Input Capture (T1056)

Adversaries may use methods of capturing user input to obtain credentials or collect information. During normal system usage, users often provide credentials to various different locations, such as login pages/portals or system dialog boxes. Input capture mechanisms may be transparent to the user (e.g. Credential API Hooking) or rely on deceiving the user into providing input into what they believe to be a genuine service (e.g. Web Portal Capture).

Source: https://github.com/mitre/cti

Related Prelude attack chains

Release Date (Newest)

Filter

Search for chains, TTPs, themes, and text

Browse By:

Platforms

All
Windows
Darwin
Linux
Global
Android

Themes

Licenses

Is my host protected against APT37?

2022-12-19

Stage and execute APT37.

About PreludePrelude hardens an organization's defenses by continuously “asking” it questions through the form of safe cyberattacks. These attacks respond immediately to the latest vulnerabilities and cyber events, turning complex technical descriptions into deployable “questions”.Our mission is to increase the reach, frequency and usage of advanced security for all organizations.

Follow @preludeorg on Twitter for new chains and more.

Join the Prelude Discord to discuss chains and more.

Keep up to date with code changes and community activity on Github

preludesecurity.com Careers Tactics & Techniques Attack themes

Privacy Policy support@preludesecurity.com© 2023 Prelude Research, Inc.All rights reserved. Prelude, its logo and other trademarks are trademarks of Prelude Research, Inc. and may not be used without permission.

Input Capture (T1056)

Browse By:

Platforms

All

Windows

Darwin

Linux

Global

Android

Themes

Tags

Licenses