Initial Access - Windows

  1. T1659: Content Injection

  2. T1189: Drive-by Compromise

  3. T1190: Exploit Public-Facing Application

  4. T1133: External Remote Services

  5. T1200: Hardware Additions

  6. T1566: Phishing, with sub-techniques like Spearphishing Attachment (T1566.001), Spearphishing Link (T1566.002), Spearphishing via Service (T1566.003), and Spearphishing Voice (T1566.004)

  7. T1091: Replication Through Removable Media

  8. T1195: Supply Chain Compromise, with sub-techniques like Compromise Software Dependencies and Development Tools (T1195.001), Compromise Software Supply Chain (T1195.002), and Compromise Hardware Supply Chain (T1195.003)

  9. T1199: Trusted Relationship

  10. T1078: Valid Accounts, with sub-techniques like Default Accounts (T1078.001), Domain Accounts (T1078.002), Local Accounts (T1078.003), and Cloud Accounts (T1078.004)

PreviousGlossary/RoadmapNextExecution - Windows

Last updated