| ID | E1190 |
| Objective(s) | Impact |
| Related ATT&CK Techniques | Exploit Public-Facing Application (T1190) |
| Impact Type | Breach |
| Version | 2.0 |
| Created | 1 August 2019 |
| Last Modified | 1 March 2023 |
An exploit kit is a software system designed to exploit known vulnerabilities. Exploit kits typically include pre-written exploit code for known vulnerabilities and mechanisms to deliver the payload, such as malware, ransomware, or spyware, onto the victim's system. These kits are typically used by cybercriminals and are often sold on the dark web. They automate the exploitation process, making it easier for individuals with limited technical skills to launch attacks.
See related ATT&CK Technique: Exploit Public-Facing Application (T1190), which relates to Initial Access. Under the Impact objective, exploit behaviors are considered more broadly in MBC.
| Name | Date | Method | Description |
|---|---|---|---|
| Ursnif | 2016 | -- | Ursnif is sometimes delivered via exploit kit. [1] |
[1] https://www.cyber.nj.gov/threat-profiles/trojan-variants/ursnif