MITRE ATT&CK — FreeIntelHub

T1592 — Gather Victim Host Information (Reconnaissance)

Clear filter

5 articles found

GBHackers Campaigns May 7

UAT-8302 Targets Government Agencies With Custom Malware and Open-Source Tools

A new China-linked hacking group, tracked as UAT-8302, that is using custom malware and open-source tools to spy on government organizations in South America...

T1078 T1046 T1041 +1

HackRead General Intel May 6

Best OSINT Tools for Investigations and Threat Intelligence in 2026

Explore the best OSINT tools for your digital investigations, threat intelligence, reconnaissance, and tracking online activity in 2026.

T1592

Rapid7 Blog General Rapid7 May 1

Metasploit Wrap-Up 05/01/2026

MCP server This release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server (msfmcpd), bringing Model Context Protocol support to Met...

T1592

Rapid7 Blog →

Mandiant Blog Campaigns Google Intel Feb 12

GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use

Introduction In the final quarter of 2025, Google Threat Intelligence Group (GTIG) observed threat actors increasingly integrating artificial intelligence (A...

T1204 T1592

Mandiant Blog →

Threatpost Campaigns Oracle Aug 30

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

T1203 T1189 T1592

Initial Access

T1566 Phishing T1566.001 Spearphishing Attachment T1566.002 Spearphishing Link T1190 Exploit Public-Facing Application T1133 External Remote Services T1078 Valid Accounts T1195 Supply Chain Compromise T1189 Drive-by Compromise

Execution

T1059 Command and Scripting Interpreter T1059.001 PowerShell T1203 Exploitation for Client Execution T1204 User Execution

Persistence

T1053 Scheduled Task/Job T1547 Boot or Logon Autostart Execution T1543 Create or Modify System Process

Privilege Escalation

T1548 Abuse Elevation Control Mechanism T1068 Exploitation for Privilege Escalation

Defense Evasion

T1027 Obfuscated Files or Information T1562 Impair Defenses T1070 Indicator Removal

Credential Access

T1110 Brute Force T1555 Credentials from Password Stores T1003 OS Credential Dumping T1557 Adversary-in-the-Middle T1556 Modify Authentication Process

Discovery

T1046 Network Service Discovery

Lateral Movement

T1021 Remote Services

Command and Control

T1071 Application Layer Protocol T1573 Encrypted Channel T1572 Protocol Tunneling

Exfiltration

T1041 Exfiltration Over C2 Channel T1567 Exfiltration Over Web Service

Impact

T1486 Data Encrypted for Impact T1489 Service Stop T1498 Network Denial of Service T1491 Defacement T1529 System Shutdown/Reboot

Resource Development

T1583 Acquire Infrastructure T1588 Obtain Capabilities

Reconnaissance

T1592 Gather Victim Host Information T1598 Phishing for Information