Okta Successful Single Factor Authentication
Compromise Accounts, Cloud Accounts, Valid Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation
Compromise Accounts, Cloud Accounts, Valid Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation
Valid Accounts, Brute Force
Exploitation for Credential Access
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force
Exploitation for Credential Access
Steal Web Session Cookie
Modify Authentication Process
Compromise Accounts, Cloud Accounts, Valid Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation
Modify Authentication Process, Multi-Factor Authentication
Modify Authentication Process, Multi-Factor Authentication
Password Spraying
Brute Force
Multi-Factor Authentication Request Generation
Password Spraying, Valid Accounts, Default Accounts
Unsecured Credentials
Security Account Manager
Security Account Manager
DCSync, OS Credential Dumping
DCSync, OS Credential Dumping
DCSync, OS Credential Dumping
DCSync, OS Credential Dumping
Compromise Accounts, Cloud Accounts, Modify Authentication Process, Multi-Factor Authentication
Compromise Accounts, Cloud Accounts, Modify Authentication Process, Multi-Factor Authentication
Compromise Accounts, Cloud Accounts, Valid Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation
Steal or Forge Authentication Certificates
NTDS, OS Credential Dumping
NTDS, OS Credential Dumping
Match Legitimate Name or Location, Masquerading, OS Credential Dumping, Active Scanning
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
Security Account Manager, OS Credential Dumping
Security Account Manager, OS Credential Dumping
Credentials from Password Stores, Credentials from Web Browsers
Credentials from Password Stores, Credentials from Web Browsers
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
Use Alternate Authentication Material, Pass the Ticket, Steal or Forge Kerberos Tickets, Kerberoasting, AS-REP Roasting
Use Alternate Authentication Material, Pass the Ticket, Steal or Forge Kerberos Tickets, Kerberoasting, AS-REP Roasting
Use Alternate Authentication Material, Pass the Ticket, Steal or Forge Kerberos Tickets, Kerberoasting, AS-REP Roasting
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
OS Credential Dumping
Steal or Forge Kerberos Tickets, Kerberoasting
Steal or Forge Kerberos Tickets, Kerberoasting
Security Account Manager, OS Credential Dumping
Security Account Manager, OS Credential Dumping
OS Credential Dumping, PowerShell
Credentials from Password Stores, Credentials from Web Browsers
Credentials from Password Stores, Credentials from Web Browsers
Steal or Forge Authentication Certificates
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
Steal or Forge Kerberos Tickets, AS-REP Roasting
Steal or Forge Kerberos Tickets, AS-REP Roasting
Compromise Accounts, Cloud Accounts, Valid Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation
Brute Force, Password Guessing, Password Spraying
Brute Force, Password Guessing, Password Spraying
Brute Force, Password Guessing, Password Spraying
Steal Application Access Token, Phishing, Spearphishing Link
Multi-Factor Authentication Request Generation
Brute Force, Password Guessing, Password Spraying
Brute Force, Password Guessing, Password Spraying
Brute Force, Password Guessing, Password Spraying
Steal Application Access Token
Security Account Manager
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Brute Force, Password Guessing
Brute Force, Password Guessing
Compromise Accounts, Cloud Accounts, Modify Authentication Process, Multi-Factor Authentication
Compromise Accounts, Cloud Accounts, Modify Authentication Process, Multi-Factor Authentication
Compromise Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation, Valid Accounts, Cloud Accounts
Modify Authentication Process, Multi-Factor Authentication
Modify Authentication Process, Multi-Factor Authentication
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Steal Application Access Token
LSA Secrets
Container API
Container API
Container API
Container API
Credentials from Password Stores
Credentials from Password Stores
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Security Account Manager, OS Credential Dumping
Security Account Manager, OS Credential Dumping
Security Account Manager, OS Credential Dumping
Security Account Manager, OS Credential Dumping
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Steal Application Access Token
Multi-Factor Authentication Request Generation
Steal Application Access Token
Steal Application Access Token
Steal Application Access Token
Steal Application Access Token
Brute Force, Password Guessing
Brute Force, Password Guessing
Steal or Forge Kerberos Tickets
Multi-Factor Authentication Request Generation, Valid Accounts, Brute Force
Multi-Factor Authentication Request Generation, Valid Accounts, Brute Force
Multi-Factor Authentication Request Generation, Multi-Factor Authentication, Device Registration
Multi-Factor Authentication Request Generation, Multi-Factor Authentication, Device Registration
Multi-Factor Authentication Request Generation, Multi-Factor Authentication, Device Registration
Multi-Factor Authentication Request Generation, Multi-Factor Authentication, Device Registration
Multi-Factor Authentication Request Generation, Multi-Factor Authentication, Device Registration
Multi-Factor Authentication Request Generation, Multi-Factor Authentication, Device Registration
Modify Authentication Process
Steal or Forge Authentication Certificates, Command and Scripting Interpreter, PowerShell
Steal or Forge Authentication Certificates, Ingress Tool Transfer
Steal or Forge Authentication Certificates, Archive Collected Data
Query Registry, System Network Connections Discovery, Permission Groups Discovery, System Network Configuration Discovery, OS Credential Dumping, System Info...
Query Registry, System Network Connections Discovery, Permission Groups Discovery, System Network Configuration Discovery, OS Credential Dumping, System Info...
Security Account Manager, OS Credential Dumping
Security Account Manager, OS Credential Dumping
NTDS, OS Credential Dumping
NTDS, OS Credential Dumping
Compromise Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation, Modify Authentication Process, Multi-Factor Authentication
Compromise Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation, Modify Authentication Process, Multi-Factor Authentication
Compromise Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation, Modify Authentication Process, Multi-Factor Authentication
Steal or Forge Authentication Certificates, Use Alternate Authentication Material
Modify Authentication Process, Multi-Factor Authentication
Modify Authentication Process, Multi-Factor Authentication
Exploitation for Credential Access
Unsecured Credentials, Group Policy Preferences
Unsecured Credentials, Group Policy Preferences
Unsecured Credentials, Group Policy Preferences
Unsecured Credentials, Group Policy Preferences
Unsecured Credentials, Group Policy Preferences
Unsecured Credentials, Group Policy Preferences
Steal or Forge Authentication Certificates
Modify Registry, OS Credential Dumping
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
Steal or Forge Kerberos Tickets, Kerberoasting
Steal or Forge Kerberos Tickets, Kerberoasting
Credentials in Registry, Unsecured Credentials
Credentials in Registry, Unsecured Credentials
Credentials in Registry, Unsecured Credentials
Credentials in Registry, Unsecured Credentials
Security Account Manager
Brute Force, Credential Stuffing
Brute Force, Credential Stuffing
Multi-Factor Authentication Request Generation
Unsecured Credentials, Group Policy Preferences
Unsecured Credentials, Group Policy Preferences
Unsecured Credentials, Group Policy Preferences
Unsecured Credentials, Group Policy Preferences
Valid Accounts, Default Accounts, Modify Authentication Process
Valid Accounts, Default Accounts, Credential Stuffing
Valid Accounts, Default Accounts, Password Spraying
Private Keys, Unsecured Credentials, Steal or Forge Authentication Certificates
Private Keys, Unsecured Credentials, Steal or Forge Authentication Certificates
Private Keys, Unsecured Credentials, Steal or Forge Authentication Certificates
Steal or Forge Authentication Certificates
Steal or Forge Authentication Certificates
Steal or Forge Authentication Certificates
Steal or Forge Authentication Certificates
Steal or Forge Authentication Certificates
Private Keys, Unsecured Credentials, Steal or Forge Authentication Certificates
Private Keys, Unsecured Credentials, Steal or Forge Authentication Certificates
Private Keys, Unsecured Credentials, Steal or Forge Authentication Certificates
Steal or Forge Authentication Certificates
Private Keys, Unsecured Credentials, Steal or Forge Authentication Certificates
Private Keys, Unsecured Credentials, Steal or Forge Authentication Certificates
Private Keys, Unsecured Credentials, Steal or Forge Authentication Certificates
Steal or Forge Authentication Certificates
Modify Authentication Process, Multi-Factor Authentication
Modify Authentication Process, Multi-Factor Authentication
Brute Force, Password Spraying, Credential Stuffing
Brute Force, Password Spraying, Credential Stuffing
Brute Force, Password Spraying, Credential Stuffing
LSASS Memory
Credentials from Password Stores
Credentials in Registry, Unsecured Credentials
Credentials in Registry, Unsecured Credentials
Password Managers
Private Keys, Unsecured Credentials
Private Keys, Unsecured Credentials
Cached Domain Credentials, OS Credential Dumping
Cached Domain Credentials, OS Credential Dumping
Steal or Forge Kerberos Tickets
OS Credential Dumping, DCSync, Rogue Domain Controller
OS Credential Dumping, DCSync, Rogue Domain Controller
Steal or Forge Kerberos Tickets, AS-REP Roasting
Steal or Forge Kerberos Tickets, AS-REP Roasting
Steal or Forge Kerberos Tickets, AS-REP Roasting
Steal or Forge Kerberos Tickets, AS-REP Roasting
Compromise Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation, Valid Accounts, Cloud Accounts
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation, Modify Authentication Process, Multi-Factor Authentication
Compromise Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation, Modify Authentication Process, Multi-Factor Authentication
Compromise Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation, Modify Authentication Process, Multi-Factor Authentication
Compromise Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation
Compromise Accounts, Cloud Accounts, Multi-Factor Authentication Request Generation
Brute Force
Brute Force
Brute Force, Password Spraying, Credential Stuffing
Brute Force, Password Spraying, Credential Stuffing
Brute Force, Password Spraying, Credential Stuffing
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Brute Force
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
NTDS, OS Credential Dumping
NTDS, OS Credential Dumping
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
Remote Access Software, OS Credential Dumping
GUI Input Capture, Input Capture
GUI Input Capture, Input Capture
Compromise Accounts, Cloud Accounts, Brute Force, Password Guessing
Compromise Accounts, Cloud Accounts, Brute Force, Password Guessing
Compromise Accounts, Cloud Accounts, Brute Force, Password Guessing
Compromise Accounts, Cloud Accounts, Brute Force, Password Guessing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing
Steal or Forge Kerberos Tickets, Kerberoasting
Steal or Forge Kerberos Tickets, Kerberoasting
Network Sniffing
Local Accounts, Credentials In Files
Compromise Accounts, Cloud Accounts, Unsecured Credentials
Steal or Forge Kerberos Tickets, AS-REP Roasting
Steal or Forge Kerberos Tickets, AS-REP Roasting
Steal or Forge Kerberos Tickets
Steal or Forge Kerberos Tickets
Steal or Forge Kerberos Tickets
Steal or Forge Kerberos Tickets
NTDS, OS Credential Dumping
NTDS, OS Credential Dumping
Steal or Forge Kerberos Tickets, AS-REP Roasting
Steal or Forge Kerberos Tickets, AS-REP Roasting
Steal or Forge Kerberos Tickets, Golden Ticket
Steal or Forge Kerberos Tickets, Golden Ticket
Kerberoasting
Steal or Forge Kerberos Tickets, AS-REP Roasting
Steal or Forge Kerberos Tickets, AS-REP Roasting
Brute Force
Steal or Forge Kerberos Tickets, Kerberoasting
Steal or Forge Kerberos Tickets, Kerberoasting
Modify Authentication Process
/etc/passwd and /etc/shadow, OS Credential Dumping
/etc/passwd and /etc/shadow, OS Credential Dumping
OS Credential Dumping, Security Account Manager
OS Credential Dumping, Security Account Manager
Credentials from Web Browsers, Credentials from Password Stores
Credentials from Web Browsers, Credentials from Password Stores
Kerberoasting
NTDS, OS Credential Dumping
NTDS, OS Credential Dumping
NTDS, OS Credential Dumping
NTDS, OS Credential Dumping
NTDS, OS Credential Dumping
NTDS, OS Credential Dumping
OS Credential Dumping
Forced Authentication
Security Account Manager, OS Credential Dumping
Security Account Manager, OS Credential Dumping
Security Account Manager, OS Credential Dumping
Security Account Manager, OS Credential Dumping
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Password Spraying, Brute Force
Cloud Infrastructure Discovery, Brute Force
LSASS Memory
NTDS, OS Credential Dumping
NTDS, OS Credential Dumping
Password Guessing, Brute Force
Password Guessing, Brute Force
Hardware Additions, Network Denial of Service, Adversary-in-the-Middle, ARP Cache Poisoning
Hardware Additions, Network Denial of Service, Adversary-in-the-Middle, ARP Cache Poisoning
Hardware Additions, Network Denial of Service, Adversary-in-the-Middle, ARP Cache Poisoning
Hardware Additions, Network Denial of Service, Adversary-in-the-Middle, ARP Cache Poisoning
Hardware Additions, Network Denial of Service, Adversary-in-the-Middle, ARP Cache Poisoning
Hardware Additions, Network Denial of Service, Adversary-in-the-Middle, ARP Cache Poisoning
Hardware Additions, Network Denial of Service, Adversary-in-the-Middle
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
LSASS Memory
LSASS Memory, OS Credential Dumping
LSASS Memory, OS Credential Dumping
LSASS Memory