MITRE ATT&CK
Adversary tactics and techniques framework
691
Techniques
14
Tactics
0
Mitigations
4.362
Actor-Technique Links
MITRE ATT&CK 691
| ID | Techniques | Tactic | Platforms | Threat Actors | Actions |
|---|---|---|---|---|---|
| T1547.014 | Active Setup Sub | Persistence, Privilege Es... | Windows | 0 | |
| T1547.015 | Login Items Sub | Persistence, Privilege Es... | macOS | 0 | |
| T1548 | Abuse Elevation Control Mechanism | Privilege Escalation, Def... | Linux, macOS, Window... | 1 | |
| T1548.001 | Setuid and Setgid Sub | Privilege Escalation, Def... | Linux, macOS | 0 | |
| T1548.002 | Bypass User Account Control Sub | Privilege Escalation, Def... | Windows | 11 | |
| T1548.003 | Sudo and Sudo Caching Sub | Privilege Escalation, Def... | Linux, macOS | 0 | |
| T1548.004 | Elevated Execution with Prompt Sub | Privilege Escalation, Def... | macOS | 0 | |
| T1548.005 | Temporary Elevated Cloud Access Sub | Privilege Escalation, Def... | IaaS, Office Suite, | 0 | |
| T1548.006 | TCC Manipulation Sub | Privilege Escalation, Def... | macOS | 0 | |
| T1550 | Use Alternate Authentication Material | Lateral Movement, Defense... | Windows, SaaS, IaaS... | 0 | |
| T1550.001 | Application Access Token Sub | Lateral Movement, Defense... | SaaS, Containers, Ia... | 2 | |
| T1550.002 | Pass the Hash Sub | Lateral Movement, Defense... | Windows | 11 | |
| T1550.003 | Pass the Ticket Sub | Lateral Movement, Defense... | Windows | 3 | |
| T1550.004 | Web Session Cookie Sub | Lateral Movement, Defense... | SaaS, IaaS, Office S | 1 | |
| T1552 | Unsecured Credentials | Credential Access | Windows, SaaS, IaaS... | 1 | |
| T1552.001 | Credentials In Files Sub | Credential Access | Containers, IaaS, Li... | 14 | |
| T1552.002 | Credentials in Registry Sub | Credential Access | Windows | 2 | |
| T1552.003 | Shell History Sub | Credential Access | Linux, macOS, Window | 0 | |
| T1552.004 | Private Keys Sub | Credential Access | Linux, macOS, Networ... | 5 | |
| T1552.005 | Cloud Instance Metadata API Sub | Credential Access | IaaS | 1 | |
| T1552.006 | Group Policy Preferences Sub | Credential Access | Windows | 2 | |
| T1552.007 | Container API Sub | Credential Access | Containers | 0 | |
| T1552.008 | Chat Messages Sub | Credential Access | SaaS, Office Suite | 1 | |
| T1553 | Subvert Trust Controls | Defense Evasion | Windows, macOS, Linu | 1 | |
| T1553.001 | Gatekeeper Bypass Sub | Defense Evasion | macOS | 0 |