MITRE ATT&CK
Adversary tactics and techniques framework
691
Techniques
14
Tactics
0
Mitigations
4.362
Actor-Technique Links
MITRE ATT&CK 691
| ID | Techniques | Tactic | Platforms | Threat Actors | Actions |
|---|---|---|---|---|---|
| T1095 | Non-Application Layer Protocol | Command and Control | ESXi, Linux, macOS... | 12 | |
| T1098 | Account Manipulation | Persistence, Privilege Es... | Containers, ESXi, Ia... | 3 | |
| T1098.001 | Additional Cloud Credentials Sub | Persistence, Privilege Es... | IaaS, Identity Provi | 1 | |
| T1098.002 | Additional Email Delegate Permissions Sub | Persistence, Privilege Es... | Windows, Office Suit | 3 | |
| T1098.003 | Additional Cloud Roles Sub | Persistence, Privilege Es... | IaaS, Identity Provi... | 3 | |
| T1098.004 | SSH Authorized Keys Sub | Persistence, Privilege Es... | Linux, macOS, IaaS... | 3 | |
| T1098.005 | Device Registration Sub | Persistence, Privilege Es... | Windows, Identity Pr | 1 | |
| T1098.006 | Additional Container Cluster Roles Sub | Persistence, Privilege Es... | Containers | 0 | |
| T1098.007 | Additional Local or Domain Groups Sub | Persistence, Privilege Es... | Windows, macOS, Linu | 7 | |
| T1102 | Web Service | Command and Control | ESXi, Linux, Windows... | 14 | |
| T1102.001 | Dead Drop Resolver Sub | Command and Control | ESXi, Linux, macOS... | 6 | |
| T1102.002 | Bidirectional Communication Sub | Command and Control | Linux, macOS, Window... | 16 | |
| T1102.003 | One-Way Communication Sub | Command and Control | Linux, macOS, Window... | 2 | |
| T1104 | Multi-Stage Channels | Command and Control | Linux, macOS, Window... | 4 | |
| T1105 | Ingress Tool Transfer | Command and Control | ESXi, Linux, macOS... | 85 | |
| T1106 | Native API | Execution | Linux, macOS, Window | 18 | |
| T1110 | Brute Force | Credential Access | Containers, ESXi, Ia... | 14 | |
| T1110.001 | Password Guessing Sub | Credential Access | Windows, SaaS, IaaS... | 2 | |
| T1110.002 | Password Cracking Sub | Credential Access | Linux, macOS, Window... | 4 | |
| T1110.003 | Password Spraying Sub | Credential Access | Containers, ESXi, Ia... | 11 | |
| T1110.004 | Credential Stuffing Sub | Credential Access | Windows, SaaS, IaaS... | 1 | |
| T1111 | Multi-Factor Authentication Interception | Credential Access | Linux, Windows, macO | 4 | |
| T1112 | Modify Registry | Persistence, Defense Evas... | Windows | 29 | |
| T1113 | Screen Capture | Collection | Linux, Windows, macO | 18 | |
| T1114 | Email Collection | Collection | Windows, macOS, Linu... | 4 |