Network Sniffing - MacOs (adc9bcc4-c39c-4f6b-a711-1884017bf043)
Detects the usage of tooling to sniff network traffic. An adversary may place a network interface into promiscuous mode to passively access data in transit over the network, or use span ports to capture a larger amount of data.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Network Sniffing - T1040 (3257eb21-f9a7-4430-8de1-d8b6e288f529) | Attack Pattern | Network Sniffing - MacOs (adc9bcc4-c39c-4f6b-a711-1884017bf043) | Sigma-Rules | 1 |