Deceive, Detect, Engage

Deceptive Browser Extension

Goal: Gather information about web-based attacks by deploying a deceptive browser extension.

Approach: Collecting data on attacker activity through a deceptive browser extension.

This element involves creating a browser extension that mimics legitimate functionality but secretly collects information about attacker activity.

Engage Goals: EGO0003 Elicit

Engage Approach: EAP0001 Collect

Engage Actions: EAC0003 System Activity Monitoring, EAC0015 Information Manipulation

Name of Element: Deceptive Browser Extension

Description of Element:

Goal: Gather information about web-based attacks by deploying a deceptive browser extension.

Approach: Collecting data on attacker activity through a deceptive browser extension.

This element involves creating a browser extension that mimics legitimate functionality but secretly collects information about attacker activity.

Technical Context:

This element leverages the browser’s extension framework to monitor user interactions and network traffic. It can be used to capture keystrokes, screenshots, or even redirect attackers to a controlled environment.

Other:

This element can be used to gather valuable intelligence about web-based attacks, such as phishing campaigns, drive-by downloads, or cross-site scripting attempts.

Deceptive Browser Extension

Leave a Reply Cancel reply

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense