Test callback functionality

Callbacks are malware communications seeking instructions. An adversary will test their malware to ensure the appropriate instructions are conveyed and the callback software can be reached. [1]

ID: T1356
Sub-techniques:  No sub-techniques
Tactic: Test Capabilities
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018


Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Adversary controls the test and defender likely has no visibility.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Adversary controls or acquires all pieces of infrastructure and can test outside of defender's visibility.


  1. Tony Lee. (2012, December 11). Testing Your Defenses - Beaconing. Retrieved March 9, 2017.