TLS Spoofing

ID:	TEQ-098
Phase(s):	Defence Bypass
Tactic(s):	Device Emulation

The adversary modifies TLS (Transport Layer Security) handshake attributes to evade detection or mimic legitimate traffic. For example, attackers can spoof JA3 or JA4 fingerprints to make automated traffic appear as if it originates from a real browser.

Related Kill Chains

• Account Takeover Bot
• Ad Click Bot (Target Ads)
• Arbitrage Betting Bot
• Carding Bot
• Credential Stuffing Bot
• Fake Account Creation Bot
• Form Spam Bot
• Gift Card Cracking Bot
• Inventory Hoarding Bot
• Loyalty Points Bot
• Scalper Bot
• Scraper Bot
• Sniper Bot
• Social Media Bot
• Video Watch Bot