Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
Access Token Manipulation is a MITRE ATTACK technique where adversaries steal or impersonate Windows tokens to escalate privileges and evade controls.
Access Token Manipulation Definition: Access Token Manipulation is a MITRE ATTACK technique where adversaries steal or impersonate Windows tokens to escalate privileges and evade controls.
Access Token Manipulation is an attack technique, cataloged in the MITRE ATTACK framework, in which an adversary modifies access tokens in Windows to operate under a different user's security context and evade access controls. By stealing or impersonating tokens from existing logged-on processes, attackers can escalate privileges or move laterally while making their actions appear to come from a legitimate account. Common variants include token impersonation or theft, creating a process with a stolen token, and making and impersonating tokens with captured credentials.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →