CRITICAL
Infostealer Browser Credential Theft
Infostealers systematically harvest credentials, cookies, and autofill data from browser credential databases — the s...
Detection Chokepoints
TTPs evolve. Chokepoints don't.
Attack prerequisites that cannot be bypassed regardless of tool choice — high-signal, low-volume detection opportunities for every defender.
/
Tactic
Priority
CRITICAL
EDR Bypass Techniques
Adversaries impair or neutralize EDR/AV products before executing their primary payload to prevent detection and resp...
CRITICAL
Ransomware Service Manipulation
Before encrypting files, ransomware operators stop and delete security tools, backup services, and database engines t...
CRITICAL
Web Shell Persistence
Adversaries plant web-accessible scripts (web shells) on compromised servers to maintain persistent command execution...
HIGH
ClickFix Techniques
Social engineering attacks that trick users into copying and executing malicious commands via clipboard manipulation....
HIGH
Renamed RMM Tools
Legitimate remote management and monitoring (RMM) tools are renamed or masqueraded to appear as trusted applications ...
HIGH
Remote Execution Tools (HackTools)
Offensive security tools (Impacket, NetExec, CrackMapExec, Evil-WinRM) used for remote code execution across Windows ...
No chokepoints match your search.