Masquerading: Browser Fingerprint (T1036.012)

Tactic: Stealth · Platforms: Linux, macOS, Windows

The interactive view maps 1 detection strategy, 1 mitigation, 1 software entry to this technique, alongside D3FEND countermeasures and data-component coverage.

Sub-technique of Masquerading (T1036).

Overview

Adversaries may attempt to blend in with legitimate traffic by spoofing browser and system attributes like operating system, system language, platform, user-agent string, resolution, time zone, etc. The HTTP User-Agent request header is a string that lets servers and network peers identify the application, operating system, vendor, and/or version of the requesting user agent.

Adversaries may gather this information through System Information Discovery or by users navigating to adversary-controlled websites, and then use that information to craft their web traffic to evade defenses.

Explore