Loading AttackTrace...
ATT&CK tactic
46 techniques mapped to this tactic.
Gather Victim Identity Information (T1589) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's identity that can be used during targeting.
Credentials (T1589.001) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather credentials that can be used during targeting.
Email Addresses (T1589.002) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather email addresses that can be used during targeting.
Employee Names (T1589.003) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather employee names that can be used during targeting.
Gather Victim Network Information (T1590) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's networks that can be used during targeting.
Domain Properties (T1590.001) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's network domain(s) that can be used during targeting.
DNS (T1590.002) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's DNS that can be used during targeting.
Network Trust Dependencies (T1590.003) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's network trust dependencies that can be used during targeting.
Network Topology (T1590.004) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's network topology that can be used during targeting.
IP Addresses (T1590.005) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather the victim's IP addresses that can be used during targeting.
Network Security Appliances (T1590.006) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's network security appliances that can be used during targeting.
Gather Victim Org Information (T1591) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's organization that can be used during targeting.
Determine Physical Locations (T1591.001) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather the victim's physical location(s) that can be used during targeting.
Business Relationships (T1591.002) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's business relationships that can be used during targeting.
Identify Business Tempo (T1591.003) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's business tempo that can be used during targeting.
Identify Roles (T1591.004) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about identities and roles within the victim organization that can be used during targeting.
Gather Victim Host Information (T1592) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's hosts that can be used during targeting.
Hardware (T1592.001) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's host hardware that can be used during targeting.
Software (T1592.002) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's host software that can be used during targeting.
Firmware (T1592.003) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's host firmware that can be used during targeting.
Client Configurations (T1592.004) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may gather information about the victim's client configurations that can be used during targeting.
Search Open Websites/Domains (T1593) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search freely available websites and/or domains for information about victims that can be used during targeting.
Social Media (T1593.001) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search social media for information about victims that can be used during targeting.
Search Engines (T1593.002) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may use search engines to collect information about victims that can be used during targeting.
Code Repositories (T1593.003) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search public code repositories for information about victims that can be used during targeting.
Search Victim Owned Websites (T1594) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search websites owned by the victim for information that can be used during targeting.
Active Scanning (T1595) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may execute active reconnaissance scans to gather information that can be used during targeting.
Scanning IP Blocks (T1595.001) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may scan victim IP blocks to gather information that can be used during targeting.
Vulnerability Scanning (T1595.002) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may scan victims for vulnerabilities that can be used during targeting.
Wordlist Scanning (T1595.003) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may iteratively probe infrastructure using brute forcing and crawling techniques.
Search Open Technical Databases (T1596) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search freely available technical databases for information about victims that can be used during targeting.
DNS/Passive DNS (T1596.001) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search DNS data for information about victims that can be used during targeting.
WHOIS (T1596.002) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search public WHOIS data for information about victims that can be used during targeting.
Digital Certificates (T1596.003) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search public digital certificate data for information about victims that can be used during targeting.
CDNs (T1596.004) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search content delivery network (CDN) data about victims that can be used during targeting.
Scan Databases (T1596.005) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search within public scan databases for information about victims that can be used during targeting.
Search Closed Sources (T1597) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search and gather information about victims from closed (e.g., paid, private, or otherwise not freely available) sources that can be used during targeting.
Threat Intel Vendors (T1597.001) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may search private data from threat intelligence vendors for information that can be used during targeting.
Purchase Technical Data (T1597.002) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may purchase technical information about victims that can be used during targeting.
Phishing for Information (T1598) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may send phishing messages to elicit sensitive information that can be used during targeting.
Spearphishing Service (T1598.001) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may send spearphishing messages via third party services to elicit sensitive information that can be used during targeting.
Spearphishing Attachment (T1598.002) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may send spearphishing messages with a malicious attachment to elicit sensitive information that can be used during targeting.
Spearphishing Link (T1598.003) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may send spearphishing messages with a malicious link to elicit sensitive information that can be used during targeting.
Spearphishing Voice (T1598.004) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may use voice communications to elicit sensitive information that can be used during targeting.
Search Threat Vendor Data (T1681) is a MITRE ATT&CK technique associated with Reconnaissance . Threat actors may seek information/indicators from closed or open threat intelligence sources gathered about their own campaigns, as well as those conducted by other adversaries that…
Query Public AI Services (T1682) is a MITRE ATT&CK technique associated with Reconnaissance . Adversaries may query publicly accessible artificial intelligence (AI) services, such as large language models (LLMs), to support targeting and operations.