← LibraryTechnique entry
AD-COERCE-WEBDAVInitial Access
WebClient / WebDAV Coercion
Trigger the WebClient service to send NTLM over HTTP — relayable to non-SMB targets (LDAP, ADCS).
§ Where this technique fits
AD-COERCE-WEBDAV is catalogued under the Initial Access tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.