mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 21:54:56 +03:00
mukul975
33 lines
1.2 KiB
Markdown
33 lines
1.2 KiB
Markdown
# Standards and References - EvilGinx3 Initial Access
|
|
|
|
## MITRE ATT&CK References
|
|
|
|
| Technique ID | Name | Tactic |
|
|
|-------------|------|--------|
|
|
| T1566.002 | Phishing: Spearphishing Link | Initial Access |
|
|
| T1557 | Adversary-in-the-Middle | Credential Access |
|
|
| T1539 | Steal Web Session Cookie | Credential Access |
|
|
| T1078 | Valid Accounts | Initial Access, Persistence |
|
|
| T1556 | Modify Authentication Process | Credential Access |
|
|
| T1550.004 | Use Alternate Authentication Material: Web Session Cookie | Lateral Movement |
|
|
|
|
## Industry Standards
|
|
|
|
- **PTES** - Pre-Engagement and Intelligence Gathering phases
|
|
- **OWASP Testing Guide** - Authentication Testing
|
|
- **NIST SP 800-63B** - Digital Identity Guidelines: Authentication
|
|
- **CISA Advisory AA22-277A** - Threat Actors Exploiting MFA Bypass Techniques
|
|
|
|
## Official Resources
|
|
|
|
- EvilGinx Project: https://github.com/kgretzky/evilginx2
|
|
- GoPhish: https://getgophish.com/
|
|
- EvilGoPhish: https://github.com/fin3ss3g0d/evilgophish
|
|
- Certificate Transparency Logs: https://crt.sh
|
|
|
|
## Research Papers
|
|
|
|
- Microsoft Storm-1167 AiTM Phishing Campaign Analysis (2023)
|
|
- Deepwatch: Catching the Phish - Detecting Evilginx & AiTM
|
|
- BDO Security: MFA-Phishing as Initial Access in Red Teaming
|