You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This meta was created to assess threat detection coverage for EvilNoVNC phishing platform/toolkit. Since this toolkit can target various SaaS platforms and tenants, the scope of this should focus on our core SaaS integrations, O365, Okta, Google Workspace, GitHub, and SalesForce.
We may follow-up with assessments against CSPs (Azure, AWS, GCP) as well.
Estimated Time to Complete
2 weeks
Potential Blockers
Tasklist
Potential Detection Rules:
Stolen Cookies from Browser
Anomalies in user sessions via active or during instantiation
Geolocation anomalies
Access to stored objects in common browsers
Anomalous endpoint URL requests and content
Anomalous user-agents
SAMLjacking
OAuth anomalies
Keylogger capabilities
The content you are editing has changed. Please copy your edits and refresh the page.
Parent Epic (If Applicable)
Meta Summary
This meta was created to assess threat detection coverage for EvilNoVNC phishing platform/toolkit. Since this toolkit can target various SaaS platforms and tenants, the scope of this should focus on our core SaaS integrations, O365, Okta, Google Workspace, GitHub, and SalesForce.
We may follow-up with assessments against CSPs (Azure, AWS, GCP) as well.
Estimated Time to Complete
2 weeks
Potential Blockers
Tasklist
Potential Detection Rules:
Meta Tasks
Resources / References
The text was updated successfully, but these errors were encountered: