ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 12.1 Enterprise and VERIS 1.3.7.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Capture data from application or system process
VERIS
action.malware.variety.Capture app data
Mappings
ATT&CK Version
12.1
ATT&CK Domain
Enterprise
VERIS
1.3.7
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1539
Steal Web Session Cookie
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1185
Browser Session Hijacking
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056.003
Input Capture: Web Portal Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056
Input Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056.001
Input Capture: Keylogging
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056.002
Input Capture: GUI Input Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056.004
Input Capture: Credential API Hooking
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1113
Screen Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1114
Email Collection
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1114.001
Email Collection: Local Email Collection
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1114.002
Email Collection: Remote Email Collection
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1114.003
Email Collection: Email Forwarding Rule
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1123
Audio Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1125
Video Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1176
Browser Extensions
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1207
Rogue Domain Controller
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1217
Browser Bookmark Discovery
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1528
Steal Application Access Token
