212 indexed
ATT&CKATT&CK techniques
212 top-level MITRE ATT&CK Enterprise techniques (T-IDs), grouped by tactic. Filter to a tactic or browse the full kill chain, then click into a technique for sub-techniques and mitigations. Authored by Adam Lundqvist.
7 in Lateral Movement · 212 total
| ID | Title | Summary |
|---|---|---|
| T1021 | Remote Services | Adversaries may use [Valid Accounts](https://attack.mitre.org/techniques/T1078) to log into a service that accepts remote connections, such as telnet, SSH, and… |
| T1080 | Taint Shared Content | Adversaries may deliver payloads to remote systems by adding content to shared storage locations, such as network drives or internal code repositories. Conten… |
| T1091 | Replication Through Removable Media | Adversaries may move onto systems, possibly those on disconnected or air-gapped networks, by copying malware to removable media and taking advantage of Autorun… |
| T1210 | Exploitation of Remote Services | Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network. Exploitation of a software vulnerability occu… |
| T1534 | Internal Spearphishing | Adversaries may use internal spearphishing to gain access to additional information or exploit other users within the same organization after they already have… |
| T1563 | Remote Service Session Hijacking | Adversaries may take control of preexisting sessions with remote services to move laterally in an environment. Users may use valid credentials to log into a se… |
| T1570 | Lateral Tool Transfer | Adversaries may transfer tools or other files between systems in a compromised environment. Once brought into the victim environment (i.e., [Ingress Tool Trans… |