| Compromised Credentials | app-activity
↳github-g-json-app-activity-success-actorid
↳github-g-json-app-activity-success-preparedworkflowjob
↳github-g-json-app-activity-success-pullrequestcreatereviewrequest
↳github-g-json-app-activity-success-secretscanningalert
↳github-g-json-app-activity-success-workflowscompletedworkflowrun
↳github-g-json-app-activity-success-githubaudit
↳github-g-json-app-activity-success-apirequest
↳github-g-json-app-activity-success-integrationinstallation
↳github-g-json-app-activity-success-issuecommentupdate
↳github-g-json-app-activity-success-workflowscreatedworkflowrun
↳github-g-json-configuration-create-success-environmentcreate
↳github-g-json-hook-delete-success-hookdestroy
↳github-g-json-hook-modify-success-hookconfigchanged
↳github-g-json-user-invite-success-org
↳github-g-json-http-request-success-githubaudithook
↳github-g-sk4-repository-create-success-createevent
↳github-g-json-repository-create-success-githubauditrepo
↳github-g-csv-repository-create-success-projectcreate
↳github-g-json-user-create-success-githubauditteam
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
↳github-g-json-app-activity-success-issuecommentdestroy
↳github-g-sk4-repository-create-success-github
↳github-g-json-branch-modify-success-pullrequestmerge
↳github-g-json-branch-modify-success-pullrequestindirectmerge
↳github-g-sk4-repository-push-success-pushevent
↳github-g-sk4-repository-pull-success-pullrequestevent
↳github-g-json-repository-pull-success-repodownloadzip
↳github-g-json-branch-create-success-pullrequestcreate
↳github-g-sk4-repository-member-add-success-memberevent
↳github-g-json-repository-member-add-success-teamaddmember
↳github-g-sk4-repository-delete-success-deleteevent
↳github-g-json-key-read-success-publickeyverify
↳github-g-json-key-create-success-publickeycreate
↳github-g-json-key-delete-success-publickeydelete
authentication-successful
↳github-g-json-app-authentication-success-authorizationgrant
↳github-g-json-app-authentication-success-accessgranted
↳github-g-json-app-authentication-success-businessssoresponse
| T1078 - Valid Accounts
T1133 - External Remote Services
| |
| Data Access | app-activity
↳github-g-json-app-activity-success-actorid
↳github-g-json-app-activity-success-preparedworkflowjob
↳github-g-json-app-activity-success-pullrequestcreatereviewrequest
↳github-g-json-app-activity-success-secretscanningalert
↳github-g-json-app-activity-success-workflowscompletedworkflowrun
↳github-g-json-app-activity-success-githubaudit
↳github-g-json-app-activity-success-apirequest
↳github-g-json-app-activity-success-integrationinstallation
↳github-g-json-app-activity-success-issuecommentupdate
↳github-g-json-app-activity-success-workflowscreatedworkflowrun
↳github-g-json-configuration-create-success-environmentcreate
↳github-g-json-hook-delete-success-hookdestroy
↳github-g-json-hook-modify-success-hookconfigchanged
↳github-g-json-user-invite-success-org
↳github-g-json-http-request-success-githubaudithook
↳github-g-sk4-repository-create-success-createevent
↳github-g-json-repository-create-success-githubauditrepo
↳github-g-csv-repository-create-success-projectcreate
↳github-g-json-user-create-success-githubauditteam
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
↳github-g-json-app-activity-success-issuecommentdestroy
↳github-g-sk4-repository-create-success-github
↳github-g-json-branch-modify-success-pullrequestmerge
↳github-g-json-branch-modify-success-pullrequestindirectmerge
↳github-g-sk4-repository-push-success-pushevent
↳github-g-sk4-repository-pull-success-pullrequestevent
↳github-g-json-repository-pull-success-repodownloadzip
↳github-g-json-branch-create-success-pullrequestcreate
↳github-g-sk4-repository-member-add-success-memberevent
↳github-g-json-repository-member-add-success-teamaddmember
↳github-g-sk4-repository-delete-success-deleteevent
↳github-g-json-key-read-success-publickeyverify
↳github-g-json-key-create-success-publickeycreate
↳github-g-json-key-delete-success-publickeydelete
| T1078 - Valid Accounts
| |
| Data Leak | app-activity
↳github-g-json-app-activity-success-actorid
↳github-g-json-app-activity-success-preparedworkflowjob
↳github-g-json-app-activity-success-pullrequestcreatereviewrequest
↳github-g-json-app-activity-success-secretscanningalert
↳github-g-json-app-activity-success-workflowscompletedworkflowrun
↳github-g-json-app-activity-success-githubaudit
↳github-g-json-app-activity-success-apirequest
↳github-g-json-app-activity-success-integrationinstallation
↳github-g-json-app-activity-success-issuecommentupdate
↳github-g-json-app-activity-success-workflowscreatedworkflowrun
↳github-g-json-configuration-create-success-environmentcreate
↳github-g-json-hook-delete-success-hookdestroy
↳github-g-json-hook-modify-success-hookconfigchanged
↳github-g-json-user-invite-success-org
↳github-g-json-http-request-success-githubaudithook
↳github-g-sk4-repository-create-success-createevent
↳github-g-json-repository-create-success-githubauditrepo
↳github-g-csv-repository-create-success-projectcreate
↳github-g-json-user-create-success-githubauditteam
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
↳github-g-json-app-activity-success-issuecommentdestroy
↳github-g-sk4-repository-create-success-github
↳github-g-json-branch-modify-success-pullrequestmerge
↳github-g-json-branch-modify-success-pullrequestindirectmerge
↳github-g-sk4-repository-push-success-pushevent
↳github-g-sk4-repository-pull-success-pullrequestevent
↳github-g-json-repository-pull-success-repodownloadzip
↳github-g-json-branch-create-success-pullrequestcreate
↳github-g-sk4-repository-member-add-success-memberevent
↳github-g-json-repository-member-add-success-teamaddmember
↳github-g-sk4-repository-delete-success-deleteevent
↳github-g-json-key-read-success-publickeyverify
↳github-g-json-key-create-success-publickeycreate
↳github-g-json-key-delete-success-publickeydelete
| T1114.003 - Email Collection: Email Forwarding Rule
| |
| Lateral Movement | app-activity
↳github-g-json-app-activity-success-actorid
↳github-g-json-app-activity-success-preparedworkflowjob
↳github-g-json-app-activity-success-pullrequestcreatereviewrequest
↳github-g-json-app-activity-success-secretscanningalert
↳github-g-json-app-activity-success-workflowscompletedworkflowrun
↳github-g-json-app-activity-success-githubaudit
↳github-g-json-app-activity-success-apirequest
↳github-g-json-app-activity-success-integrationinstallation
↳github-g-json-app-activity-success-issuecommentupdate
↳github-g-json-app-activity-success-workflowscreatedworkflowrun
↳github-g-json-configuration-create-success-environmentcreate
↳github-g-json-hook-delete-success-hookdestroy
↳github-g-json-hook-modify-success-hookconfigchanged
↳github-g-json-user-invite-success-org
↳github-g-json-http-request-success-githubaudithook
↳github-g-sk4-repository-create-success-createevent
↳github-g-json-repository-create-success-githubauditrepo
↳github-g-csv-repository-create-success-projectcreate
↳github-g-json-user-create-success-githubauditteam
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
↳github-g-json-app-activity-success-issuecommentdestroy
↳github-g-sk4-repository-create-success-github
↳github-g-json-branch-modify-success-pullrequestmerge
↳github-g-json-branch-modify-success-pullrequestindirectmerge
↳github-g-sk4-repository-push-success-pushevent
↳github-g-sk4-repository-pull-success-pullrequestevent
↳github-g-json-repository-pull-success-repodownloadzip
↳github-g-json-branch-create-success-pullrequestcreate
↳github-g-sk4-repository-member-add-success-memberevent
↳github-g-json-repository-member-add-success-teamaddmember
↳github-g-sk4-repository-delete-success-deleteevent
↳github-g-json-key-read-success-publickeyverify
↳github-g-json-key-create-success-publickeycreate
↳github-g-json-key-delete-success-publickeydelete
app-activity-failed
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
authentication-failed
↳github-g-json-app-authentication-fail-accessrevoked
↳github-g-json-app-authentication-fail-authorizationdeauthorize
authentication-successful
↳github-g-json-app-authentication-success-authorizationgrant
↳github-g-json-app-authentication-success-accessgranted
↳github-g-json-app-authentication-success-businessssoresponse
network-connection-successful
↳github-g-json-app-notification-success-packagespackageversionpublished
| T1071 - Application Layer Protocol
T1078 - Valid Accounts
T1090.003 - Proxy: Multi-hop Proxy
T1190 - Exploit Public Fasing Application
TA0010 - TA0010
TA0011 - TA0011
| |
| Malware | app-activity
↳github-g-json-app-activity-success-actorid
↳github-g-json-app-activity-success-preparedworkflowjob
↳github-g-json-app-activity-success-pullrequestcreatereviewrequest
↳github-g-json-app-activity-success-secretscanningalert
↳github-g-json-app-activity-success-workflowscompletedworkflowrun
↳github-g-json-app-activity-success-githubaudit
↳github-g-json-app-activity-success-apirequest
↳github-g-json-app-activity-success-integrationinstallation
↳github-g-json-app-activity-success-issuecommentupdate
↳github-g-json-app-activity-success-workflowscreatedworkflowrun
↳github-g-json-configuration-create-success-environmentcreate
↳github-g-json-hook-delete-success-hookdestroy
↳github-g-json-hook-modify-success-hookconfigchanged
↳github-g-json-user-invite-success-org
↳github-g-json-http-request-success-githubaudithook
↳github-g-sk4-repository-create-success-createevent
↳github-g-json-repository-create-success-githubauditrepo
↳github-g-csv-repository-create-success-projectcreate
↳github-g-json-user-create-success-githubauditteam
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
↳github-g-json-app-activity-success-issuecommentdestroy
↳github-g-sk4-repository-create-success-github
↳github-g-json-branch-modify-success-pullrequestmerge
↳github-g-json-branch-modify-success-pullrequestindirectmerge
↳github-g-sk4-repository-push-success-pushevent
↳github-g-sk4-repository-pull-success-pullrequestevent
↳github-g-json-repository-pull-success-repodownloadzip
↳github-g-json-branch-create-success-pullrequestcreate
↳github-g-sk4-repository-member-add-success-memberevent
↳github-g-json-repository-member-add-success-teamaddmember
↳github-g-sk4-repository-delete-success-deleteevent
↳github-g-json-key-read-success-publickeyverify
↳github-g-json-key-create-success-publickeycreate
↳github-g-json-key-delete-success-publickeydelete
authentication-successful
↳github-g-json-app-authentication-success-authorizationgrant
↳github-g-json-app-authentication-success-accessgranted
↳github-g-json-app-authentication-success-businessssoresponse
network-connection-successful
↳github-g-json-app-notification-success-packagespackageversionpublished
| T1078 - Valid Accounts
TA0011 - TA0011
| |
| Privilege Abuse | app-activity
↳github-g-json-app-activity-success-actorid
↳github-g-json-app-activity-success-preparedworkflowjob
↳github-g-json-app-activity-success-pullrequestcreatereviewrequest
↳github-g-json-app-activity-success-secretscanningalert
↳github-g-json-app-activity-success-workflowscompletedworkflowrun
↳github-g-json-app-activity-success-githubaudit
↳github-g-json-app-activity-success-apirequest
↳github-g-json-app-activity-success-integrationinstallation
↳github-g-json-app-activity-success-issuecommentupdate
↳github-g-json-app-activity-success-workflowscreatedworkflowrun
↳github-g-json-configuration-create-success-environmentcreate
↳github-g-json-hook-delete-success-hookdestroy
↳github-g-json-hook-modify-success-hookconfigchanged
↳github-g-json-user-invite-success-org
↳github-g-json-http-request-success-githubaudithook
↳github-g-sk4-repository-create-success-createevent
↳github-g-json-repository-create-success-githubauditrepo
↳github-g-csv-repository-create-success-projectcreate
↳github-g-json-user-create-success-githubauditteam
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
↳github-g-json-app-activity-success-issuecommentdestroy
↳github-g-sk4-repository-create-success-github
↳github-g-json-branch-modify-success-pullrequestmerge
↳github-g-json-branch-modify-success-pullrequestindirectmerge
↳github-g-sk4-repository-push-success-pushevent
↳github-g-sk4-repository-pull-success-pullrequestevent
↳github-g-json-repository-pull-success-repodownloadzip
↳github-g-json-branch-create-success-pullrequestcreate
↳github-g-sk4-repository-member-add-success-memberevent
↳github-g-json-repository-member-add-success-teamaddmember
↳github-g-sk4-repository-delete-success-deleteevent
↳github-g-json-key-read-success-publickeyverify
↳github-g-json-key-create-success-publickeycreate
↳github-g-json-key-delete-success-publickeydelete
app-activity-failed
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
| T1078 - Valid Accounts
T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
| |
| Privilege Escalation | app-activity
↳github-g-json-app-activity-success-actorid
↳github-g-json-app-activity-success-preparedworkflowjob
↳github-g-json-app-activity-success-pullrequestcreatereviewrequest
↳github-g-json-app-activity-success-secretscanningalert
↳github-g-json-app-activity-success-workflowscompletedworkflowrun
↳github-g-json-app-activity-success-githubaudit
↳github-g-json-app-activity-success-apirequest
↳github-g-json-app-activity-success-integrationinstallation
↳github-g-json-app-activity-success-issuecommentupdate
↳github-g-json-app-activity-success-workflowscreatedworkflowrun
↳github-g-json-configuration-create-success-environmentcreate
↳github-g-json-hook-delete-success-hookdestroy
↳github-g-json-hook-modify-success-hookconfigchanged
↳github-g-json-user-invite-success-org
↳github-g-json-http-request-success-githubaudithook
↳github-g-sk4-repository-create-success-createevent
↳github-g-json-repository-create-success-githubauditrepo
↳github-g-csv-repository-create-success-projectcreate
↳github-g-json-user-create-success-githubauditteam
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
↳github-g-json-app-activity-success-issuecommentdestroy
↳github-g-sk4-repository-create-success-github
↳github-g-json-branch-modify-success-pullrequestmerge
↳github-g-json-branch-modify-success-pullrequestindirectmerge
↳github-g-sk4-repository-push-success-pushevent
↳github-g-sk4-repository-pull-success-pullrequestevent
↳github-g-json-repository-pull-success-repodownloadzip
↳github-g-json-branch-create-success-pullrequestcreate
↳github-g-sk4-repository-member-add-success-memberevent
↳github-g-json-repository-member-add-success-teamaddmember
↳github-g-sk4-repository-delete-success-deleteevent
↳github-g-json-key-read-success-publickeyverify
↳github-g-json-key-create-success-publickeycreate
↳github-g-json-key-delete-success-publickeydelete
| T1098.002 - Account Manipulation: Exchange Email Delegate Permissions
| |
| Privileged Activity | app-activity
↳github-g-json-app-activity-success-actorid
↳github-g-json-app-activity-success-preparedworkflowjob
↳github-g-json-app-activity-success-pullrequestcreatereviewrequest
↳github-g-json-app-activity-success-secretscanningalert
↳github-g-json-app-activity-success-workflowscompletedworkflowrun
↳github-g-json-app-activity-success-githubaudit
↳github-g-json-app-activity-success-apirequest
↳github-g-json-app-activity-success-integrationinstallation
↳github-g-json-app-activity-success-issuecommentupdate
↳github-g-json-app-activity-success-workflowscreatedworkflowrun
↳github-g-json-configuration-create-success-environmentcreate
↳github-g-json-hook-delete-success-hookdestroy
↳github-g-json-hook-modify-success-hookconfigchanged
↳github-g-json-user-invite-success-org
↳github-g-json-http-request-success-githubaudithook
↳github-g-sk4-repository-create-success-createevent
↳github-g-json-repository-create-success-githubauditrepo
↳github-g-csv-repository-create-success-projectcreate
↳github-g-json-user-create-success-githubauditteam
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
↳github-g-json-app-activity-success-issuecommentdestroy
↳github-g-sk4-repository-create-success-github
↳github-g-json-branch-modify-success-pullrequestmerge
↳github-g-json-branch-modify-success-pullrequestindirectmerge
↳github-g-sk4-repository-push-success-pushevent
↳github-g-sk4-repository-pull-success-pullrequestevent
↳github-g-json-repository-pull-success-repodownloadzip
↳github-g-json-branch-create-success-pullrequestcreate
↳github-g-sk4-repository-member-add-success-memberevent
↳github-g-json-repository-member-add-success-teamaddmember
↳github-g-sk4-repository-delete-success-deleteevent
↳github-g-json-key-read-success-publickeyverify
↳github-g-json-key-create-success-publickeycreate
↳github-g-json-key-delete-success-publickeydelete
app-activity-failed
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
| T1078 - Valid Accounts
| |
| Ransomware | app-activity
↳github-g-json-app-activity-success-actorid
↳github-g-json-app-activity-success-preparedworkflowjob
↳github-g-json-app-activity-success-pullrequestcreatereviewrequest
↳github-g-json-app-activity-success-secretscanningalert
↳github-g-json-app-activity-success-workflowscompletedworkflowrun
↳github-g-json-app-activity-success-githubaudit
↳github-g-json-app-activity-success-apirequest
↳github-g-json-app-activity-success-integrationinstallation
↳github-g-json-app-activity-success-issuecommentupdate
↳github-g-json-app-activity-success-workflowscreatedworkflowrun
↳github-g-json-configuration-create-success-environmentcreate
↳github-g-json-hook-delete-success-hookdestroy
↳github-g-json-hook-modify-success-hookconfigchanged
↳github-g-json-user-invite-success-org
↳github-g-json-http-request-success-githubaudithook
↳github-g-sk4-repository-create-success-createevent
↳github-g-json-repository-create-success-githubauditrepo
↳github-g-csv-repository-create-success-projectcreate
↳github-g-json-user-create-success-githubauditteam
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
↳github-g-json-app-activity-success-issuecommentdestroy
↳github-g-sk4-repository-create-success-github
↳github-g-json-branch-modify-success-pullrequestmerge
↳github-g-json-branch-modify-success-pullrequestindirectmerge
↳github-g-sk4-repository-push-success-pushevent
↳github-g-sk4-repository-pull-success-pullrequestevent
↳github-g-json-repository-pull-success-repodownloadzip
↳github-g-json-branch-create-success-pullrequestcreate
↳github-g-sk4-repository-member-add-success-memberevent
↳github-g-json-repository-member-add-success-teamaddmember
↳github-g-sk4-repository-delete-success-deleteevent
↳github-g-json-key-read-success-publickeyverify
↳github-g-json-key-create-success-publickeycreate
↳github-g-json-key-delete-success-publickeydelete
app-activity-failed
↳github-g-kv-app-activity-controller
↳github-g-kv-http-request-api
authentication-failed
↳github-g-json-app-authentication-fail-accessrevoked
↳github-g-json-app-authentication-fail-authorizationdeauthorize
authentication-successful
↳github-g-json-app-authentication-success-authorizationgrant
↳github-g-json-app-authentication-success-accessgranted
↳github-g-json-app-authentication-success-businessssoresponse
| T1078 - Valid Accounts
| |