PH-BITBInitial Access

Browser-in-the-Browser (BitB)

Render a fake SSO popup inside the page (looks like a real browser window) — victim types creds into the attacker DOM.

§ Where this technique fits

PH-BITB is catalogued under the Initial Access tactic of the offensive-security kill-chain. It appears in 1 approved dossier in the registry, typically at step 1 on average.

§ Dossiers chaining this technique

Browser-in-the-Browser → credential theft on a trusted page
Render a fake SSO popup inside the attacker page that looks like a real OS browser window. Victim types their credentials into the attacker's DOM.
step 1 / 6

§ What commonly comes next

01
Phishing
T1566 · Initial Access
seen 1×

§ Where this technique fits

§ Dossiers chaining this technique

Browser-in-the-Browser → credential theft on a trusted page

§ What commonly comes next