adpare
49 lines
2.2 KiB
JSON
49 lines
2.2 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--892125fa-fcb5-4de1-bf67-5c703adb3721",
|
|
"spec_version": "2.0",
|
|
"objects": [
|
|
{
|
|
"type": "attack-pattern",
|
|
"id": "attack-pattern--d5a69cfb-fc2a-46cb-99eb-74b236db5061",
|
|
"created": "2020-05-21T17:43:26.506Z",
|
|
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
|
|
"revoked": false,
|
|
"external_references": [
|
|
{
|
|
"source_name": "mitre-attack",
|
|
"url": "https://attack.mitre.org/techniques/T0846",
|
|
"external_id": "T0846"
|
|
},
|
|
{
|
|
"source_name": "Enterprise ATT&CK January 2018",
|
|
"description": "Enterprise ATT&CK 2018, January 11 Remote System Discovery Retrieved. 2018/05/17 ",
|
|
"url": "https://attack.mitre.org/wiki/Technique/T1018"
|
|
}
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
|
|
],
|
|
"modified": "2026-04-23T19:39:03.420Z",
|
|
"name": "Remote System Discovery",
|
|
"description": "Adversaries may attempt to get a listing of other systems by IP address, hostname, or other logical identifier on a network that may be used for subsequent Lateral Movement or Discovery techniques. Functionality could exist within adversary tools to enable this, but utilities available on the operating system or vendor software could also be used.(Citation: Enterprise ATT&CK January 2018)",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "mitre-ics-attack",
|
|
"phase_name": "discovery"
|
|
}
|
|
],
|
|
"x_mitre_attack_spec_version": "3.3.0",
|
|
"x_mitre_deprecated": false,
|
|
"x_mitre_domains": [
|
|
"ics-attack"
|
|
],
|
|
"x_mitre_is_subtechnique": false,
|
|
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
|
|
"x_mitre_platforms": [
|
|
"None"
|
|
],
|
|
"x_mitre_version": "1.1"
|
|
}
|
|
]
|
|
} |