MITRE ATT&CK

Adversary tactics and techniques framework

691
Techniques
14
Tactics
0
Mitigations
4.362
Actor-Technique Links
MITRE ATT&CK 691
ID Techniques Tactic Platforms Threat Actors Actions
T1553.002 Code Signing Sub Defense Evasion macOS, Windows 26
T1553.003 SIP and Trust Provider Hijacking Sub Defense Evasion Windows 0
T1553.004 Install Root Certificate Sub Defense Evasion Linux, macOS, Window 0
T1553.005 Mark-of-the-Web Bypass Sub Defense Evasion Windows 3
T1553.006 Code Signing Policy Modification Sub Defense Evasion Windows, macOS 2
T1554 Compromise Host Software Binary Persistence Linux, macOS, Window... 2
T1555 Credentials from Password Stores Credential Access IaaS, Linux, macOS... 12
T1555.001 Keychain Sub Credential Access macOS 1
T1555.002 Securityd Memory Sub Credential Access Linux, macOS 0
T1555.003 Credentials from Web Browsers Sub Credential Access Linux, macOS, Window 23
T1555.004 Windows Credential Manager Sub Credential Access Windows 4
T1555.005 Password Managers Sub Credential Access Linux, macOS, Window 7
T1555.006 Cloud Secrets Management Stores Sub Credential Access IaaS 2
T1556 Modify Authentication Process Credential Access, Persis... Windows, Linux, macO... 1
T1556.001 Domain Controller Authentication Sub Credential Access, Persis... Windows 1
T1556.002 Password Filter DLL Sub Credential Access, Persis... Windows 2
T1556.003 Pluggable Authentication Modules Sub Credential Access, Persis... Linux, macOS 0
T1556.004 Network Device Authentication Sub Credential Access, Persis... Network Devices 0
T1556.005 Reversible Encryption Sub Credential Access, Persis... Windows 0
T1556.006 Multi-Factor Authentication Sub Credential Access, Persis... Windows, SaaS, IaaS... 1
T1556.007 Hybrid Identity Sub Credential Access, Persis... Windows, SaaS, IaaS... 1
T1556.008 Network Provider DLL Sub Credential Access, Persis... Windows 0
T1556.009 Conditional Access Policies Sub Credential Access, Persis... IaaS, Identity Provi 2
T1557 Adversary-in-the-Middle Credential Access, Collec... Linux, macOS, Networ... 3
T1557.001 LLMNR/NBT-NS Poisoning and SMB Relay Sub Credential Access, Collec... Windows 2