Skip to main content
Cyber Defense TacticsCyber Defense Tactics
HomeLearnResourcesBlogCommunity
Cyber Defense TacticsCyber Defense Tactics

Learn defensive security, leverage AI for cyber defense, and join a community of security professionals.

Learning

  • Blog
  • Resources
  • Newsletter

Community

  • Discord
  • YouTube
  • About

Legal

  • Privacy Policy
  • Terms of Service

© 2026 Cyber Defense Tactics. All rights reserved.

A Carbene.AI Project

ATT&CK Learning Hub

Understand how adversaries operate to defend against them

14
Tactics
19
Techniques
10
Free Deep Dives

What is MITRE ATT&CK?

MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. It's organized into tactics (the "why" of an attack) and techniques (the "how").

Understanding these patterns helps defenders prioritize security controls, write better detection rules, and respond to incidents more effectively.

Featured Techniques

Deep dives available for free—no account required

T1566

Phishing

Adversaries send phishing messages to gain access to victim systems. Phishing can be targeted (spearphishing) or sent to large numbers of recipients.

Real-world exampleDefense strategies
T1190

Exploit Public-Facing Application

Adversaries may attempt to take advantage of a weakness in an Internet-facing computer or program using software, data, or commands.

Real-world exampleDefense strategies
T1059

Command and Scripting Interpreter

Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces include PowerShell, Bash, Python, and more.

Real-world exampleDefense strategies
T1547

Boot or Logon Autostart Execution

Adversaries may configure system settings to automatically execute a program during system boot or logon to maintain persistence.

Real-world exampleDefense strategies
T1548

Abuse Elevation Control Mechanism

Adversaries may abuse elevation control mechanisms like UAC bypass to gain higher privileges without prompting users.

Real-world exampleDefense strategies
T1027

Obfuscated Files or Information

Adversaries may attempt to make payloads difficult to discover or analyze by encoding, encrypting, or obfuscating contents.

Real-world exampleDefense strategies

ATT&CK Matrix

Click any technique to learn more about it

Featured (Free)
Premium
Phishing
T1566
Exploit Public-Facing Application
T1190
External Remote Services
T1133
Command and Scripting Interpreter
T1059
User Execution
T1204
Boot or Logon Autostart Execution
T1547
Scheduled Task/Job
T1053
Exploitation for Privilege Escalation
T1068
Abuse Elevation Control Mechanism
T1548
Indicator Removal
T1070
Obfuscated Files or Information
T1027
OS Credential Dumping
T1003
Brute Force
T1110
Remote Services
T1021
Use Alternate Authentication Material
T1550
Application Layer Protocol
T1071
Ingress Tool Transfer
T1105
Data Encrypted for Impact
T1486
Service Stop
T1489

Unlock the Full ATT&CK Learning Experience

Premium members get deep dives on all 200+ techniques, including real-world examples, comprehensive defense strategies, detection methods, and knowledge quizzes.