* [Windows Logons](/learn/windows-logons) for those unfamiliar with password spraying and Windows logons
This module covers 4 external Exchange password spraying techniques:
* OWA - Outlook Web Access
* MAPI - Messaging Application Programming Interface
* EAS - Exchange ActiveSync
* EWS - Exchange Web Services
By the end you will understand what these attacks look like from a defender's perspective and how to hunt for them. We'll also cover some modern defense evasion techniques.
The events in your SIEM can be found in the following timespan: 13 Jan 2023 - 14 Jan 2023.
There are only two systems in this module: `exchange` and `dc`.](https://assets.aceresponder.com/meta/6537ee32-4e58-4924-a7a1-be87b2be8d49.png)
Exchange Logons
Prerequisites:
- OpenSearch Tutorial
- Windows Logons for those unfamiliar with password spraying and Windows logons
This module covers 4 external Exchange password spraying techniques:
- OWA - Outlook Web Access
- MAPI - Messaging Application Programming Interface
- EAS - Exchange ActiveSync
- EWS - Exchange Web Services
By the end you will understand what these attacks look like from a defender's perspective and how to hunt for them. We'll also cover some modern defense evasion techniques.
The events in your SIEM can be found in the following timespan: 13 Jan 2023 - 14 Jan 2023.
There are only two systems in this module: exchange and dc.
Free Module
Sign up to access this module's content.