Information obtained (commonly through registration or activity logs) regarding one or more IP addresses registered with human readable names (ex: mitre.org)
Queried domain name system (DNS) registry data highlighting current domain to IP address resolutions (ex: dig/nslookup queries)
Queried domain name system (DNS) registry data highlighting current domain to IP address resolutions (ex: dig/nslookup queries)
| Domain | ID | Name | |
|---|---|---|---|
| Enterprise | T1583 | Acquire Infrastructure | |
| .001 | Domains | ||
| Enterprise | T1584 | Compromise Infrastructure | |
| .001 | Domains | ||
| .002 | DNS Server | ||
Information about domain name assignments and other domain metadata (ex: WHOIS)
Information about domain name assignments and other domain metadata (ex: WHOIS)
| Domain | ID | Name | |
|---|---|---|---|
| Enterprise | T1583 | Acquire Infrastructure | |
| .001 | Domains | ||
| Enterprise | T1584 | Compromise Infrastructure | |
| .001 | Domains | ||
Logged domain name system (DNS) data highlighting timelines of domain to IP address resolutions (ex: passive DNS)
Logged domain name system (DNS) data highlighting timelines of domain to IP address resolutions (ex: passive DNS)
| Domain | ID | Name | |
|---|---|---|---|
| Enterprise | T1583 | Acquire Infrastructure | |
| .001 | Domains | ||
| Enterprise | T1584 | Compromise Infrastructure | |
| .001 | Domains | ||
| .002 | DNS Server | ||