How to export payload domains and sender addresses from Attack simulation portal from M365 security defender? Is there way to get all those domains and sender addresses so that we can use for attack simulations based on our choice?

Question

How to export payload domains and sender addresses from Attack simulation portal from M365 security defender? Is there way to get all those domains and sender addresses so that we can use for attack simulations based on our choice and know that its the dummy domain used for running attack simulations.

Answer 1

Yes, you can export payload domains and sender addresses from the Attack simulation portal in Microsoft 365 Defender. Here are the steps:

1. Go to the Attack simulation portal in Microsoft 365 Defender.
2. Click on the "Payload domains" or "Sender addresses" tab, depending on which one you want to export.
3. Click on the "Export" button.
4. Choose the format in which you want to export the data (CSV or JSON).
5. Click on the "Export" button again.

This will export all the payload domains or sender addresses in the selected format. You can then use this data for your own attack simulations. However, please note that these are real domains and addresses that have been used in previous simulations, and using them in your own simulations could potentially cause harm or unintended consequences. It is recommended to use caution and carefully review the data before using it for your own purposes.