AZT201 - Valid Credentials#
Adversaries may login to AzureAD using valid credentials. By logging in with valid credentials to an account or service principal, the adversary will assume all privileges of that account or service principal. If the account is privileged, this may lead to other tactics, such as persistence or privilege escalation.
| ID | Name | Description | Action | Resources |
|---|---|---|---|---|
| AZT201.1 | User Account | By obtaining valid user credentials, an adversary may login to AzureAD via command line or through the Azure Portal. | N/A | AzureAD |
| AZT201.2 | Service Principal | By obtaining a valid secret or certificate, an adversary may login to AzureAD via command line. | N/A | AzureAD |