MITRE ATT&CK
Top ATT&CK Techniques
This table shows the most popular attack techniques being used by cyber attackers based on MITRE ATT&CK data.
| ATT&CK ID | Title | Popularity |
|---|---|---|
| T1204.002 | Malicious File | 81 |
| T1105 | Ingress Tool Transfer | 80 |
| T1566.001 | Spearphishing Attachment | 76 |
| T1059.001 | PowerShell | 71 |
| T1588.002 | Tool | 69 |
| T1059.003 | Windows Command Shell | 65 |
| T1027 | Obfuscated Files or Information | 59 |
| T1547.001 | Registry Run Keys / Startup Folder | 54 |
| T1071.001 | Web Protocols | 51 |
| T1036.005 | Match Legitimate Name or Location | 49 |
| T1053.005 | Scheduled Task | 49 |
| T1082 | System Information Discovery | 48 |
| T1059.005 | Visual Basic | 46 |
| T1083 | File and Directory Discovery | 44 |
| T1005 | Data from Local System | 43 |
| T1566.002 | Spearphishing Link | 43 |
| T1070.004 | File Deletion | 42 |
| T1204.001 | Malicious Link | 41 |
| T1016 | System Network Configuration Discovery | 39 |
| T1203 | Exploitation for Client Execution | 38 |
| T1057 | Process Discovery | 38 |
| T1078 | Valid Accounts | 38 |
| T1003.001 | LSASS Memory | 37 |
| T1033 | System Owner/User Discovery | 37 |
| T1047 | Windows Management Instrumentation | 33 |