Robuta

https://app-attack-matrix.com/techniques/Reconnaissance/Application%20Dependencies%20Mapping/subtechniques/Package%20Manifest%20Scraping/ Package Manifest Scraping - Application Security Tactics & Techniques Matrix application security tacticspackagemanifestscrapingtechniques https://app-attack-matrix.com/techniques/Deepening%20Control/C2%20over%20App-Protocols/C2%20over%20App-Protocols/ C2 over App Protocols - Application Security Tactics & Techniques Matrix application security tacticsprotocolstechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Resource%20Hijacking/subtechniques/Compute%20Hijacking/ Compute Hijacking - Application Security Tactics & Techniques Matrix application security tacticscomputehijackingtechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Valid%20Accounts/subtechniques/Cloud%20Accounts/ Cloud Accounts - Application Security Tactics & Techniques Matrix application security tacticscloudaccountstechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Content%20Injection/subtechniques/Man-on-the-Side%20Injection/ Man-on-the-Side Injection - Application Security Tactics & Techniques Matrix application security tacticsmansideinjectiontechniques https://app-attack-matrix.com/tactics/Impact/ Index - Application Security Tactics & Techniques Matrix application security tacticsindextechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Data%20Manipulation/subtechniques/Transmitted%20Data%20Manipulation/ Transmitted Data Manipulation - Application Security Tactics & Techniques Matrix application security tacticsdata manipulationtransmittedtechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Supply%20Chain%20Compromise/subtechniques/Container%20Registry%20Poisoning/ Container Registry Poisoning - Application Security Tactics & Techniques Matrix application security tacticscontainer registrypoisoningtechniquesmatrix https://app-attack-matrix.com/techniques/Reconnaissance/Gather%20Application%20Configuration%20Information/subtechniques/Fingerprinting/ Fingerprinting - Application Security Tactics & Techniques Matrix application security tacticsfingerprintingtechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Supply%20Chain%20Compromise/subtechniques/Compromise%20Software%20Dependencies%20and%20Development%20Tools/ Compromise Software Dependencies and Development Tools - Application Security Tactics & Techniques... application security tacticsdevelopment toolscompromisesoftwaredependencies https://app-attack-matrix.com/techniques/Resource%20Development/Develop%20Capabilities/Develop%20Capabilities/ Develop Capabilities - Application Security Tactics & Techniques Matrix application security tacticsdevelopcapabilitiestechniquesmatrix https://app-attack-matrix.com/techniques/Reconnaissance/Public%20Source%20Code%20and%20Artifacts%20Analysis/subtechniques/Static%20Code%20Analysis/ Static Code Analysis - Application Security Tactics & Techniques Matrix static code analysisapplication security tacticstechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Content%20Injection/subtechniques/Protocol%20Exploitation/ Protocol Exploitation - Application Security Tactics & Techniques Matrix application security tacticsprotocolexploitationtechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Supply%20Chain%20Compromise/subtechniques/Compromise%20Software%20Supply%20Chain/ Compromise Software Supply Chain - Application Security Tactics & Techniques Matrix software supply chainapplication security tacticscompromisetechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Content%20Injection/subtechniques/Man-in-the-Middle%20Injection/ Man in the Middle Injection - Application Security Tactics & Techniques Matrix application security tacticsmanmiddleinjectiontechniques https://app-attack-matrix.com/techniques/Resource%20Development/Third-Party%20Dependency%20Poisoning/subtechniques/Dependency%20Confusion/ Dependency Confusion - Application Security Tactics & Techniques Matrix application security tacticsdependencyconfusiontechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Content%20Injection/Content%20Injection/ Content Injection - Application Security Tactics & Techniques Matrix application security tacticscontentinjectiontechniquesmatrix https://app-attack-matrix.com/techniques/Payload%20Execution/Request%20Forgery/subtechniques/SSRF/ Server-Side Request Forgery (SSRF) - Application Security Tactics & Techniques Matrix application security tacticsserver siderequest forgeryssrftechniques https://app-attack-matrix.com/techniques/Deepening%20Control/Exploitation%20for%20Defense%20Evasion/Exploitation%20for%20Defense%20Evasion/ Exploitation for Defense Evasion - Application Security Tactics & Techniques Matrix application security tacticsexploitationdefenseevasiontechniques https://app-attack-matrix.com/techniques/Payload%20Execution/Injection%20Exploitations/subtechniques/OGNL%20Injection/ OGNL Injection - Application Security Tactics & Techniques Matrix application security tacticsinjectiontechniquesmatrix https://app-attack-matrix.com/tactics/Resource%20Development/ Resource Development - Application Security Tactics & Techniques Matrix application security tacticsresource developmenttechniquesmatrix https://app-attack-matrix.com/techniques/Payload%20Execution/Injection%20Exploitations/subtechniques/SQL%20Injection/ SQL Injection - Application Security Tactics & Techniques Matrix application security tacticssql injectiontechniquesmatrix https://app-attack-matrix.com/techniques/Resource%20Development/Compromised%20Code%20Signing%20and%20Build%20Infrastructure/subtechniques/Build%20Pipeline%20Manipulation/ Build Pipeline Manipulation - Application Security Tactics & Techniques Matrix application security tacticsbuild pipelinemanipulationtechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Resource%20Hijacking/Resource%20Hijacking/ Resource Hijacking - Application Security Tactics & Techniques Matrix application security tacticsresourcehijackingtechniquesmatrix https://app-attack-matrix.com/techniques/Resource%20Development/Develop%20Capabilities/subtechniques/Malware/ Malware - Application Security Tactics & Techniques Matrix application security tacticsmalwaretechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Valid%20Accounts/Valid%20Accounts/ Valid Accounts - Application Security Tactics & Techniques Matrix application security tacticsvalidaccountstechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Data%20Destruction/subtechniques/Backup%20Destruction%20or%20Tampering/ Backup Destruction or Tampering - Application Security Tactics & Techniques Matrix application security tacticsbackupdestructiontamperingtechniques https://app-attack-matrix.com/techniques/Payload%20Execution/Injection%20Exploitations/subtechniques/Expression%20Language%20Injection/ Expression Language Injection - Application Security Tactics & Techniques Matrix application security tacticsexpression languageinjectiontechniquesmatrix https://app-attack-matrix.com/techniques/Expanding%20Control/Service-to-Service%20Trust%20Abuse/subtechniques/Token%20Replay%20or%20Reuse%20Attacks/ Token Replay or Reuse Attacks - Application Security Tactics & Techniques Matrix application security tacticstokenreplayreuseattacks https://app-attack-matrix.com/techniques/Gain%20Access/External%20Remote%20Services/External%20Remote%20Services/ External Remote Services - Application Security Tactics & Techniques Matrix application security tacticsremote servicesexternaltechniquesmatrix https://app-attack-matrix.com/techniques/Deepening%20Control/Exploitation%20for%20Defense%20Evasion/subtechniques/Shared%20Library/ Shared Library - Application Security Tactics & Techniques Matrix application security tacticssharedlibrarytechniquesmatrix https://app-attack-matrix.com/techniques/Deepening%20Control/Disable%20Runtime%20Protection%20Service/Disable%20Runtime%20Protection%20Service/ Disable Runtime Protection Service - Application Security Tactics & Techniques Matrix application security tacticsprotection servicedisableruntimetechniques https://app-attack-matrix.com/techniques/Expanding%20Control/Exploitation%20for%20Credential%20Access/Exploitation%20for%20Credential%20Access/ Exploitation for Credential Access - Application Security Tactics & Techniques Matrix application security tacticsexploitationcredentialaccesstechniques https://app-attack-matrix.com/techniques/Deepening%20Control/Scheduled%20Task/subtechniques/Cron/ Cron - Application Security Tactics & Techniques Matrix application security tacticscrontechniquesmatrix https://app-attack-matrix.com/contributors/ Contributors - Application Security Tactics & Techniques Matrix application security tacticscontributorstechniquesmatrix https://app-attack-matrix.com/techniques/Deepening%20Control/Scheduled%20Task/subtechniques/Systemd%20Timers/ Systemd Timers - Application Security Tactics & Techniques Matrix application security tacticssystemdtimerstechniquesmatrix https://app-attack-matrix.com/techniques/Deepening%20Control/Exploitation%20for%20Privilege%20Escalation/Exploitation%20for%20Privilege%20Escalation/ Exploitation for Privilege Escalation - Application Security Tactics & Techniques Matrix application security tacticsprivilege escalationexploitationtechniquesmatrix https://app-attack-matrix.com/attacks/ Attacks - Application Security Tactics & Techniques Matrix application security tacticsattackstechniquesmatrix https://app-attack-matrix.com/techniques/Expanding%20Control/Exploitation%20for%20Credential%20Access/subtechniques/Stealing%20Tokens/ Stealing Tokens - Application Security Tactics & Techniques Matrix application security tacticsstealingtokenstechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Authentication%20Bypass/subtechniques/OAuth%20Flow%20Manipulation/ OAuth Flow Manipulation - Application Security Tactics & Techniques Matrix application security tacticsoauthflowmanipulationtechniques https://app-attack-matrix.com/techniques/Payload%20Execution/Request%20Forgery/subtechniques/CSRF/ Cross-Site Request Forgery (CSRF) - Application Security Tactics & Techniques Matrix cross site requestapplication security tacticsforgerycsrftechniques https://app-attack-matrix.com/techniques/Gain%20Access/Supply%20Chain%20Compromise/Supply%20Chain%20Compromise/ Supply Chain Compromise - Application Security Tactics & Techniques Matrix application security tacticssupply chaincompromisetechniquesmatrix https://app-attack-matrix.com/techniques/Reconnaissance/Application%20Dependencies%20Mapping/subtechniques/Image%20Metadata%20Inspection/ Image Metadata Inspection - Application Security Tactics & Techniques Matrix application security tacticsimagemetadatainspectiontechniques https://app-attack-matrix.com/techniques/Gain%20Access/Valid%20Accounts/subtechniques/Valid%20Tokens/ Valid Tokens - Application Security Tactics & Techniques Matrix application security tacticsvalidtokenstechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Service%20Disruption/subtechniques/Denial%20of%20Service%20%28DoS%29%20Attacks/ Denial of Service (DoS) Attacks - Application Security Tactics & Techniques Matrix application security tacticsdenialservicedosattacks https://app-attack-matrix.com/techniques/Gain%20Access/External%20Remote%20Services/subtechniques/Exposed%20Gateway/ Exposed Gateway - Application Security Tactics & Techniques Matrix application security tacticsexposedgatewaytechniquesmatrix https://app-attack-matrix.com/techniques/Reconnaissance/Reverse%20Engineering/subtechniques/Protocol%20Analysis/ Protocol Analysis - Application Security Tactics & Techniques Matrix application security tacticsprotocolanalysistechniquesmatrix https://app-attack-matrix.com/techniques/Reconnaissance/Application%20API%20Specification%20Harvesting/subtechniques/API%20Documentation%20Analysis/ API Documentation Analysis - Application Security Tactics & Techniques Matrix application security tacticsapi documentationanalysistechniquesmatrix https://app-attack-matrix.com/techniques/Reconnaissance/Application%20API%20Specification%20Harvesting/subtechniques/Schema%20Extraction/ Schema Extraction - Application Security Tactics & Techniques Matrix application security tacticsschemaextractiontechniquesmatrix https://app-attack-matrix.com/techniques/Payload%20Execution/Injection%20Exploitations/subtechniques/Template%20Injection/ Template Injection - Application Security Tactics & Techniques Matrix application security tacticstemplateinjectiontechniquesmatrix https://app-attack-matrix.com/techniques/Expanding%20Control/Cloud%20Service%20Discovery/subtechniques/Open-source%20discovery%20tools/ Open source discovery tools - Application Security Tactics & Techniques Matrix application security tacticsopen sourcediscovery toolstechniquesmatrix https://app-attack-matrix.com/techniques/Reconnaissance/Application%20Dependencies%20Mapping/subtechniques/Registry%20Metadata%20Query/ Registry Metadata Query - Application Security Tactics & Techniques Matrix application security tacticsregistrymetadataquerytechniques https://app-attack-matrix.com/techniques/Payload%20Execution/Execution%20Using%20Standard%20Applicative%20Flow/Execution%20Using%20Standard%20Applicative%20Flow/ Execution Using Standard Applicative Flow - Application Security Tactics & Techniques Matrix application security tacticsexecutionusingstandardapplicative https://app-attack-matrix.com/techniques/Payload%20Execution/Injection%20Exploitations/subtechniques/CRLF%20Injection/ CRLF Injection - Application Security Tactics & Techniques Matrix application security tacticsinjectiontechniquesmatrix https://app-attack-matrix.com/techniques/Deepening%20Control/Exploitation%20for%20Defense%20Evasion/subtechniques/Ptrace%20System%20Calls/ Ptrace System Calls - Application Security Tactics & Techniques Matrix application security tacticssystem callstechniquesmatrix https://app-attack-matrix.com/techniques/Expanding%20Control/Exploitation%20of%20Remote%20Services/subtechniques/API%20Misconfiguration%20Exploitation/ API Misconfiguration Exploitation - Application Security Tactics & Techniques Matrix application security tacticsapiexploitationtechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Service%20Disruption/subtechniques/System%20Shutdown%20and%20Reboot/ System Shutdown and Reboot - Application Security Tactics & Techniques Matrix application security tacticssystemshutdownreboottechniques https://app-attack-matrix.com/techniques/Deepening%20Control/Server%20Software%20Component/Server%20Software%20Component/ Server Software Component - Application Security Tactics & Techniques Matrix application security tacticsserver softwarecomponenttechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Data%20Manipulation/subtechniques/Runtime%20Data%20Manipulation/ Runtime Data Manipulation - Application Security Tactics & Techniques Matrix application security tacticsdata manipulationruntimetechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Authentication%20Bypass/subtechniques/SQL%20Injection/ SQL Injection - Application Security Tactics & Techniques Matrix application security tacticssql injectiontechniquesmatrix https://app-attack-matrix.com/bybit/ Bybit Campaign - Application Security Tactics & Techniques Matrix application security tacticsbybitcampaigntechniquesmatrix https://app-attack-matrix.com/techniques/Resource%20Development/Obtain%20Capabilities/subtechniques/Malware/ Malware - Application Security Tactics & Techniques Matrix application security tacticsmalwaretechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Defacement/subtechniques/Replacement/ Replacement - Application Security Tactics & Techniques Matrix application security tacticsreplacementtechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Data%20Encryption/Data%20Encryption/ Data Encryption - Application Security Tactics & Techniques Matrix application security tacticsdata encryptiontechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Authentication%20Bypass/subtechniques/Password%20Brute%20Forcing/ Password Brute Forcing - Application Security Tactics & Techniques Matrix application security tacticspasswordbruteforcingtechniques https://app-attack-matrix.com/techniques/Payload%20Execution/Injection%20Exploitations/subtechniques/LDAP%20Injection/ LDAP Injection - Application Security Tactics & Techniques Matrix application security tacticsldapinjectiontechniquesmatrix https://app-attack-matrix.com/techniques/Reconnaissance/Application%20Dependencies%20Mapping/subtechniques/OpenSource%20Dependency%20Enumeration/ OpenSource Dependency Enumeration - Application Security Tactics & Techniques Matrix application security tacticsopensourcedependencyenumerationtechniques https://app-attack-matrix.com/techniques/Resource%20Development/Third-Party%20Dependency%20Poisoning/Third-Party%20Dependency%20Poisoning/ Third Party Dependency Poisoning - Application Security Tactics & Techniques Matrix application security tacticsthird partydependencypoisoningtechniques https://app-attack-matrix.com/techniques/Deepening%20Control/Exploitation%20for%20Privilege%20Escalation/subtechniques/TOCTOU/ TOCTOU (Time-of-Check-to-Time-of-Use) - Application Security Tactics & Techniques Matrix application security tacticstimecheckusetechniques https://app-attack-matrix.com/techniques/Deepening%20Control/C2%20over%20App-Protocols/subtechniques/File%20Transfer%20Protocols/ File Transfer Protocols - Application Security Tactics & Techniques Matrix application security tacticsfile transferprotocolstechniquesmatrix https://app-attack-matrix.com/techniques/Deepening%20Control/Scheduled%20Task/subtechniques/Container/ Container - Application Security Tactics & Techniques Matrix application security tacticscontainertechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Data%20Destruction/subtechniques/File%20or%20Database%20Record%20Deletion/ File or Database Record Deletion - Application Security Tactics & Techniques Matrix application security tacticsfiledatabaserecorddeletion https://app-attack-matrix.com/techniques/Expanding%20Control/Exploitation%20of%20Remote%20Services/Exploitation%20of%20Remote%20Services/ Exploitation of Remote Services - Application Security Tactics & Techniques Matrix application security tacticsremote servicesexploitationtechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Data%20Destruction/subtechniques/Lifecycle-Triggered%20Deletion/ Lifecycle-Triggered Deletion - Application Security Tactics & Techniques Matrix application security tacticslifecycletriggereddeletiontechniques https://app-attack-matrix.com/techniques/Reconnaissance/Reverse%20Engineering/Reverse%20Engineering/ Reverse Engineering - Application Security Tactics & Techniques Matrix application security tacticsreverse engineeringtechniquesmatrix https://app-attack-matrix.com/techniques/Resource%20Development/Obtain%20Capabilities/subtechniques/Vulnerabilities/ Vulnerabilities - Application Security Tactics & Techniques Matrix application security tacticsvulnerabilitiestechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Supply%20Chain%20Compromise/subtechniques/Software%20Update%20Manipulation/ Software Update Manipulation - Application Security Tactics & Techniques Matrix application security tacticssoftware updatemanipulationtechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Valid%20Accounts/subtechniques/Default%20Accounts/ Default Accounts - Application Security Tactics & Techniques Matrix application security tacticsdefaultaccountstechniquesmatrix https://app-attack-matrix.com/techniques/Expanding%20Control/Service-to-Service%20Trust%20Abuse/Service-to-Service%20Trust%20Abuse/ Service to Service Trust Abuse - Application Security Tactics & Techniques Matrix application security tacticsservicetrustabusetechniques https://app-attack-matrix.com/techniques/Reconnaissance/Application%20Dependencies%20Mapping/subtechniques/Client-Side%20Commercial%20Vendor%20Discovery/ Client-Side Commercial Vendor Discovery - Application Security Tactics & Techniques Matrix application security tacticsclient sidecommercialvendordiscovery https://app-attack-matrix.com/techniques/Resource%20Development/Develop%20Capabilities/subtechniques/Exploits/ Exploits - Application Security Tactics & Techniques Matrix application security tacticsexploitstechniquesmatrix https://app-attack-matrix.com/techniques/Deepening%20Control/Masquerading/subtechniques/Match%20Legitimate%20Name%20or%20Location/ Match Legitimate Name or Location - Application Security Tactics & Techniques Matrix application security tacticsmatchlegitimatenamelocation https://app-attack-matrix.com/techniques/Impact/Service%20Disruption/subtechniques/Traffic%20Flooding/ Traffic Flooding - Application Security Tactics & Techniques Matrix application security tacticstrafficfloodingtechniquesmatrix https://app-attack-matrix.com/tactics/Reconnaissance/ Index - Application Security Tactics & Techniques Matrix application security tacticsindextechniquesmatrix https://app-attack-matrix.com/tactics/Gain%20Access/ Index - Application Security Tactics & Techniques Matrix application security tacticsindextechniquesmatrix https://app-attack-matrix.com/about/ About - Application Security Tactics & Techniques Matrix application security tacticstechniquesmatrix https://app-attack-matrix.com/techniques/Deepening%20Control/Masquerading/Masquerading/ Masquerading - Application Security Tactics & Techniques Matrix application security tacticstechniquesmatrix https://app-attack-matrix.com/techniques/Payload%20Execution/Injection%20Exploitations/subtechniques/Arbitrary%20File%20Write%20Exploitation/ Arbitrary File Write Exploitation - Application Security Tactics & Techniques Matrix application security tacticsarbitraryfilewriteexploitation https://app-attack-matrix.com/techniques/Resource%20Development/Obtain%20Capabilities/subtechniques/Exploits/ Exploits - Application Security Tactics & Techniques Matrix application security tacticsexploitstechniquesmatrix https://app-attack-matrix.com/techniques/Payload%20Execution/Remote%20Code%20Execution%20Exploitation/subtechniques/Memory%20Pointer%20Manipulation/ Memory Pointer Manipulation - Application Security Tactics & Techniques Matrix application security tacticsmemorypointermanipulationtechniques https://app-attack-matrix.com/techniques/Reconnaissance/Application%20Dependencies%20Mapping/subtechniques/Manifest%20Inspection/ Manifest Inspection - Application Security Tactics & Techniques Matrix application security tacticsmanifestinspectiontechniquesmatrix https://app-attack-matrix.com/techniques/Resource%20Development/Third-Party%20Dependency%20Poisoning/subtechniques/Typosquatting%20Dependencies/ Typosquatting Dependencies - Application Security Tactics & Techniques Matrix application security tacticsdependenciestechniquesmatrix https://app-attack-matrix.com/techniques/Reconnaissance/Application%20Dependencies%20Mapping/subtechniques/SBOM%20Analysis/ SBOM Analysis - Application Security Tactics & Techniques Matrix application security tacticssbomanalysistechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Data%20Exfiltration/Data%20Exfiltration/ Data Exfiltration - Application Security Tactics & Techniques Matrix application security tacticsdata exfiltrationtechniquesmatrix https://app-attack-matrix.com/techniques/Resource%20Development/Compromised%20Code%20Signing%20and%20Build%20Infrastructure/subtechniques/Build%20Script%20Tampering/ Build Script Tampering - Application Security Tactics & Techniques Matrix application security tacticsbuildscripttamperingtechniques https://app-attack-matrix.com/techniques/Expanding%20Control/Cloud%20Service%20Discovery/Cloud%20Service%20Discovery/ Cloud Service Discovery - Application Security Tactics & Techniques Matrix application security tacticscloud servicediscoverytechniquesmatrix https://app-attack-matrix.com/techniques/Deepening%20Control/Exploitation%20for%20Defense%20Evasion/subtechniques/Hijacking/ Hijacking - Application Security Tactics & Techniques Matrix application security tacticshijackingtechniquesmatrix https://app-attack-matrix.com/techniques/Impact/Business%20Logic%20Manipulation/Business%20Logic%20Manipulation/ Business Logic Manipulation - Application Security Tactics & Techniques Matrix application security tacticsbusiness logicmanipulationtechniquesmatrix https://app-attack-matrix.com/techniques/Gain%20Access/Supply%20Chain%20Compromise/subtechniques/Build%20Environment%20Poisoning/ Build Environment Poisoning - Application Security Tactics & Techniques Matrix application security tacticsbuildenvironmentpoisoningtechniques https://app-attack-matrix.com/techniques/Deepening%20Control/Scheduled%20Task/subtechniques/Orchestration%20Job/ Orchestration Job - Application Security Tactics & Techniques Matrix application security tacticsorchestrationjobtechniquesmatrix