security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
901d2275c4728288d2bda46aa87d02fca7bec794
atomic-red-team/Linux/README.md
T
Michael Haag 58c0b63bc6 Updated Linux Matrix 
Updated Matrix
2018-01-16 11:47:24 -07:00

7.3 KiB
Raw Blame History

MITRE ATT&CK Matrix - Linux

Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Execution Collection Exfiltration Command and Control
.bash_profile and .bashrc Exploitation of Vulnerability Binary Padding Bash History Account Discovery Application Deployment Software Command-Line Interface Audio Capture Automated Exfiltration Commonly Used Port
Bootkit Setuid and Setgid Clear Command History Brute Force File and Directory Discovery Exploitation of Vulnerability Graphical User Interface Automated Collection Data Compressed Communication Through Removable Media
Cron Job Sudo Disabling Security Tools Create Account Network Service Scanning Remote File Copy Scripting Clipboard Data Data Encrypted Connection Proxy
Hidden Files and Directories Valid Accounts Exploitation of Vulnerability Credentials in Files Permission Groups Discovery Remote Services Source Data Staged Data Transfer Size Limits Custom Command and Control Protocol
Rc.common Web Shell File Deletion Exploitation of Vulnerability Process Discovery Third-party Software Space after Filename Data from Local System Exfiltration Over Alternative Protocol Custom Cryptographic Protocol
Redundant Access HISTCONTROL Input Capture Remote System Discovery Third-party Software Data from Network Shared Drive Exfiltration Over Command and Control Channel Data Encoding
Trap Hidden Files and Directories Network Sniffing System Information Discovery Trap Data from Removable Media Exfiltration Over Other Network Medium Data Obfuscation
Valid Accounts Indicator Removal from Tools Private Keys System Network Configuration Discovery Input Capture Exfiltration Over Physical Medium Fallback Channels
Web Shell Indicator Removal on Host Two-Factor Authentication Interception System Network Connections Discovery Screen Capture Scheduled Transfer Multi-Stage Channels
Install Root Certificate System Owner/User Discovery Multiband Communication
Masquerading Multilayer Encryption
Redundant Access Remote File Copy
Scripting Standard Application Layer Protocol
Space after Filename Standard Cryptographic Protocol
Timestomp Standard Non-Application Layer Protocol
Valid Accounts Uncommonly Used Port
Web Service
Reference in New Issue View Git Blame Copy Permalink