MITRE ATT&CK

Adversary tactics and techniques framework

691

Techniques

Tactics

Mitigations

4.362

Actor-Technique Links

Filter by tactic

Platforms

Main techniques only

MITRE ATT&CK 691

Show:

ID	Techniques	Tactic	Platforms	Threat Actors
T1055.004	Asynchronous Procedure Call Sub	Privilege Escalation, Def...	Windows	1
T1055.005	Thread Local Storage Sub	Privilege Escalation, Def...	Windows	0
T1055.008	Ptrace System Calls Sub	Privilege Escalation, Def...	Linux	0
T1055.009	Proc Memory Sub	Privilege Escalation, Def...	Linux	0
T1055.011	Extra Window Memory Injection Sub	Privilege Escalation, Def...	Windows	0
T1055.012	Process Hollowing Sub	Privilege Escalation, Def...	Windows	7
T1055.013	Process Doppelgänging Sub	Privilege Escalation, Def...	Windows	1
T1055.014	VDSO Hijacking Sub	Privilege Escalation, Def...	Linux	0
T1055.015	ListPlanting Sub	Privilege Escalation, Def...	Windows	0
T1056	Input Capture	Credential Access, Collec...	Linux, macOS, Networ...	3
T1056.001	Keylogging Sub	Credential Access, Collec...	Linux, macOS, Networ...	26
T1056.002	GUI Input Capture Sub	Credential Access, Collec...	macOS, Windows, Linu	2
T1056.003	Web Portal Capture Sub	Credential Access, Collec...	Linux, macOS, Window	1
T1056.004	Credential API Hooking Sub	Credential Access, Collec...	Windows, Linux, macO	1
T1057	Process Discovery	Discovery	ESXi, Linux, macOS...	40
T1059	Command and Scripting Interpreter	Execution	ESXi, IaaS, Identity...	17
T1059.001	PowerShell Sub	Execution	Windows	83
T1059.002	AppleScript Sub	Execution	macOS	0
T1059.003	Windows Command Shell Sub	Execution	Windows	71
T1059.004	Unix Shell Sub	Execution	ESXi, Linux, macOS...	10
T1059.005	Visual Basic Sub	Execution	Linux, macOS, Window	45
T1059.006	Python Sub	Execution	ESXi, Linux, macOS...	17
T1059.007	JavaScript Sub	Execution	Linux, macOS, Window	25
T1059.008	Network Device CLI Sub	Execution	Network Devices	0
T1059.009	Cloud API Sub	Execution	IaaS, Identity Provi...	3