Preparation
Archive Data
Authorization Token Staging
Boot Order Manipulation
CCTV Enumeration
Circumventing Security Controls
Data Obfuscation
Data Staging
Device Mounting
Email Collection
External Media Formatting
File Download
File Exploration
Impersonation
Increase Privileges
IT Ticketing System Exploration
Network Scanning
On-Screen Data Collection
Persistent Access via Bots
Physical Disk Removal
Physical Exploration
Physical Item Smuggling
Private / Incognito Browsing
Read Windows Registry
Remote Desktop (RDP)
Security Software Enumeration
Social Engineering (Outbound)
Software Installation
- Installation of Dark Web-Capable Browsers
- Installing Browser Extensions
- Installing Browsers
- Installing Cloud Storage Applications
- Installing FTP Clients
- Installing Messenger Applications
- Installing Note-Taking Applications
- Installing RDP Clients
- Installing Screen Sharing Software
- Installing SSH Clients
- Installing Virtual Machines
- Installing VPN Applications
Software or Access Request
Suspicious Web Browsing
Testing Ability to Print
- ID: PR006
- Created: 25th May 2024
- Updated: 23rd October 2025
- MITRE ATT&CK®: T1518.001
- Contributor: The ITM Team
Security Software Enumeration
A subject attempts to identify security software or other surveillance software/services on a target system.
Subsections (4)
| ID | Name | Description |
|---|---|---|
| PR006.003 | Security Enumeration via File System | A subject attempts to identify security software on a target system by looking through the file system to identify relevant directories or files. |
| PR006.004 | Security Enumeration via Network Activity | A subject attempts to identify security software by monitoring network traffic. |
| PR006.002 | Security Enumeration via Running Processes | A subject observes running processes on the target system in an attempt to identify any security agents or software that is running. |
| PR006.001 | Security Enumeration via Windows Registry | A subject attempts to identify security software through keys and values within the Windows registry. |
Preventions (1)
MITRE ATT&CK® Mapping (1)
ATT&CK Enterprise Matrix Version 17.1