Adversaries leverage many different attack methods to infiltrate government networks. One web application attack strategy that is becoming more prevalent is credential stuffing, the art of obtaining an individual’s stolen or leaked login credentials and using them to exploit other accounts. Although not overly sophisticated, the damage can have significant impact on government agencies.