T1606.002SAML Tokens
T1606.002 — SAML Tokens is a MITRE ATT&CK technique in the Credential Access tactic. Clankerusecase tracks 2 detection use cases covering it and 2 threat-intel articles citing it.
Credential Access
2Use cases
2Articles
0Sub-techniques
1Tactic
↑ Parent technique: T1606 · Forge Web Credentials