From the course: Introduction to the MITRE ATT&CK Framework
Join today to access over 24,700 courses taught by industry experts.
Reconnaissance
From the course: Introduction to the MITRE ATT&CK Framework
Reconnaissance
- [Instructor] In this module, we will talk about each of the ATT&CK tactics. For the starting few tactics, we would go in greater detail and take sample techniques from each as well, just so that you're able to navigate your way around the framework. As the course progresses, we will roll back to high level overviews and guidelines. The first of the ATT&CK tactic is reconnaissance. As discussed earlier, ATT&CK framework is a database so it makes sense that everything has its own unique index. TA0043 is the unique index for reconnaissance. Other tactics have their unique index as well. Similarly, other techniques also have their unique indexes. Reconnaissance consists of techniques that involve active or passive information gathering. Essentially, here attackers use a variety of techniques such as WHOIS, IP scanning, DNS queries, domain tools, et cetera, to identify more about the target of their attack. The intention here is…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.