[New Emulation] Disable 2-Step Verification for User

elastic / SWAT

Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.

Apache License 2.0

160 stars 7 forks source link

[New Emulation] Disable 2-Step Verification for User #76

Open terrancedejesus opened 1 year ago

terrancedejesus commented 1 year ago

Overview

This pull request adds a new emulation for creating a user and disabling 2SV to adjust authentication mechanisms. 2SV and MFA are controlled per user, not globally, therefore a user will be created and then 2SV disabled. While this is not technically indicative of an attack it is a good signal for a weakness in existing defensive measures for a Google Workspace administrator.

eric-forte-elastic commented 2 months ago

Nit missing newlines for EOF.