| ID | Name |
|---|---|
| ATAGS-T1109.001 | Application Access Token |
| ATAGS-T1109.002 | Pass the Hash |
| ATAGS-T1109.003 | Pass the Ticket |
| ATAGS-T1109.004 | Web Session Cookie |
Threat Actors can use stolen session cookies to authenticate to web applications and services. This technique bypasses some multi-factor authentication protocols since the session is already authenticated.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.