Threats Library
Reusable threat definitions (causes on the left side of bow-tie diagrams).
Add Threat
Tags:
clear tags
13 threats — page 1 of 1
| Name | Category | Tags | Description | |
|---|---|---|---|---|
| Hijack Execution Flow | Persistence | Adversaries may execute their own malicious payloads by hijacking the way operating systems run prog… | Edit | |
| Hijack Execution Flow: AppDomainManager | Persistence | Adversaries may execute their own malicious payloads by hijacking how the .NET AppDomainManager load… | Edit | |
| Hijack Execution Flow: COR_PROFILER | Persistence | Adversaries may leverage the COR_PROFILER environment variable to hijack the execution flow of progr… | Edit | |
| Hijack Execution Flow: DLL | Persistence | Adversaries may abuse dynamic-link library files (DLLs) in order to achieve persistence, escalate pr… | Edit | |
| Hijack Execution Flow: Dylib Hijacking | Persistence | Adversaries may execute their own payloads by placing a malicious dynamic library (dylib) with an ex… | Edit | |
| Hijack Execution Flow: Dynamic Linker Hijacking | Persistence | Adversaries may execute their own malicious payloads by hijacking environment variables the dynamic … | Edit | |
| Hijack Execution Flow: Executable Installer File Permissions Weakness | Persistence | Adversaries may execute their own malicious payloads by hijacking the binaries used by an installer.… | Edit | |
| Hijack Execution Flow: KernelCallbackTable | Persistence | Adversaries may abuse the KernelCallbackTable of a process to hijack its execution flow in order to … | Edit | |
| Hijack Execution Flow: Path Interception by PATH Environment Variable | Persistence | Adversaries may execute their own malicious payloads by hijacking environment variables used to load… | Edit | |
| Hijack Execution Flow: Path Interception by Search Order Hijacking | Persistence | Adversaries may execute their own malicious payloads by hijacking the search order used to load othe… | Edit | |
| Hijack Execution Flow: Path Interception by Unquoted Path | Persistence | Adversaries may execute their own malicious payloads by hijacking vulnerable file path references. A… | Edit | |
| Hijack Execution Flow: Services File Permissions Weakness | Persistence | Adversaries may execute their own malicious payloads by hijacking the binaries used by services. Adv… | Edit | |
| Hijack Execution Flow: Services Registry Permissions Weakness | Persistence | Adversaries may execute their own malicious payloads by hijacking the Registry entries used by servi… | Edit |