Scribd
Upload
63 views1 page

Mobile Attack Cheat Sheet 1708115239

The document lists various tactics, techniques, and procedures related to cyber attacks. It includes discovery of files, processes, and system information. It also includes techniques for credential access, collection of data, lateral movement, defense evasion, and establishing command and control.

Uploaded by

Joash Macenton
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
63 views1 page

Mobile Attack Cheat Sheet 1708115239

The document lists various tactics, techniques, and procedures related to cyber attacks. It includes discovery of files, processes, and system information. It also includes techniques for credential access, collection of data, lateral movement, defense evasion, and establishing command and control.

Uploaded by

Joash Macenton
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

@hackinarticles

https://github.com/Ignitetechnologies T1420 - File and Directory Discovery

Remote Device Management Services


T1430 - Location Tracking
Impersonate SS7 Nodes
https://in.linkedin.com/company/hackingarticles
T1423 - Network Service Scanning

ID:TA0032 - Discovery T1424 - Process Discovery

T1428 - Exploitation of Remote Services T1418 - Software Discovery Security Software Discovery
ID:TA0033 - Lateral Movement
T1458 - Replication Through Removable Media T1426 - System Information Discovery

T1422 - System Network Configuration Discovery


T1517 - Access Notifications T1421 - System Network Connections Discovery
T1638 - Adversary-in-the-Middle

T1532 - Archive Collected Data T1517 - Access Notifications

T1429 - Audio Capture T1414 - Clipboard Data

T1616 - Call Control T1634 - Credentials from Password Store Keychain


ID:TA0031 - Credential Access
T1414 - Clipboard Data Keylogging
T1417 - Input Capture
T1533 - Data from Local System GUI Input Capture

Keylogging T1635 - Steal Application Access Token URI Hijacking


T1417 - Input Capture
GUI Input Capture
ID:TA0035 - Collection T1407 - Download New Code at Runtime
Remote Device Management Services
T1430 - Location Tracking T1627 - Execution Guardrails Geofencing
Impersonate SS7 Nodes
T1541 - Foreground Persistence
Calendar Entries
Suppress Application Icon
Call Log T1628 - Hide Artifacts
T1636 - Protected User Data User Evasion
Contact List
T1617 - Hooking
Messages
Prevent Application Removal
T1513 - Screen Capture
T1629 - Impair Defenses Device Lockout
T1409 - Stored Application Data
Disable or Modify Tools
T1512 - Video Capture
Uninstall Malicious Application
ID:TA0030 - Defense Evasion
T1630 - Indicator Removal on Host File Deletion
Web Protocols T1437 - Application Layer Protocol
Disguise Root/Jailbreak Indicators
T1616 - Call Control
T1516 - Input Injection
Domain Generation Algorithms T1637 - Dynamic Resolution
T1575 - Native API
Symmetric Cryptography
T1521 - Encrypted Channel Steganography
Asymmetric Cryptography T1406 - Obfuscated Files or Information
ID:TA0037 - Command and Control Software Packing
T1544 - Ingress Tool Transfer
T1631 - Process Injection Ptrace System Calls
T1509 - Non-Standard Port
T1604 - Proxy Through Victim
T1644 - Out of Band Data
T1632 - Subvert Trust Controls Code Signing Policy Modification
Dead Drop Resolver
T1633 - Virtualization/Sandbox Evasion System Checks
Bidirectional Communication T1481 - Web Service

One-Way Communication T1626 - Abuse Elevation Control Mechanism Device Administrator Permissions

ID:TA0029 - Privilege Escalation T1404 - Exploitation for Privilege Escalation


Exfiltration Over Unencrypted Non-C2 Protocol T1639 - Exfiltration Over Alternative Protocol
ID:TA0036 - Exfiltration T1631 - Process Injection Ptrace System Calls
T1646 - Exfiltration Over C2 Channel

T1398 - Boot or Logon Initialization Scripts


T1640 - Account Access Removal
T1577 - Compromise Application Executable
T1616 - Call Control
T1645 - Compromise Client Software Binary
T1471 - Data Encrypted for Impact
ID:TA0028 - Persistence T1624 - Event Triggered Execution Broadcast Receivers
Transmitted Data Manipulation T1641 - Data Manipulation
T1541 - Foreground Persistence
T1642 - Endpoint Denial of Service ID:TA0034 - Impact
T1625 - Hijack Execution Flow System Runtime API Hijacking
T1643 - Generate Traffic from Victim
T1603 - Scheduled Task/Job
T1516 - Input Injection

T1464 - Network Denial of Service T1575 - Native API T1623 - Command and Scripting Interpreter Unix Shell
ID:TA0041 - Execution
T1582 - SMS Control T1603 - Scheduled Task/Job

The adversary is trying to intercept or manipulate network traffic to or from a device T1456 - Drive-By Compromise

T1461 - Lockscreen Bypass


ID:TA0038 - Network Effects
ID:TA0027 - Initial Access T1458 - Replication Through Removable Media

Compromise Software Dependencies and Development Tools


The adversary is trying to control or monitor the device using remote services
T1474 - Supply Chain Compromise Compromise Hardware Supply Chain
ID:TA0039 - Remote Service Effects Compromise Software Supply Chain

MITRE ATT&CK Mobile


Tactics

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy