Exploitation for Defense Evasion (Windows)


Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel. 

Products, Sensors, and Dependencies

ProductDependenciesData sourceAccess requiredProtocolData CollectedNotes
Tenable Vulnerability ManagementAdvanced Network ScanWindows machinesUnauthenticated or Authenticated ScanAnyVulnerabilities

Notes: This technique is not creating an attack path, rather a glyph on the computer node

Attack Path Technique Details

Framework: MITRE ATT&CK

Family: Defense Evasion

Platform: Windows

Tenable Release Date: 2022 Q3