Technique Description: Adversaries may access data from improperly secured cloud storage. Adversaries may also obtain then abuse leaked credentials from source repositories, logs, or other means as a way to gain access to cloud storage objects.
Describe the emulation you'd like to accomplish
During emulation, files with typical encryption key or token extensions should be created and staged in a Google Drive folder by ID. These files, once staged, should then have an access URL created where anyone with the link can access them. These links should be passed to a headless chrome driver session with Selenium where the link is then accessed as if it were by an external entity.
π Add New Emulation Module
Technique Name: Data from Cloud Storage
Technique ID: T1530
Technique Description: Adversaries may access data from improperly secured cloud storage. Adversaries may also obtain then abuse leaked credentials from source repositories, logs, or other means as a way to gain access to cloud storage objects.
Describe the emulation you'd like to accomplish
During emulation, files with typical encryption key or token extensions should be created and staged in a Google Drive folder by ID. These files, once staged, should then have an access URL created where anyone with the link can access them. These links should be passed to a headless chrome driver session with Selenium where the link is then accessed as if it were by an external entity.
Additional Information
API required:
DriveScopes required:Checklist
Please ensure the following tasks are completed before submitting your feature request: