Initial Access#
The adversary is attempting to gain access to an Azure Resource or Azure AD.
ID | Name | Description | |
---|---|---|---|
AZT201 | Valid Credentials | Adversaries may login to AzureAD using valid credentials. | |
.001 | User Account | By obtaining valid user credentials, an adversary may login to AzureAD via command line or through the Azure Portal. | |
.002 | Service Principal | By obtaining a valid secret or certificate, an adversary may login to AzureAD via command line. | |
AZT202 | Password Spraying | An adversary may potentially gain access to AzureAD by guessing a common password for multiple users. | |
AZT203 | Malicious Application Consent | An adversary may lure a victim into giving their access to a malicious application registered in AzureAD. |