CSURFACE
THREAT SENSOR
Home
Analytics
News
About
Tools
Constellation
Libraries
CWE
CAPEC
MITRE ATT&CK
MITRE D3FEND
OWASP Top 10
Ransomware Groups
References
Support
EN
|
PT
MITRE ATT&CK
Adversary Tactics, Techniques & Mitigations
Tactics
Adversary goals
Techniques
How attacks work
Mitigations
Countermeasures
Platform
Containers
ESXi
IaaS
Identity Provider
Linux
Network Devices
Office Suite
PRE
SaaS
Windows
macOS
Threat Actor
safepay (150)
sicarii (146)
ransomhub (83)
thegentlemen (56)
qilin (55)
0apt (48)
nightspire (35)
stormous (34)
donex (33)
alphv (32)
play (31)
clop (31)
rhysida (28)
8base (28)
akira (26)
sinobi (25)
lockbit (25)
sarcoma (23)
conti (23)
cuba (23)
cactus (21)
darkside (20)
pear (20)
medusa (19)
nitrogen (19)
royal (19)
coinbasecartel (18)
devman (18)
everest (17)
blacksuit (17)
maze (16)
vicesociety (16)
revil (16)
hive (15)
bluelocker (15)
blackmatter (14)
ragnarlocker (13)
lynx (13)
trigona (13)
hunters (11)
payload (11)
threeam (11)
bianlian (11)
tengu (10)
crosslock (10)
blackbasta (9)
shinyhunters (7)
0mega (7)
braincipher (5)
dragonforce (5)
alphalocker (4)
medusalocker (1)
T1480
Execution Guardrails
ESXi
Linux
macOS
T1482
Domain Trust Discovery
Windows
T1484
Domain or Tenant Policy Modification
Windows
Identity Provider
T1485
Data Destruction
Containers
ESXi
IaaS
T1486
Data Encrypted for Impact
ESXi
IaaS
Linux
T1489
Service Stop
ESXi
IaaS
Linux
T1490
Inhibit System Recovery
Containers
ESXi
IaaS
T1491
Defacement
Windows
IaaS
Linux
T1495
Firmware Corruption
Linux
macOS
Network Devices
T1496
Resource Hijacking
Windows
IaaS
Linux
T1497
Virtualization/Sandbox Evasion
Linux
macOS
Windows
T1498
Network Denial of Service
Windows
IaaS
Linux
T1499
Endpoint Denial of Service
Windows
Linux
macOS
T1505
Server Software Component
Windows
Linux
macOS
T1518
Software Discovery
ESXi
IaaS
Linux
T1525
Implant Internal Image
IaaS
Containers
T1526
Cloud Service Discovery
IaaS
Identity Provider
Office Suite
T1528
Steal Application Access Token
SaaS
Containers
IaaS
T1529
System Shutdown/Reboot
ESXi
Linux
macOS
T1530
Data from Cloud Storage
IaaS
Office Suite
SaaS
T1531
Account Access Removal
Linux
macOS
Windows
T1534
Internal Spearphishing
Windows
macOS
Linux
T1535
Unused/Unsupported Cloud Regions
IaaS
T1537
Transfer Data to Cloud Account
IaaS
Office Suite
SaaS
T1538
Cloud Service Dashboard
IaaS
SaaS
Office Suite
T1539
Steal Web Session Cookie
Linux
Office Suite
SaaS
T1542
Pre-OS Boot
Linux
Network Devices
Windows
T1543
Create or Modify System Process
Windows
macOS
Linux
T1546
Event Triggered Execution
Linux
macOS
Windows
T1547
Boot or Logon Autostart Execution
Linux
macOS
Windows
T1548
Abuse Elevation Control Mechanism
Linux
macOS
Windows
T1550
Use Alternate Authentication Material
Windows
SaaS
IaaS
T1552
Unsecured Credentials
Windows
SaaS
IaaS
T1553
Subvert Trust Controls
Windows
macOS
Linux
T1554
Compromise Host Software Binary
Linux
macOS
Windows
T1555
Credentials from Password Stores
IaaS
Linux
macOS
T1556
Modify Authentication Process
Windows
Linux
macOS
T1557
Adversary-in-the-Middle
Linux
macOS
Network Devices
T1558
Steal or Forge Kerberos Tickets
Windows
Linux
macOS
T1559
Inter-Process Communication
Linux
macOS
Windows
T1560
Archive Collected Data
Linux
macOS
Windows
T1561
Disk Wipe
Linux
macOS
Windows
T1562
Impair Defenses
Windows
IaaS
Linux
T1563
Remote Service Session Hijacking
Linux
macOS
Windows
T1564
Hide Artifacts
Linux
Office Suite
Windows
T1565
Data Manipulation
Linux
macOS
Windows
T1566
Phishing
Identity Provider
Linux
macOS
T1567
Exfiltration Over Web Service
ESXi
Linux
macOS
T1568
Dynamic Resolution
Linux
macOS
Windows
T1569
System Services
Windows
macOS
Linux
Prev
1
2
3
4
5
Next