“dns queries and web requests to collect interesting information. specifically : - it gathers txt, mx, and ns records of the target domain. - it queries dns records of commonly abused microsoft services and checks whether they are hosted in microsoft ’ s cloud or on - premises. - …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
68%
“proofpoint has been detected. microsoft services on - premises and cloud - hosted microsoft services are frequently affected by known vulnerabilities and exploitation paths. in the example below, a microsoft exchange smart host has been detected, which is often vulnerable to emai…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1586.002Email Accounts
64%
“proofpoint has been detected. microsoft services on - premises and cloud - hosted microsoft services are frequently affected by known vulnerabilities and exploitation paths. in the example below, a microsoft exchange smart host has been detected, which is often vulnerable to emai…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
DNS Triage is a reconnaissance tool that finds information about an organization's infrastructure, software, and third-party services as fast as possible. The goal of DNS Triage is not to exhaustively find every technology asset that exists on the internet. The goal is to find the most commonly abused items of interest for real attackers.
