Home/ MITRE Matrix/ Collection/ T1185

T1185Browser Session Hijacking

T1185 — Browser Session Hijacking is a MITRE ATT&CK technique in the Collection tactic. Clankerusecase tracks 11 detection use cases covering it and 2 threat-intel articles citing it.

Collection

View on the matrix → Filter Detection Library MITRE official spec ↗

11Use cases

2Articles

0Sub-techniques

1Tactic

Use cases covering this technique (11)

ASL AWS Concurrent Sessions From Different Ips ESCU actions · hunting P AWS Concurrent Sessions From Different Ips ESCU actions · alerting P Azure AD Concurrent Sessions From Different Ips ESCU actions · alerting P O365 Concurrent Sessions From Different Ips ESCU actions · alerting P Windows Browser Process Launched with Unusual Flags ESCU actions · hunting P Windows Chrome Auto-Update Disabled via Registry ESCU actions · hunting P Windows Chrome Enable Extension Loading via Command-Line ESCU actions · hunting P Windows Chrome Extension Allowed Registry Modification ESCU actions · hunting P Windows Chromium Process Loaded Extension via Command-Line ESCU actions · hunting P [LLM] Non-Chrome process modifies macOS Chrome Preferences (FlutterShell browser hijack) Bespoke actions · hunting DSΣPCS [LLM] Hoppscotch Mock Server stored XSS via GraphQL updateRESTUserRequest content-type override Bespoke exploit · hunting DSPDD

Articles citing this technique (2)

crit Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor art-150

high Aikido Attack finds multiple 0-days in Hoppscotch art-406