MITRE ATT&CK

Adversary Tactics, Techniques & Mitigations

Tactics Adversary goals Techniques How attacks work Mitigations Countermeasures
T1102
Web Service
ESXi Linux Windows
T1104
Multi-Stage Channels
Linux macOS Windows
T1105
Ingress Tool Transfer
ESXi Linux macOS
T1106
Native API
Linux macOS Windows
T1110
Brute Force
Containers ESXi IaaS
T1111
Multi-Factor Authentication Interception
Linux Windows macOS
T1112
Modify Registry
Windows
T1113
Screen Capture
Linux Windows macOS
T1114
Email Collection
Windows macOS Linux
T1115
Clipboard Data
Linux macOS Windows
T1119
Automated Collection
IaaS Linux macOS
T1120
Peripheral Device Discovery
Linux Windows macOS
T1123
Audio Capture
Linux macOS Windows
T1124
System Time Discovery
ESXi Linux macOS
T1125
Video Capture
Windows macOS Linux
T1127
Trusted Developer Utilities Proxy Execution
Windows
T1129
Shared Modules
Linux macOS Windows
T1132
Data Encoding
Linux macOS Windows
T1133
External Remote Services
Containers Linux macOS
T1134
Access Token Manipulation
Windows
T1135
Network Share Discovery
Linux macOS Windows
T1136
Create Account
Windows IaaS Linux
T1137
Office Application Startup
Windows Office Suite
T1140
Deobfuscate/Decode Files or Information
ESXi Linux macOS
T1176
Software Extensions
Linux macOS Windows
T1185
Browser Session Hijacking
Windows
T1187
Forced Authentication
Windows
T1189
Drive-by Compromise
Identity Provider Linux macOS
T1190
Exploit Public-Facing Application
Containers ESXi IaaS
T1195
Supply Chain Compromise
Linux Windows macOS
T1197
BITS Jobs
Windows
T1199
Trusted Relationship
Windows SaaS IaaS
T1200
Hardware Additions
Windows Linux macOS
T1201
Password Policy Discovery
Windows Linux macOS
T1202
Indirect Command Execution
Windows
T1203
Exploitation for Client Execution
Linux macOS Windows
T1204
User Execution
Linux Windows macOS
T1205
Traffic Signaling
Linux macOS Network Devices
T1207
Rogue Domain Controller
Windows
T1210
Exploitation of Remote Services
Linux Windows macOS
T1211
Exploitation for Defense Evasion
Linux Windows macOS
T1212
Exploitation for Credential Access
Linux Windows macOS
T1213
Data from Information Repositories
Linux Windows macOS
T1216
System Script Proxy Execution
Windows
T1217
Browser Information Discovery
Linux macOS Windows
T1218
System Binary Proxy Execution
Windows Linux macOS
T1219
Remote Access Tools
Linux macOS Windows
T1220
XSL Script Processing
Windows
T1221
Template Injection
Windows
T1222
File and Directory Permissions Modification
ESXi Linux macOS
Prev 1 2 3 4 5 Next