Initial Access#
The adversary is attempting to gain access to an Azure Resource or Azure AD.
| ID | Name | Description | |
|---|---|---|---|
| AZT201 | Valid Credentials | Adversaries may login to AzureAD using valid credentials. | |
| .001 | User Account | By obtaining valid user credentials, an adversary may login to AzureAD via command line or through the Azure Portal. | |
| .002 | Service Principal | By obtaining a valid secret or certificate, an adversary may login to AzureAD via command line. | |
| AZT202 | Password Spraying | An adversary may potentially gain access to AzureAD by guessing a common password for multiple users. | |
| AZT203 | Malicious Application Consent | An adversary may lure a victim into giving their access to a malicious application registered in AzureAD. |