Create Process with Token - T1134.002 (677569f9-a8b0-459e-ab24-7f18091fa7bf) |
Attack Pattern |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
1 |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
Application Access Token - T1550.001 (f005e783-57d4-4837-88ad-dbe7faee1c51) |
Attack Pattern |
1 |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
/etc/passwd and /etc/shadow - T1003.008 (d0b4fcdb-d67d-4ed2-99ce-788b12f8c0f4) |
Attack Pattern |
1 |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
Steal or Forge Kerberos Tickets - T1558 (3fc01293-ef5e-41c6-86ce-61f10706b64a) |
Attack Pattern |
1 |
Password Guessing - T1110.001 (09c4c11e-4fa1-4f8c-8dad-3cf8e69ad119) |
Attack Pattern |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
1 |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
Steal Application Access Token - T1528 (890c9858-598c-401d-a4d5-c67ebcdd703a) |
Attack Pattern |
1 |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
Password Cracking - T1110.002 (1d24cdee-9ea2-4189-b08e-af110bf2435d) |
Attack Pattern |
1 |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
Additional Cloud Credentials - T1098.001 (8a2f40cf-8325-47f9-96e4-b1ca4c7389bd) |
Attack Pattern |
1 |
Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517) |
Attack Pattern |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
1 |
Steal Web Session Cookie - T1539 (10ffac09-e42d-4f56-ab20-db94c67d76ff) |
Attack Pattern |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
1 |
Password Spraying - T1110.003 (692074ae-bb62-4a5e-a735-02cb6bde458c) |
Attack Pattern |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
1 |
Make and Impersonate Token - T1134.003 (8cdeb020-e31e-4f88-a582-f53dcfbda819) |
Attack Pattern |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
1 |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
Keychain - T1142 (9e09ddb2-1746-4448-9cad-7f8b41777d6d) |
Attack Pattern |
1 |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
Web Session Cookie - T1550.004 (c3c8c916-2f3c-4e71-94b2-240bdfc996f0) |
Attack Pattern |
1 |
NTDS - T1003.003 (edf91964-b26e-4b4a-9600-ccacd7d7df24) |
Attack Pattern |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
1 |
Cached Domain Credentials - T1003.005 (6add2ab5-2711-4e9d-87c8-7a0be8531530) |
Attack Pattern |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
1 |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
Token Impersonation/Theft - T1134.001 (86850eff-2729-40c3-b85e-c4af26da4a2d) |
Attack Pattern |
1 |
Credential Revoking (1cb26037-3ff3-5121-bf6b-2905ecb69baa) |
MITRE D3FEND |
Golden Ticket - T1558.001 (768dce68-8d0d-477a-b01d-0eea98b963a1) |
Attack Pattern |
1 |
Create Process with Token - T1134.002 (677569f9-a8b0-459e-ab24-7f18091fa7bf) |
Attack Pattern |
Access Token Manipulation - T1134 (dcaa092b-7de9-4a21-977f-7fcb77e89c48) |
Attack Pattern |
2 |
Use Alternate Authentication Material - T1550 (51a14c76-dd3b-440b-9c20-2bf91d25a814) |
Attack Pattern |
Application Access Token - T1550.001 (f005e783-57d4-4837-88ad-dbe7faee1c51) |
Attack Pattern |
2 |
/etc/passwd and /etc/shadow - T1003.008 (d0b4fcdb-d67d-4ed2-99ce-788b12f8c0f4) |
Attack Pattern |
OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) |
Attack Pattern |
2 |
Password Guessing - T1110.001 (09c4c11e-4fa1-4f8c-8dad-3cf8e69ad119) |
Attack Pattern |
Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) |
Attack Pattern |
2 |
Password Cracking - T1110.002 (1d24cdee-9ea2-4189-b08e-af110bf2435d) |
Attack Pattern |
Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) |
Attack Pattern |
2 |
Account Manipulation - T1098 (a10641f4-87b4-45a3-a906-92a149cb2c27) |
Attack Pattern |
Additional Cloud Credentials - T1098.001 (8a2f40cf-8325-47f9-96e4-b1ca4c7389bd) |
Attack Pattern |
2 |
Password Spraying - T1110.003 (692074ae-bb62-4a5e-a735-02cb6bde458c) |
Attack Pattern |
Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) |
Attack Pattern |
2 |
Make and Impersonate Token - T1134.003 (8cdeb020-e31e-4f88-a582-f53dcfbda819) |
Attack Pattern |
Access Token Manipulation - T1134 (dcaa092b-7de9-4a21-977f-7fcb77e89c48) |
Attack Pattern |
2 |
Keychain - T1555.001 (1eaebf46-e361-4437-bc23-d5d65a3b92e3) |
Attack Pattern |
Keychain - T1142 (9e09ddb2-1746-4448-9cad-7f8b41777d6d) |
Attack Pattern |
2 |
Use Alternate Authentication Material - T1550 (51a14c76-dd3b-440b-9c20-2bf91d25a814) |
Attack Pattern |
Web Session Cookie - T1550.004 (c3c8c916-2f3c-4e71-94b2-240bdfc996f0) |
Attack Pattern |
2 |
NTDS - T1003.003 (edf91964-b26e-4b4a-9600-ccacd7d7df24) |
Attack Pattern |
OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) |
Attack Pattern |
2 |
Cached Domain Credentials - T1003.005 (6add2ab5-2711-4e9d-87c8-7a0be8531530) |
Attack Pattern |
OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) |
Attack Pattern |
2 |
Access Token Manipulation - T1134 (dcaa092b-7de9-4a21-977f-7fcb77e89c48) |
Attack Pattern |
Token Impersonation/Theft - T1134.001 (86850eff-2729-40c3-b85e-c4af26da4a2d) |
Attack Pattern |
2 |
Steal or Forge Kerberos Tickets - T1558 (3fc01293-ef5e-41c6-86ce-61f10706b64a) |
Attack Pattern |
Golden Ticket - T1558.001 (768dce68-8d0d-477a-b01d-0eea98b963a1) |
Attack Pattern |
2 |
Keychain - T1555.001 (1eaebf46-e361-4437-bc23-d5d65a3b92e3) |
Attack Pattern |
Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) |
Attack Pattern |
3 |