtnNDYYZLNACLcBGAs/s1600/4648_RDP.png)
MENASEC - Applied Security Research: An overview of Windows EventID 4648 - Logon with explicit credentials
![Windows event ID 4648 - A logon was attempted using explicit credentials | Windows security encyclopedia Windows event ID 4648 - A logon was attempted using explicit credentials | Windows security encyclopedia](https://www.windows-security.org/sites/windows-security.org/files/photo_47675_20151019.jpg)
Windows event ID 4648 - A logon was attempted using explicit credentials | Windows security encyclopedia
![windows - EVENTID 4648. Mismatch ,Subject (Standard User), CredentialsUsed (Admin), Target(Localhost) - Server Fault windows - EVENTID 4648. Mismatch ,Subject (Standard User), CredentialsUsed (Admin), Target(Localhost) - Server Fault](https://i.stack.imgur.com/HoTrt.png)
windows - EVENTID 4648. Mismatch ,Subject (Standard User), CredentialsUsed (Admin), Target(Localhost) - Server Fault
MENASEC - Applied Security Research: An overview of Windows EventID 4648 - Logon with explicit credentials
![AppInsight for Active Directory Alert is not really helpful ? - Forum - Server & Application Monitor (SAM) - THWACK AppInsight for Active Directory Alert is not really helpful ? - Forum - Server & Application Monitor (SAM) - THWACK](https://thwack.solarwinds.com/resized-image/__size/400x400/__key/communityserver-discussions-components-files/19/jm_5F00_sysadmin_5F00_0_2D00_1583155484116.png)
AppInsight for Active Directory Alert is not really helpful ? - Forum - Server & Application Monitor (SAM) - THWACK
![Using the Convert-EventLogRecord function alongside the Get-WinEvent PowerShell cmdlet to search Windows event logs – 4sysops Using the Convert-EventLogRecord function alongside the Get-WinEvent PowerShell cmdlet to search Windows event logs – 4sysops](https://4sysops.com/wp-content/uploads/2021/06/Convert-EventLogRecord-and-its-output-with-an-event-ID-4648-log.png)