The sub-techniques beta is now live! Read the release blog post for more info.

Exploit Enterprise Resources

Adversaries may attempt to exploit enterprise servers, workstations, or other resources over the network. This technique may take advantage of the mobile device's access to an internal enterprise network either through local connectivity or through a Virtual Private Network (VPN).

ID: T1428
Tactic Type: Post-Adversary Device Access
Tactic: Lateral Movement
Platform: Android, iOS
Version: 1.0
Created: 25 October 2017
Last Modified: 17 October 2018

Procedure Examples

Name Description

DressCode sets up a "general purpose tunnel" that can be used by an adversary to compromise enterprise networks that the mobile device is connected to.[1]


NotCompatible has the capability to exploit systems on an enterprise network.[2]


This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.