mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
chg: [o365-exchange-techniques] Compromise row added (WiP)
This commit is contained in:
parent
a2df5c46d8
commit
3a75c6a3df
1 changed files with 80 additions and 0 deletions
|
@ -109,6 +109,86 @@
|
||||||
},
|
},
|
||||||
"uuid": "f227caf6-9399-4ac3-bab4-010f66853abb",
|
"uuid": "f227caf6-9399-4ac3-bab4-010f66853abb",
|
||||||
"value": "On-Prem Exchange - OWA version discovery"
|
"value": "On-Prem Exchange - OWA version discovery"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "AAD - Password Spray: MailSniper",
|
||||||
|
"meta": {
|
||||||
|
"kill_chain": [
|
||||||
|
"tactics:Compromise"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "933ec08d-a6d4-4ced-b732-4cb0331e7799",
|
||||||
|
"value": "AAD - Password Spray: MailSniper"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "AAD - Password Spray: CredKing",
|
||||||
|
"meta": {
|
||||||
|
"kill_chain": [
|
||||||
|
"tactics:Compromise"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "5670ca90-38cd-4825-bd83-1bdb31fd5ea3",
|
||||||
|
"value": "AAD - Password Spray: CredKing"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "O365 - Bruteforce of Autodiscover: SensePost Ruler",
|
||||||
|
"meta": {
|
||||||
|
"kill_chain": [
|
||||||
|
"tactics:Compromise"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "d66c1ead-4dd3-4968-b6fe-faf41b7fb88d",
|
||||||
|
"value": "O365 - Bruteforce of Autodiscover: SensePost Ruler"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "O365 - Phishing for credentials",
|
||||||
|
"meta": {
|
||||||
|
"kill_chain": [
|
||||||
|
"tactics:Compromise"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "eda57f15-029c-4465-9401-f9dafc6d366c",
|
||||||
|
"value": "O365 - Phishing for credentials"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "O365 - Phishing using OAuth app",
|
||||||
|
"meta": {
|
||||||
|
"kill_chain": [
|
||||||
|
"tactics:Compromise"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "61589df6-6848-4866-8613-8a4a7478abef",
|
||||||
|
"value": "O365 - Phishing using OAuth app"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "O365 - 2FA MITM Phishing: evilginx2",
|
||||||
|
"meta": {
|
||||||
|
"kill_chain": [
|
||||||
|
"tactics:Compromise"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "fa1087c8-012d-4ef6-9eb3-5b5a6fb94c02",
|
||||||
|
"value": "O365 - 2FA MITM Phishing: evilginx2"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "On-Prem Exchange - Password Spray using Invoke-PasswordSprayOWA, EWS",
|
||||||
|
"meta": {
|
||||||
|
"kill_chain": [
|
||||||
|
"tactics:Compromise"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "8ffe80b9-0213-40c6-aeca-8877bdca8741",
|
||||||
|
"value": "On-Prem Exchange - Password Spray using Invoke-PasswordSprayOWA, EWS"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "On-Prem Exchange - Bruteforce of Autodiscover: SensePost Ruler",
|
||||||
|
"meta": {
|
||||||
|
"kill_chain": [
|
||||||
|
"tactics:Compromise"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "cf8df948-0332-4ec7-94f3-3f6d54bbcbb9",
|
||||||
|
"value": "On-Prem Exchange - Bruteforce of Autodiscover: SensePost Ruler"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 1
|
"version": 1
|
||||||
|
|
Loading…
Reference in a new issue