Use Case: Cryptomining
May 13, 2026 · View on GitHub
Use Case: Cryptomining
Vendor: Adobe
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Adobe Experience Manager | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Akamai
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Akamai SIEM | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Cloud Akamai | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Amazon
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| AWS CloudTrail | T1074 - Data Staged T1496 - Resource Hijacking |
|
| AWS CloudWatch | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| AWS Elastic Load Balancer | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| AWS WAF | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Amazon S3 | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Apache
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Apache | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Auth0
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Auth0 | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: BeyondTrust
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| BeyondTrust | T1496 - Resource Hijacking |
|
Vendor: CatoNetworks
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Cato Cloud | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Check Point
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Check Point NGFW | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Cisco
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Cisco Cloud Security | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Cisco IOS | T1496 - Resource Hijacking |
|
| Cisco Network Security | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Cisco Web Security | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Citrix
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Citrix Gateway | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Cloudflare
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Cloudflare Insights | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Cloudflare WAF | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: CrowdStrike
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Falcon | T1496 - Resource Hijacking |
|
Vendor: Delinea
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Centrify Infrastructure Services | T1496 - Resource Hijacking |
|
Vendor: Dell
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Sonicwall | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Digital Arts
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Digital Arts i-FILTER for Business | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Digital Guardian
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Digital Guardian Endpoint Protection | T1496 - Resource Hijacking |
|
| Digital Guardian Network DLP | T1496 - Resource Hijacking |
|
Vendor: Dtex Systems
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| DTEX InTERCEPT | T1496 - Resource Hijacking |
|
Vendor: F5
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| F5 Distributed Cloud | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| F5 WebSafe | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Forcepoint
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Websense Security Gateway | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Fortinet
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| FortiClient | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| FortiGate | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Fortinet Enterprise Firewall | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Fortinet UTM | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Fortiweb Web Application Firewall | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: FreeBSD
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| FreeBSD | T1496 - Resource Hijacking |
|
Vendor: GitHub
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| GitHub | T1496 - Resource Hijacking |
|
Vendor: Google
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| GCP CloudAudit | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Google Cloud Platform | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1074 - Data Staged T1496 - Resource Hijacking |
|
Vendor: HUMAN Security
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| HUMAN Bot Defender | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: HelpSystems
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Powertech Identity and Access Manager | T1496 - Resource Hijacking |
|
Vendor: Huawei
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Huawei Unified Security Gateway | T1496 - Resource Hijacking |
|
Vendor: IBM
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Security Access Manager | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Imperva
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Imperva Incapsula | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Infoblox
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| BloxOne DDI | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Island
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Island Enterprise Browser | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Ivanti
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Ivanti Pulse Secure | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Jamf
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Jamf Protect | T1496 - Resource Hijacking |
|
Vendor: Juniper Networks
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Junos OS | T1496 - Resource Hijacking |
|
Vendor: Kasada
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Kasada | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Kong
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Kong Gateway | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: LanScope
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| LanScope Cat | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: LogRhythm
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| LogRhythm | T1496 - Resource Hijacking |
|
Vendor: McAfee
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| McAfee Web Gateway | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Menlo Security
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Menlo Security | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Microsoft
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Active Directory Federation Services | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Azure Monitor | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Azure Monitor - VM Insights | T1496 - Resource Hijacking |
|
| Event Viewer - ADFS | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Event Viewer - Application | T1496 - Resource Hijacking |
|
| Event Viewer - PowerShell | T1496 - Resource Hijacking |
|
| Event Viewer - Security | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Event Viewer - System | T1496 - Resource Hijacking |
|
| MSSQL | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Microsoft 365 | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Microsoft Defender | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Microsoft IIS | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Microsoft Sentinel | T1496 - Resource Hijacking |
|
| Microsoft WMI Log | T1496 - Resource Hijacking |
|
| Sysmon | T1496 - Resource Hijacking |
|
Vendor: Mimecast
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Mimecast Targeted Threat Protection - URL | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Netskope
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Netskope Security Cloud | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Netskope Webtx | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: NextDLP
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Reveal | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Oracle
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Solaris | T1496 - Resource Hijacking |
|
Vendor: Palo Alto Networks
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Palo Alto NGFW | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Prisma Access | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Prisma Cloud | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Ping Identity
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| ForgeRock | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Ping Access | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: SIGSCI
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| SIGSCI | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Salesforce
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Salesforce | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Sangfor
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Sangfor NGAF | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: SentinelOne
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Singularity Platform | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: ServiceNow
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| ServiceNow | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: SkySea
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| SkySea ClientView | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Skyhigh Security
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Secure Web Gateway | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Skyhigh Security Cloud | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Sophos
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Sophos Endpoint Protection | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Sophos UTM | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Sophos XG Firewall | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Squid
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Squid | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Swift
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Swift | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Symantec
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Symantec Web Security Service | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Trellix
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Trellix Network Security (NX) | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Trend Micro
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Deep Security | T1496 - Resource Hijacking |
|
Vendor: Unix
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Auditbeat | T1496 - Resource Hijacking |
|
| Unix | T1496 - Resource Hijacking |
|
| Unix Auditd | T1496 - Resource Hijacking |
|
Vendor: VMware
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Carbon Black App Control | T1496 - Resource Hijacking |
|
| Carbon Black CES | T1496 - Resource Hijacking |
|
| Carbon Black EDR | T1496 - Resource Hijacking |
|
| VMware ESXi | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Watchguard
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Watchguard | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Zeek
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Zeek | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Zscaler
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Zscaler Breach Predictor | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Zscaler Internet Access | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Zscaler Private Access | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor:
Vendor: iBoss
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Iboss Cloud | T1071 - Application Layer Protocol T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|