212 indexed
ATT&CKATT&CK techniques
212 top-level MITRE ATT&CK Enterprise techniques (T-IDs), grouped by tactic. Filter to a tactic or browse the full kill chain, then click into a technique for sub-techniques and mitigations. Authored by Adam Lundqvist.
7 in Initial Access · 212 total
| ID | Title | Summary |
|---|---|---|
| T1189 | Drive-by Compromise | Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is ty… |
| T1190 | Exploit Public-Facing Application | Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network. The weakness in the system can be a software … |
| T1195 | Supply Chain Compromise | Adversaries may manipulate products or product delivery mechanisms prior to receipt by a final consumer for the purpose of data or system compromise. Supply c… |
| T1199 | Trusted Relationship | Adversaries may breach or otherwise leverage organizations who have access to intended victims. Access through trusted third party relationship abuses an exist… |
| T1200 | Hardware Additions | Adversaries may introduce computer accessories, networking hardware, or other computing devices into a system or network that can be used as a vector to gain a… |
| T1566 | Phishing | Adversaries may send phishing messages to gain access to victim systems. All forms of phishing are electronically delivered social engineering. Phishing can be… |
| T1659 | Content Injection | Adversaries may gain access and continuously communicate with victims by injecting malicious content into systems through online network traffic. Rather than l… |