216.73.217.98

T1036.012: Browser Fingerprint

View on MITRE ATT&CK The MITRE Corporation · Published 22/09/2025 22:13 · Modified 27/03/2026 01:11

Essential information

MITRE technique ID
T1036.012
Confidence
100/100
Revoked
No
Published
22/09/2025 22:13
Modified
27/03/2026 01:11
Author / Source
The MITRE Corporation

Platforms

windows macos linux

Description

Adversaries may attempt to blend in with legitimate traffic by spoofing browser and system attributes like operating system, system language, platform, user-agent string, resolution, time zone, etc. The HTTP User-Agent request header is a string that lets servers and network peers identify the application, operating system, vendor, and/or version of the requesting user agent.(Citation: Mozilla User Agent) Adversaries may gather this information through [System Information Discovery](https://attack.mitre.org/techniques/T1082) or by users navigating to adversary-controlled websites, and then use that information to craft their web traffic to evade defenses.(Citation: Gummy Browsers: Targeted Browser Spoofing against State-of-the-Art Fingerprinting Techniques)

Kill chain phases

Kill chainPhase
mitre-attack defense-evasion

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references