Home/ MITRE Matrix/ Credential Access/ T1557

T1557Adversary-in-the-Middle

T1557 — Adversary-in-the-Middle is a MITRE ATT&CK technique in the Credential Access tactic. Clankerusecase tracks 3 detection use cases covering it and 1 threat-intel article citing it.

Credential AccessCollection

View on the matrix → Filter Detection Library MITRE official spec ↗

3Use cases

1Articles

4Sub-techniques

2Tactics

Sub-techniques (4)

T1557.002 · ARP Cache Poisoning T1557.003 · DHCP Spoofing T1557.004 · Evil Twin T1557.001 · Name Resolution Poisoning and SMB Relay

Use cases covering this technique (3)

Cisco ASA - Packet Capture Activity ESCU actions · hunting P Detect Rogue DHCP Server ESCU actions · alerting P [LLM] Claude 'Appeal Request' phishing email with PDF attachment lure Bespoke delivery · alerting DSΣP

Articles citing this technique (1)

crit AI brands as bait: How threat actors are using the AI hype in social engineering art-102