Use Case: Cryptomining
December 5, 2023 · View on GitHub
Use Case: Cryptomining
Vendor: APC
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| APC | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Absolute
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Absolute DDS | T1496 - Resource Hijacking |
|
Vendor: Akamai
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Cloud Akamai | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Amazon
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| AWS CloudTrail | T1074 - Data Staged T1496 - Resource Hijacking |
|
| AWS GuardDuty | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| AWS WAF | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Amazon EKS | T1496 - Resource Hijacking |
|
| Amazon RDS | T1496 - Resource Hijacking |
|
Vendor: Apache
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Apache | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: BeyondTrust
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| BeyondInsight | T1496 - Resource Hijacking |
|
| BeyondTrust | T1496 - Resource Hijacking |
|
Vendor: Check Point
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Check Point NGFW | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Cisco
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Cisco ACS | T1496 - Resource Hijacking |
|
| Cisco Adaptive Security Appliance | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Cisco Cloud Web Security | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Cisco Firepower | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Cisco IOS | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Cisco Meraki MX appliance | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Cisco Secure Web Appliance | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Cisco Umbrella | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Duo Access | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Citrix
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Citrix Gateway | T1496 - Resource Hijacking |
|
| Citrix Web App Firewall | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Cloudflare
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Cloudflare WAF | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Cohesity
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Cohesity DataPlatform | T1496 - Resource Hijacking |
|
Vendor: CrowdStrike
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Falcon | T1496 - Resource Hijacking |
|
Vendor: CyberArk
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| CyberArk Privilege Access Manager | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Delinea
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Centrify Infrastructure Services | T1496 - Resource Hijacking |
|
Vendor: Dell
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Sonicwall | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Digital Guardian
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Digital Guardian Endpoint Protection | T1496 - Resource Hijacking |
|
Vendor: Dtex Systems
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| DTEX InTERCEPT | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Envoy
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Envoy | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Extreme Networks
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| ExtremeCloud IQ | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: F5
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| F5 Advanced Web Application Firewall | T1496 - Resource Hijacking |
|
Vendor: Forcepoint
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Forcepoint CASB | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Websense Security Gateway | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Fortinet
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| FortiGate | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Fortinet UTM | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Fortiweb Web Application Firewall | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Gigamon
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| GigaVUE-HC2 | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Google
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Google Cloud Platform | T1071.001 - Application Layer Protocol: Web Protocols T1074 - Data Staged T1496 - Resource Hijacking |
|
| Google Workspace | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: HP
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| HP iLO | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| HPE Comware | T1496 - Resource Hijacking |
|
Vendor: HelpSystems
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Powertech Identity and Access Manager | T1496 - Resource Hijacking |
|
Vendor: Huawei
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Huawei Unified Security Gateway | T1496 - Resource Hijacking |
|
Vendor: IBM
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| IBM Mainframe | T1496 - Resource Hijacking |
|
Vendor: Imperva
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Imperva Incapsula | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: InfoWatch
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| InfoWatch DLP | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Infoblox
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| BloxOne DDI | T1496 - Resource Hijacking |
|
Vendor: Ivanti
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Ivanti Pulse Secure | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Juniper Networks
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Junos OS | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Kasada
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Kasada | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: LanScope
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| LanScope Cat | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: McAfee
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| McAfee Web Gateway | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Microsoft
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Active Directory Federation Services | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Azure Monitor | T1496 - Resource Hijacking |
|
| Azure Monitor - VM Insights | T1496 - Resource Hijacking |
|
| Event Viewer - ADFS | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Event Viewer - DNSServer | T1496 - Resource Hijacking |
|
| Event Viewer - PowerShell | T1496 - Resource Hijacking |
|
| Event Viewer - Security | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Event Viewer - System | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Microsoft 365 | T1496 - Resource Hijacking |
|
| Microsoft Defender for Endpoint | T1496 - Resource Hijacking |
|
| Microsoft Exchange | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Microsoft IIS | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Microsoft WMI Log | T1496 - Resource Hijacking |
|
| Sysmon | T1496 - Resource Hijacking |
|
Vendor: Mimecast
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Mimecast Targeted Threat Protection - URL | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Netskope
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Netskope Security Cloud | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: NextDLP
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Reveal | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Okta
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Okta Adaptive MFA | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: OneWelcome
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| OneWelcome Cloud Identity Platform | T1496 - Resource Hijacking |
|
Vendor: Palo Alto Networks
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Cortex XSOAR | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| GlobalProtect | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Palo Alto NGFW | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
| Prisma Cloud | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Password Manager Pro
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Password Manager Pro | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Proofpoint
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| ObserveIT | T1496 - Resource Hijacking |
|
Vendor: SIGSCI
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| SIGSCI | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: SentinelOne
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Singularity Platform | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: SkySea
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| SkySea ClientView | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Skyhigh Security
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Skyhigh Security Cloud | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Sophos
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Sophos UTM | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Squid
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Squid | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Symantec
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Symantec Advanced Threat Protection | T1496 - Resource Hijacking |
|
| Symantec Web Security Service | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Tanium
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Tanium Core Platform | T1496 - Resource Hijacking |
|
| Tanium Integrity Monitor | T1496 - Resource Hijacking |
|
Vendor: Trend Micro
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| OfficeScan | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Unix
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Auditbeat | T1496 - Resource Hijacking |
|
| Unix | T1496 - Resource Hijacking |
|
| Unix Auditd | T1496 - Resource Hijacking |
|
Vendor: VMware
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Carbon Black App Control | T1496 - Resource Hijacking |
|
| Carbon Black CES | T1496 - Resource Hijacking |
|
| Carbon Black EDR | T1496 - Resource Hijacking |
|
Vendor: Varonis
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Varonis Data Security Platform | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Vectra
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Vectra Cognito Stream | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Zeek
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Zeek | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor: Zscaler
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| Zscaler Internet Access | T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|
Vendor:
| Product | MITRE ATT&CK® TTP | Content |
|---|---|---|
| T1071.001 - Application Layer Protocol: Web Protocols T1496 - Resource Hijacking |
|