Initial Access

  • T1659: Content Injection

  • T1189: Drive-by Compromise

  • T1190: Exploit Public-Facing Application

  • T1133: External Remote Services

  • T1200: Hardware Additions

  • T1566: Phishing, with sub-techniques like Spearphishing Attachment (T1566.001), Spearphishing Link (T1566.002), Spearphishing via Service (T1566.003), and Spearphishing Voice (T1566.004)

  • T1091: Replication Through Removable Media

  • T1195: Supply Chain Compromise, with sub-techniques like Compromise Software Dependencies and Development Tools (T1195.001), Compromise Software Supply Chain (T1195.002), and Compromise Hardware Supply Chain (T1195.003)

  • T1199: Trusted Relationship

  • T1078: Valid Accounts, with sub-techniques like Default Accounts (T1078.001), Domain Accounts (T1078.002), Local Accounts (T1078.003), and Cloud Accounts (T1078.004)

Previous20003NextContent Injection

Last updated

Was this helpful?