Data Encoding (T1132)

Tactic: Command and Control · Platforms: ESXi, Linux, macOS, Windows

The interactive view maps 1 detection strategy, 1 mitigation, 1 threat group, 7 software entries to this technique, alongside D3FEND countermeasures and data-component coverage.

Overview

Adversaries may encode data to make the content of command and control traffic more difficult to detect. Command and control (C2) information can be encoded using a standard data encoding system. Use of data encoding may adhere to existing protocol specifications and includes use of ASCII, Unicode, Base64, MIME, or other binary-to-text and character encoding systems. Some data encoding systems may also result in data compression, such as gzip.

Sub-techniques

Explore