MITRE ATT&CK
Framework di tattiche e tecniche degli avversari
691
Tecniche
14
Tattiche
0
Mitigazioni
4.362
Actor-Technique Links
MITRE ATT&CK 691
| ID | Tecniche | Tattica | Piattaforme | Threat Actors | Azioni |
|---|---|---|---|---|---|
| T1553.002 | Code Signing Sub | Defense Evasion | macOS, Windows | 26 | |
| T1553.003 | SIP and Trust Provider Hijacking Sub | Defense Evasion | Windows | 0 | |
| T1553.004 | Install Root Certificate Sub | Defense Evasion | Linux, macOS, Window | 0 | |
| T1553.005 | Mark-of-the-Web Bypass Sub | Defense Evasion | Windows | 3 | |
| T1553.006 | Code Signing Policy Modification Sub | Defense Evasion | Windows, macOS | 2 | |
| T1554 | Compromise Host Software Binary | Persistence | Linux, macOS, Window... | 2 | |
| T1555 | Credentials from Password Stores | Credential Access | IaaS, Linux, macOS... | 12 | |
| T1555.001 | Keychain Sub | Credential Access | macOS | 1 | |
| T1555.002 | Securityd Memory Sub | Credential Access | Linux, macOS | 0 | |
| T1555.003 | Credentials from Web Browsers Sub | Credential Access | Linux, macOS, Window | 23 | |
| T1555.004 | Windows Credential Manager Sub | Credential Access | Windows | 4 | |
| T1555.005 | Password Managers Sub | Credential Access | Linux, macOS, Window | 7 | |
| T1555.006 | Cloud Secrets Management Stores Sub | Credential Access | IaaS | 2 | |
| T1556 | Modify Authentication Process | Credential Access, Persis... | Windows, Linux, macO... | 1 | |
| T1556.001 | Domain Controller Authentication Sub | Credential Access, Persis... | Windows | 1 | |
| T1556.002 | Password Filter DLL Sub | Credential Access, Persis... | Windows | 2 | |
| T1556.003 | Pluggable Authentication Modules Sub | Credential Access, Persis... | Linux, macOS | 0 | |
| T1556.004 | Network Device Authentication Sub | Credential Access, Persis... | Network Devices | 0 | |
| T1556.005 | Reversible Encryption Sub | Credential Access, Persis... | Windows | 0 | |
| T1556.006 | Multi-Factor Authentication Sub | Credential Access, Persis... | Windows, SaaS, IaaS... | 1 | |
| T1556.007 | Hybrid Identity Sub | Credential Access, Persis... | Windows, SaaS, IaaS... | 1 | |
| T1556.008 | Network Provider DLL Sub | Credential Access, Persis... | Windows | 0 | |
| T1556.009 | Conditional Access Policies Sub | Credential Access, Persis... | IaaS, Identity Provi | 2 | |
| T1557 | Adversary-in-the-Middle | Credential Access, Collec... | Linux, macOS, Networ... | 3 | |
| T1557.001 | LLMNR/NBT-NS Poisoning and SMB Relay Sub | Credential Access, Collec... | Windows | 2 |