N-MDNS-POISONCredential Access

mDNS / SSDP Poisoning

Spoof macOS / IoT name resolution — extends Responder's coverage beyond Windows LLMNR.

§ Where this technique fits

N-MDNS-POISON is catalogued under the Credential Access tactic of the offensive-security kill-chain. It appears in 1 approved dossier in the registry, typically at step 3 on average.

§ Dossiers chaining this technique

Rogue DHCP → DNS poisoning → MITM
Bring up a faster DHCP server on the segment; new clients get attacker as gateway + DNS — strip HTTPS, capture creds, inject payloads.
step 3 / 5

§ What commonly comes next

01
LLMNR/NBT-NS Poisoning and SMB Relay
T1557.001 · Credential Access
seen 1×

§ Where this technique fits

§ Dossiers chaining this technique

Rogue DHCP → DNS poisoning → MITM

§ What commonly comes next