MITRE ATT&CK / T1132.002
T1132.002
Non-Standard Encoding
SUB-TECHNIQUE Command and Control
Description
Adversaries may encode data with a non-standard data encoding system to make the content of command and control traffic more difficult to detect. Command and control (C2) information can be encoded using a non-standard data encoding system that diverges from existing protocol specifications. Non-standard data encoding schemes may be based on or related to standard data encoding schemes, such as a modified Base64 encoding for the message body of an HTTP request.(Citation: Wikipedia Binary-to-text Encoding)(Citation: Wikipedia Character Encoding)
Platforms
ESXiLinuxmacOSWindows
Mitigations
- M1031 — Network Intrusion Prevention
Look up any technique
Use our free MITRE ATT&CK lookup tool, or browse the full ATT&CK matrix.
Source: MITRE ATT&CK Enterprise matrix. View on attack.mitre.org →