creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 05:34:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-initial-access-with-evilginx3/references/standards.md
T

1.2 KiB
Raw Blame History

Standards and References - EvilGinx3 Initial Access

MITRE ATT&CK References

Technique ID Name Tactic
T1566.002 Phishing: Spearphishing Link Initial Access
T1557 Adversary-in-the-Middle Credential Access
T1539 Steal Web Session Cookie Credential Access
T1078 Valid Accounts Initial Access, Persistence
T1556 Modify Authentication Process Credential Access
T1550.004 Use Alternate Authentication Material: Web Session Cookie Lateral Movement

Industry Standards

  • PTES - Pre-Engagement and Intelligence Gathering phases
  • OWASP Testing Guide - Authentication Testing
  • NIST SP 800-63B - Digital Identity Guidelines: Authentication
  • CISA Advisory AA22-277A - Threat Actors Exploiting MFA Bypass Techniques

Official Resources

Research Papers

  • Microsoft Storm-1167 AiTM Phishing Campaign Analysis (2023)
  • Deepwatch: Catching the Phish - Detecting Evilginx & AiTM
  • BDO Security: MFA-Phishing as Initial Access in Red Teaming
Reference in New Issue View Git Blame Copy Permalink