PH-OPEN-REDIRECT-CHAINInitial Access

Open Redirect Chain for Phishing

Bounce victims through trusted-host open redirects before landing on attacker domain — bypasses URL-based defences.

§ Where this technique fits

PH-OPEN-REDIRECT-CHAIN is catalogued under the Initial Access tactic of the offensive-security kill-chain. It appears in 1 approved dossier in the registry, typically at step 2 on average.

§ Dossiers chaining this technique

Wallet drainer dApp → setApprovalForAll → instant theft
Victim connects their wallet to a phishing dApp (fake mint / fake airdrop). One click on 'Confirm' calls setApprovalForAll on every valuable NFT collection — drained moments later.
step 2 / 6

§ What commonly comes next

01
User Execution
T1204 · Execution
seen 1×

§ Where this technique fits

§ Dossiers chaining this technique

Wallet drainer dApp → setApprovalForAll → instant theft

§ What commonly comes next