MAAD-AF External Recon

This module allows attackers to launch recon on a target organization and gather critical public information about it.

Module Overview - DRAFT

NOTE TO ENABLEMENT TEAM: We may need to find a more sustainable example to use for lab users and adjust the verbiage below accordingly.

1. From the main Attack Arsenal menu, enter 14 for Remove Access of Users. Read through the MITRE information, and press <Enter> to continue.

2. Enter an email address of an external party. MAAD-AF will leverage public APIs to gather information on the external party.

   NOTE: This action is opsec-friendly, and is purely passive. Try your @vectra.ai email address if you are curious!

3. After reviewing all the information, an operator will be taken back to the main Attack Arsenal menu.

Validation - DRAFT

List an MX record for your external target’s domain.