Shared Webroot (T1051)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Shared Webroot

Associated Tactics

  • Lateral Movement

Lateral Movement (TA0008)

The adversary is trying to move through your environment. Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network. Following through on their primary objective often requires exploring the network to find their target and subsequently gaining access to it. Reaching their objective often involves pivoting through multiple systems and accounts to gain. Adversaries might install their own remote access tools to accomplish Lateral Movement or use legitimate credentials with native network and operating system tools, which may be stealthier.

View on ATT&CK

Procedure Examples

Description Source(s)
Apache. (n.d.). Apache HTTP Server Version 2.4 Documentation - Web Site Content. Retrieved July 27, 2018. Apache Server 2018
Brandt, Andrew. (2011, February 22). Malicious PHP Scripts on the Rise. Retrieved October 3, 2018. Webroot PHP 2011
Microsoft. (2016, October 20). How to: Find the Web Application Root. Retrieved July 27, 2018. Microsoft Web Root OCT 2016
capec