ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Capture data from application or system process
VERIS
action.malware.variety.Capture app data
Mappings
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056
Input Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1596.003
Digital Certificates
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1547.006
Kernel Modules and Extensions
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1090.002
External Proxy
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1546.017
Udev Rules
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1113
Screen Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1114
Email Collection
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1110.002
Password Cracking
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1556.006
Multi-Factor Authentication
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1546.009
AppCert DLLs
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1123
Audio Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1125
Video Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1176
Browser Extensions
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1185
Browser Session Hijacking
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1207
Rogue Domain Controller
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1528
Steal Application Access Token
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1539
Steal Web Session Cookie
