ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Capture data from application or system process
VERIS
action.malware.variety.Capture app data
Mappings
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056
Input Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056.001
Input Capture: Keylogging
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056.002
Input Capture: GUI Input Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056.003
Input Capture: Web Portal Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1056.004
Input Capture: Credential API Hooking
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1113
Screen Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1114
Email Collection
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1114.001
Email Collection: Local Email Collection
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1114.002
Email Collection: Remote Email Collection
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1114.003
Email Collection: Email Forwarding Rule
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1123
Audio Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1125
Video Capture
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1176
Browser Extensions
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1185
Browser Session Hijacking
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1207
Rogue Domain Controller
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1528
Steal Application Access Token
action.malware.variety.Capture app data
Capture data from application or system process
related-to
T1539
Steal Web Session Cookie
