Skip to content

Commit

Permalink
Merge pull request #851 from nterl0k/T1110.003_password_spray
Browse files Browse the repository at this point in the history 
Nterl0k - T1110.003 Generic Password Spray Attack
  • Loading branch information
@patel-bhavin
patel-bhavin authored Jul 23, 2024
2 parents c2106e4 + 421c06d commit 38aa83d
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 0 deletions.
3 changes: 3 additions & 0 deletions datasets/attack_techniques/T1110.003/generic_password_spray/password_spray_attack.log
View file
Git LFS file not shown
12 changes: 12 additions & 0 deletions datasets/attack_techniques/T1110.003/generic_password_spray/password_spray_attack.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
author: Steven Dick
id: 1d46ff6c-4a0e-4084-8975-e367e4e92bba
date: '2023-10-30'
description: 'Generic detection of password spray behaviors using CIM datamodel.'
environment: attack_range
dataset:
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1110.003/generic_password_spray/password_spray_attack.log
sourcetypes:
- WinEventLog:Security
references:
- https://www.microsoft.com/en-us/security/blog/2020/04/23/protecting-organization-password-spray-attacks/
- https://github.com/MarkoH17/Spray365

0 comments on commit 38aa83d

Please sign in to comment.