security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 45 Packages Projects Releases Wiki Activity

Merge PR #5636 from @phantinuss - Update ATT&CK Heatmap Coverage

Browse Source 
* chore: update ATT&CK heatmap

* chore: update heatmap SVG

* chore: tweak output for attack map svg

---------

Co-authored-by: phantinuss <phantinuss@users.noreply.github.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
This commit is contained in:
github-actions[bot]
2025-09-22 11:42:05 +02:00
committed by GitHub
parent 8062eadcc5
commit 12d87e7690
3 changed files with 3980 additions and 3914 deletions
Download Patch File Download Diff File Expand all files Collapse all files
other/sigma_attack_nav_coverage.json
+3978 -3912
View File
@@ -9,11 +9,11 @@
"description": "Sigma coverage heatmap generated by Sigma CLI with score function count",
"gradient": {
"colors": [
"#ffffff00",
"#ff0000"
"#66b1ffff",
"#ff66f4ff"
],
"minValue": 0,
"maxValue": 1352
"maxValue": 40
},
"techniques": [
{
@@ -61,9 +61,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "defense-evasion",
"score": 60,
"techniqueID": "T1518.001",
"tactic": "discovery",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
@@ -72,9 +72,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "persistence",
"score": 60,
"techniqueID": "T1059",
"tactic": "execution",
"score": 91,
"color": "",
"comment": "",
"enabled": true,
@@ -83,64 +83,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "privilege-escalation",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "initial-access",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "initial-access",
"score": 3,
"techniqueID": "T1204",
"tactic": "execution",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
@@ -151,6 +96,402 @@
{
"techniqueID": "T1140",
"tactic": "defense-evasion",
"score": 18,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.001",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.004",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.004",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566",
"tactic": "initial-access",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566.002",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.002",
"tactic": "execution",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204.001",
"tactic": "execution",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "privilege-escalation",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "initial-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136.001",
"tactic": "persistence",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1490",
"tactic": "impact",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1083",
"tactic": "discovery",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569.001",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1082",
"tactic": "discovery",
"score": 33,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "defense-evasion",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "persistence",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "privilege-escalation",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "initial-access",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "initial-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1113",
"tactic": "collection",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1049",
"tactic": "discovery",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1219.002",
"tactic": "command-and-control",
"score": 44,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"tactic": "execution",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.002",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.002",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.007",
"tactic": "execution",
"score": 19,
"color": "",
"comment": "",
@@ -159,6 +500,138 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071.001",
"tactic": "command-and-control",
"score": 40,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.006",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.001",
"tactic": "discovery",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1497.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1497.001",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.001",
"tactic": "discovery",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1030",
"tactic": "exfiltration",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1018",
"tactic": "discovery",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027",
"tactic": "defense-evasion",
"score": 92,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.003",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1529",
"tactic": "impact",
@@ -170,6 +643,28 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.003",
"tactic": "defense-evasion",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.006",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218",
"tactic": "defense-evasion",
@@ -215,31 +710,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1018",
"tactic": "discovery",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.001",
"tactic": "discovery",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1490",
"tactic": "impact",
"score": 25,
"techniqueID": "T1562.001",
"tactic": "defense-evasion",
"score": 109,
"color": "",
"comment": "",
"enabled": true,
@@ -269,193 +742,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1082",
"tactic": "discovery",
"score": 33,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1497.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1497.001",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.006",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.002",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.002",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1219.002",
"tactic": "command-and-control",
"score": 44,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.003",
"tactic": "defense-evasion",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "privilege-escalation",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "initial-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.006",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1040",
"tactic": "credential-access",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1040",
"tactic": "discovery",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1049",
"tactic": "discovery",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1518.001",
"tactic": "discovery",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1189",
"tactic": "initial-access",
@@ -479,9 +765,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1059",
"tactic": "execution",
"score": 91,
"techniqueID": "T1133",
"tactic": "persistence",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
@@ -490,9 +776,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1564.002",
"tactic": "defense-evasion",
"score": 4,
"techniqueID": "T1133",
"tactic": "initial-access",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
@@ -501,31 +787,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1552.003",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.002",
"tactic": "execution",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.001",
"techniqueID": "T1046",
"tactic": "discovery",
"score": 16,
"score": 14,
"color": "",
"comment": "",
"enabled": true,
@@ -534,20 +798,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1555.001",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.001",
"tactic": "defense-evasion",
"score": 3,
"techniqueID": "T1016",
"tactic": "discovery",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
@@ -578,9 +831,31 @@
"showSubtechniques": false
},
{
"techniqueID": "T1083",
"techniqueID": "T1027.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1040",
"tactic": "credential-access",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1040",
"tactic": "discovery",
"score": 21,
"score": 9,
"color": "",
"comment": "",
"enabled": true,
@@ -589,195 +864,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1113",
"tactic": "collection",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.001",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.004",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.004",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1115",
"tactic": "collection",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1016",
"tactic": "discovery",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136.001",
"tactic": "persistence",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027",
"tactic": "defense-evasion",
"score": 92,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566",
"tactic": "initial-access",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566.002",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204",
"tactic": "execution",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204.001",
"tactic": "execution",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.007",
"tactic": "execution",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.001",
"tactic": "defense-evasion",
"score": 111,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569.001",
"tactic": "execution",
"techniqueID": "T1555.001",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
@@ -786,28 +874,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1133",
"tactic": "persistence",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1133",
"tactic": "initial-access",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.001",
"tactic": "defense-evasion",
@@ -820,9 +886,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1046",
"tactic": "discovery",
"score": 14,
"techniqueID": "T1115",
"tactic": "collection",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
@@ -831,20 +897,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1030",
"tactic": "exfiltration",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"techniqueID": "T1053.002",
"tactic": "execution",
"score": 7,
"score": 8,
"color": "",
"comment": "",
"enabled": true,
@@ -853,9 +908,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"techniqueID": "T1053.002",
"tactic": "persistence",
"score": 7,
"score": 8,
"color": "",
"comment": "",
"enabled": true,
@@ -864,97 +919,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"techniqueID": "T1053.002",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071.001",
"tactic": "command-and-control",
"score": 40,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.003",
"tactic": "persistence",
"score": 45,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.003",
"tactic": "privilege-escalation",
"score": 45,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1068",
"tactic": "privilege-escalation",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1599.001",
"tactic": "defense-evasion",
"score": 1,
"score": 8,
"color": "",
"comment": "",
"enabled": true,
@@ -985,20 +952,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1055.012",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.012",
"tactic": "privilege-escalation",
"score": 4,
"techniqueID": "T1187",
"tactic": "credential-access",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
@@ -1028,6 +984,149 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.003",
"tactic": "credential-access",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1047",
"tactic": "execution",
"score": 47,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569.002",
"tactic": "execution",
"score": 42,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.002",
"tactic": "lateral-movement",
"score": 36,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1068",
"tactic": "privilege-escalation",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1190",
"tactic": "initial-access",
"score": 132,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.006",
"tactic": "lateral-movement",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1210",
"tactic": "lateral-movement",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048.003",
"tactic": "exfiltration",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048",
"tactic": "exfiltration",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1558.003",
"tactic": "credential-access",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.004",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.004",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.001",
"tactic": "credential-access",
@@ -1040,7 +1139,326 @@
"showSubtechniques": false
},
{
"techniqueID": "T1003.006",
"techniqueID": "T1496",
"tactic": "impact",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1095",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1571",
"tactic": "command-and-control",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.001",
"tactic": "lateral-movement",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1595.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071.004",
"tactic": "command-and-control",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.002",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567",
"tactic": "exfiltration",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110",
"tactic": "credential-access",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557",
"tactic": "collection",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098",
"tactic": "persistence",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098",
"tactic": "privilege-escalation",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1495",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565.001",
"tactic": "impact",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565.002",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "execution",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "privilege-escalation",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1201",
"tactic": "discovery",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1057",
"tactic": "discovery",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1033",
"tactic": "discovery",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1124",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.004",
"tactic": "defense-evasion",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1561.001",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1561.002",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1005",
"tactic": "collection",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.004",
"tactic": "defense-evasion",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.004",
"tactic": "credential-access",
"score": 7,
"color": "",
@@ -1051,7 +1469,238 @@
"showSubtechniques": false
},
{
"techniqueID": "T1554",
"techniqueID": "T1070.003",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1074",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1112",
"tactic": "defense-evasion",
"score": 85,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1112",
"tactic": "persistence",
"score": 85,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087",
"tactic": "discovery",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.003",
"tactic": "lateral-movement",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090",
"tactic": "command-and-control",
"score": 22,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021",
"tactic": "lateral-movement",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003",
"tactic": "credential-access",
"score": 32,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1213",
"tactic": "collection",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1041",
"tactic": "exfiltration",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1498",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1123",
"tactic": "collection",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.003",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.004",
"tactic": "discovery",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.007",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1611",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.005",
"tactic": "defense-evasion",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552",
"tactic": "credential-access",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1609",
"tactic": "execution",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136",
"tactic": "persistence",
"score": 3,
"color": "",
@@ -1062,9 +1711,174 @@
"showSubtechniques": false
},
{
"techniqueID": "T1187",
"techniqueID": "T1505.003",
"tactic": "persistence",
"score": 32,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1221",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1197",
"tactic": "defense-evasion",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1197",
"tactic": "persistence",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.001",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.003",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1568",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567.002",
"tactic": "exfiltration",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1584",
"tactic": "resource-development",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056",
"tactic": "credential-access",
"score": 6,
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499.004",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1482",
"tactic": "discovery",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1572",
"tactic": "command-and-control",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.003",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
@@ -1095,414 +1909,7 @@
"showSubtechniques": false
},
{
"techniqueID": "T1482",
"tactic": "discovery",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567.002",
"tactic": "exfiltration",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071.004",
"tactic": "command-and-control",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1210",
"tactic": "lateral-movement",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.003",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.011",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.011",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1106",
"tactic": "execution",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548",
"tactic": "privilege-escalation",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548",
"tactic": "defense-evasion",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.002",
"tactic": "defense-evasion",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.002",
"tactic": "privilege-escalation",
"score": 54,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.002",
"tactic": "defense-evasion",
"score": 54,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.003",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.003",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.001",
"tactic": "execution",
"score": 216,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.006",
"tactic": "lateral-movement",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055",
"tactic": "defense-evasion",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055",
"tactic": "privilege-escalation",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.011",
"tactic": "defense-evasion",
"score": 43,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.005",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.001",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.001",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.005",
"tactic": "execution",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.005",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1127",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1047",
"tactic": "execution",
"score": 47,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.003",
"tactic": "privilege-escalation",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.003",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1006",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.001",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.003",
"tactic": "credential-access",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.006",
"tactic": "credential-access",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1176",
"techniqueID": "T1554",
"tactic": "persistence",
"score": 3,
"color": "",
@@ -1512,589 +1919,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110",
"tactic": "credential-access",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110.001",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1216",
"tactic": "defense-evasion",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.001",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.002",
"tactic": "discovery",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.002",
"tactic": "discovery",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.004",
"tactic": "defense-evasion",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1202",
"tactic": "defense-evasion",
"score": 37,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036",
"tactic": "defense-evasion",
"score": 41,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1012",
"tactic": "discovery",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "persistence",
"score": 87,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "privilege-escalation",
"score": 87,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "defense-evasion",
"score": 87,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098",
"tactic": "persistence",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098",
"tactic": "privilege-escalation",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1197",
"tactic": "defense-evasion",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1197",
"tactic": "persistence",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.002",
"tactic": "lateral-movement",
"score": 36,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.001",
"tactic": "defense-evasion",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.001",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.002",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.002",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.004",
"tactic": "defense-evasion",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1190",
"tactic": "initial-access",
"score": 134,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.013",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.005",
"tactic": "defense-evasion",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1072",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1072",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.008",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003",
"tactic": "credential-access",
"score": 32,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.003",
"tactic": "persistence",
"score": 32,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1033",
"tactic": "discovery",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087",
"tactic": "discovery",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1489",
"tactic": "impact",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1112",
"tactic": "defense-evasion",
"score": 85,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1112",
"tactic": "persistence",
"score": 85,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562",
"tactic": "defense-evasion",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1486",
"tactic": "impact",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1539",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.003",
"tactic": "credential-access",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1005",
"tactic": "collection",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.006",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564",
"tactic": "defense-evasion",
@@ -2107,9 +1931,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1558.003",
"tactic": "credential-access",
"score": 16,
"techniqueID": "T1106",
"tactic": "execution",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
@@ -2118,7 +1942,150 @@
"showSubtechniques": false
},
{
"techniqueID": "T1218.009",
"techniqueID": "T1562.002",
"tactic": "defense-evasion",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.001",
"tactic": "execution",
"score": 216,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.002",
"tactic": "privilege-escalation",
"score": 54,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.002",
"tactic": "defense-evasion",
"score": 54,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.003",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.011",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.011",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.003",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548",
"tactic": "privilege-escalation",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548",
"tactic": "defense-evasion",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1176.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1615",
"tactic": "discovery",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
@@ -2128,6 +2095,61 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.001",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1216",
"tactic": "defense-evasion",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.001",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588.002",
"tactic": "resource-development",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.011",
"tactic": "defense-evasion",
"score": 43,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.005",
"tactic": "execution",
@@ -2162,7 +2184,40 @@
"showSubtechniques": false
},
{
"techniqueID": "T1027.004",
"techniqueID": "T1218.008",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.001",
"tactic": "defense-evasion",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.001",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.002",
"tactic": "defense-evasion",
"score": 6,
"color": "",
@@ -2173,20 +2228,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1037.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.001",
"techniqueID": "T1134.002",
"tactic": "privilege-escalation",
"score": 3,
"score": 6,
"color": "",
"comment": "",
"enabled": true,
@@ -2195,74 +2239,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1595",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.003",
"tactic": "execution",
"score": 35,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090",
"tactic": "command-and-control",
"score": 22,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1526",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1491.001",
"tactic": "impact",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.004",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.005",
"tactic": "credential-access",
"techniqueID": "T1218.005",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
@@ -2271,171 +2249,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567",
"tactic": "exfiltration",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "execution",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "privilege-escalation",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1649",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1485",
"tactic": "impact",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1216.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.003",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1608",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1560",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.001",
"tactic": "persistence",
"score": 37,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.001",
"tactic": "privilege-escalation",
"score": 37,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.005",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1123",
"tactic": "collection",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1587.001",
"tactic": "resource-development",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1132.001",
"tactic": "command-and-control",
@@ -2447,6 +2260,50 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036",
"tactic": "defense-evasion",
"score": 41,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1127",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562",
"tactic": "defense-evasion",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1216.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102",
"tactic": "command-and-control",
@@ -2459,42 +2316,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1572",
"tactic": "command-and-control",
"score": 22,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.001",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.008",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.008",
"techniqueID": "T1543.003",
"tactic": "persistence",
"score": 6,
"score": 45,
"color": "",
"comment": "",
"enabled": true,
@@ -2503,42 +2327,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1021",
"tactic": "lateral-movement",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.005",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "persistence",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"techniqueID": "T1543.003",
"tactic": "privilege-escalation",
"score": 11,
"score": 45,
"color": "",
"comment": "",
"enabled": true,
@@ -2547,20 +2338,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"techniqueID": "T1070.001",
"tactic": "defense-evasion",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048.003",
"tactic": "exfiltration",
"score": 8,
"score": 7,
"color": "",
"comment": "",
"enabled": true,
@@ -2579,72 +2359,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1593.003",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.004",
"tactic": "defense-evasion",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "persistence",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590.001",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.002",
"tactic": "defense-evasion",
@@ -2679,9 +2393,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1027.003",
"tactic": "defense-evasion",
"score": 5,
"techniqueID": "T1059.003",
"tactic": "execution",
"score": 35,
"color": "",
"comment": "",
"enabled": true,
@@ -2690,19 +2404,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1135",
"tactic": "discovery",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1217",
"tactic": "discovery",
"techniqueID": "T1546.007",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
@@ -2712,30 +2415,19 @@
"showSubtechniques": false
},
{
"techniqueID": "T1528",
"techniqueID": "T1546.007",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.006",
"tactic": "credential-access",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1104",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1587",
"tactic": "resource-development",
"score": 6,
"color": "",
"comment": "",
@@ -2744,325 +2436,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.002",
"tactic": "execution",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.002",
"tactic": "persistence",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.002",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048",
"tactic": "exfiltration",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1570",
"tactic": "lateral-movement",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569.002",
"tactic": "execution",
"score": 42,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.003",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.003",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.001",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.003",
"tactic": "lateral-movement",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.001",
"tactic": "lateral-movement",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1007",
"tactic": "discovery",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1563.002",
"tactic": "lateral-movement",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1185",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.002",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.002",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1615",
"tactic": "discovery",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1496",
"tactic": "impact",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588.002",
"tactic": "resource-development",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.015",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.015",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.006",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.010",
"tactic": "defense-evasion",
@@ -3075,7 +2448,172 @@
"showSubtechniques": false
},
{
"techniqueID": "T1222.001",
"techniqueID": "T1090.001",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1202",
"tactic": "defense-evasion",
"score": 37,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.005",
"tactic": "execution",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.004",
"tactic": "defense-evasion",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.002",
"tactic": "discovery",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.008",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.008",
"tactic": "persistence",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1220",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1012",
"tactic": "discovery",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1007",
"tactic": "discovery",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.002",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.001",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.001",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1563.002",
"tactic": "lateral-movement",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1587.001",
"tactic": "resource-development",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.009",
"tactic": "defense-evasion",
"score": 4,
"color": "",
@@ -3097,7 +2635,40 @@
"showSubtechniques": false
},
{
"techniqueID": "T1124",
"techniqueID": "T1546.011",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.011",
"tactic": "persistence",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1485",
"tactic": "impact",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1526",
"tactic": "discovery",
"score": 3,
"color": "",
@@ -3107,6 +2678,457 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1518",
"tactic": "discovery",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.003",
"tactic": "credential-access",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1649",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.002",
"tactic": "discovery",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1074.001",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "persistence",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "persistence",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "privilege-escalation",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "defense-evasion",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.005",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.004",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.013",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.009",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1135",
"tactic": "discovery",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.003",
"tactic": "privilege-escalation",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.003",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1217",
"tactic": "discovery",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1185",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "persistence",
"score": 88,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "privilege-escalation",
"score": 88,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "defense-evasion",
"score": 88,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1486",
"tactic": "impact",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1528",
"tactic": "credential-access",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.003",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.003",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055",
"tactic": "defense-evasion",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055",
"tactic": "privilege-escalation",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1614.001",
"tactic": "discovery",
@@ -3118,6 +3140,578 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1539",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.004",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.004",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.003",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.004",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110.001",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1560",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590.001",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.004",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1587",
"tactic": "resource-development",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.005",
"tactic": "credential-access",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.002",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.002",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.001",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.006",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.004",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.010",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.015",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.015",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1072",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1072",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1608",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1489",
"tactic": "impact",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1039",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.005",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.012",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.012",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.006",
"tactic": "execution",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.006",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1570",
"tactic": "lateral-movement",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.002",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1120",
"tactic": "discovery",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.001",
"tactic": "persistence",
"score": 37,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.001",
"tactic": "privilege-escalation",
"score": 37,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048.001",
"tactic": "exfiltration",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1620",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1622",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1622",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.005",
"tactic": "persistence",
@@ -3162,28 +3756,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.007",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.007",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.014",
"tactic": "persistence",
@@ -3251,9 +3823,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1557",
"techniqueID": "T1110.002",
"tactic": "credential-access",
"score": 5,
"score": 1,
"color": "",
"comment": "",
"enabled": true,
@@ -3262,63 +3834,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1557",
"tactic": "collection",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1518",
"tactic": "discovery",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.009",
"techniqueID": "T1211",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1074.001",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.001",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
@@ -3339,8 +3856,30 @@
"showSubtechniques": false
},
{
"techniqueID": "T1057",
"tactic": "discovery",
"techniqueID": "T1593.003",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1491.001",
"tactic": "impact",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.006",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
@@ -3349,270 +3888,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048.001",
"tactic": "exfiltration",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1201",
"tactic": "discovery",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1622",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1622",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.004",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.004",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1620",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552",
"tactic": "credential-access",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1220",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.002",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.004",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.010",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.006",
"tactic": "execution",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.003",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.003",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.004",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1095",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1120",
"tactic": "discovery",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.007",
"tactic": "defense-evasion",
@@ -3624,72 +3899,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.005",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.002",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110.002",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.004",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1211",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1212",
"tactic": "credential-access",
@@ -3702,9 +3911,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1546.011",
"tactic": "privilege-escalation",
"score": 6,
"techniqueID": "T1069",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
@@ -3713,9 +3922,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1546.011",
"tactic": "persistence",
"score": 6,
"techniqueID": "T1550.003",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
@@ -3724,8 +3933,19 @@
"showSubtechniques": false
},
{
"techniqueID": "T1039",
"tactic": "collection",
"techniqueID": "T1550.003",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1595",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
@@ -3735,7 +3955,62 @@
"showSubtechniques": false
},
{
"techniqueID": "T1027.002",
"techniqueID": "T1104",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.005",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.003",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1006",
"tactic": "defense-evasion",
"score": 1,
"color": "",
@@ -3757,9 +4032,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1571",
"tactic": "command-and-control",
"score": 5,
"techniqueID": "T1567.001",
"tactic": "exfiltration",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
@@ -3778,17 +4053,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.001",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1127.001",
"tactic": "defense-evasion",
@@ -3800,28 +4064,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567.001",
"tactic": "exfiltration",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1041",
"tactic": "exfiltration",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.002",
"tactic": "command-and-control",
@@ -3834,8 +4076,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1590.002",
"tactic": "reconnaissance",
"techniqueID": "T1027.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
@@ -3845,8 +4087,30 @@
"showSubtechniques": false
},
{
"techniqueID": "T1200",
"tactic": "initial-access",
"techniqueID": "T1555.005",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1599.001",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.013",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
@@ -3856,9 +4120,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1550.002",
"tactic": "defense-evasion",
"score": 6,
"techniqueID": "T1546.013",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
@@ -3867,9 +4131,9 @@
"showSubtechniques": false
},
{
"techniqueID": "T1550.002",
"tactic": "lateral-movement",
"score": 6,
"techniqueID": "T1547.015",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
@@ -3878,8 +4142,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1010",
"tactic": "discovery",
"techniqueID": "T1547.015",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
@@ -3899,28 +4163,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1207",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.009",
"tactic": "persistence",
@@ -3943,457 +4185,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1091",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1091",
"tactic": "initial-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "credential-access",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "defense-evasion",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "persistence",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1001.003",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.005",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.003",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.003",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1531",
"tactic": "impact",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1584",
"tactic": "resource-development",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499.001",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499.004",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550",
"tactic": "lateral-movement",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.003",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137.006",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.001",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.001",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.004",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.004",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1020",
"tactic": "exfiltration",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1589.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114.001",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.013",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.013",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.005",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1573",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.015",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.015",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137",
"tactic": "persistence",
@@ -4438,6 +4229,28 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1001.003",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137.006",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137.003",
"tactic": "persistence",
@@ -4449,6 +4262,314 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1200",
"tactic": "initial-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.002",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.002",
"tactic": "lateral-movement",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1207",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1531",
"tactic": "impact",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1010",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "credential-access",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "defense-evasion",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.003",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.003",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1091",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1091",
"tactic": "initial-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.005",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550",
"tactic": "lateral-movement",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499.001",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.009",
"tactic": "privilege-escalation",
@@ -4471,6 +4592,72 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.012",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.012",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1559.002",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.003",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.008",
"tactic": "persistence",
@@ -4494,8 +4681,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1547.005",
"tactic": "persistence",
"techniqueID": "T1546.010",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
@@ -4505,8 +4692,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1547.005",
"tactic": "privilege-escalation",
"techniqueID": "T1546.010",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
@@ -4527,18 +4714,7 @@
"showSubtechniques": false
},
{
"techniqueID": "T1546.010",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.010",
"techniqueID": "T1547.005",
"tactic": "persistence",
"score": 1,
"color": "",
@@ -4549,18 +4725,7 @@
"showSubtechniques": false
},
{
"techniqueID": "T1547.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.003",
"techniqueID": "T1547.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
@@ -4571,41 +4736,151 @@
"showSubtechniques": false
},
{
"techniqueID": "T1559.002",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.012",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.012",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.003",
"techniqueID": "T1553.005",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1573",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.001",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.001",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1589.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114.001",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1020",
"tactic": "exfiltration",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.006",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.006",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.002",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
@@ -4625,6 +4900,28 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.004",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.004",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.009",
"tactic": "defense-evasion",
@@ -4647,17 +4944,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.006",
"tactic": "persistence",
@@ -4691,50 +4977,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.002",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.006",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.006",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499",
"tactic": "impact",
@@ -4746,50 +4988,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.004",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.004",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565.001",
"tactic": "impact",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.012",
"tactic": "execution",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.001",
"tactic": "privilege-escalation",
@@ -4812,50 +5010,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1592.004",
"tactic": "reconnaissance",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1014",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.003",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.003",
"tactic": "defense-evasion",
@@ -4868,8 +5022,19 @@
"showSubtechniques": false
},
{
"techniqueID": "T1136",
"tactic": "persistence",
"techniqueID": "T1059.012",
"tactic": "execution",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1592.004",
"tactic": "reconnaissance",
"score": 3,
"color": "",
"comment": "",
@@ -4878,6 +5043,39 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.003",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1014",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588.001",
"tactic": "resource-development",
@@ -4900,83 +5098,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.003",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1568",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.002",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1221",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.003",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.003",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.001",
"tactic": "persistence",
@@ -5002,7 +5123,7 @@
{
"techniqueID": "T1556.006",
"tactic": "credential-access",
"score": 2,
"score": 3,
"color": "",
"comment": "",
"enabled": true,
@@ -5013,7 +5134,7 @@
{
"techniqueID": "T1556.006",
"tactic": "defense-evasion",
"score": 2,
"score": 3,
"color": "",
"comment": "",
"enabled": true,
@@ -5024,18 +5145,7 @@
{
"techniqueID": "T1556.006",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1586.003",
"tactic": "resource-development",
"score": 1,
"score": 3,
"color": "",
"comment": "",
"enabled": true,
@@ -5087,6 +5197,50 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.003",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.003",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1586.003",
"tactic": "resource-development",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1537",
"tactic": "exfiltration",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1213.003",
"tactic": "collection",
@@ -5101,161 +5255,7 @@
{
"techniqueID": "T1136.003",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1537",
"tactic": "exfiltration",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1606",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.004",
"tactic": "discovery",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1621",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1578",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.007",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.007",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1578.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1213",
"tactic": "collection",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1591.004",
"tactic": "reconnaissance",
"score": 2,
"score": 3,
"color": "",
"comment": "",
"enabled": true,
@@ -5275,8 +5275,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1074",
"tactic": "collection",
"techniqueID": "T1591.004",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
@@ -5285,6 +5285,28 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.002",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1199",
"tactic": "initial-access",
@@ -5297,8 +5319,63 @@
"showSubtechniques": false
},
{
"techniqueID": "T1580",
"tactic": "discovery",
"techniqueID": "T1562.007",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.008",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.001",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.009",
"tactic": "execution",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.007",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
@@ -5319,62 +5396,7 @@
"showSubtechniques": false
},
{
"techniqueID": "T1059.009",
"tactic": "execution",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.001",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.007",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1498",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.003",
"techniqueID": "T1580",
"tactic": "discovery",
"score": 1,
"color": "",
@@ -5385,30 +5407,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1611",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1609",
"tactic": "execution",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1595.002",
"tactic": "reconnaissance",
"techniqueID": "T1619",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
@@ -5418,7 +5418,51 @@
"showSubtechniques": false
},
{
"techniqueID": "T1505",
"techniqueID": "T1606",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114.003",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.005",
"tactic": "persistence",
"score": 1,
"color": "",
@@ -5429,8 +5473,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1565.002",
"tactic": "impact",
"techniqueID": "T1098.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
@@ -5440,8 +5484,19 @@
"showSubtechniques": false
},
{
"techniqueID": "T1561.001",
"tactic": "impact",
"techniqueID": "T1621",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1578.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
@@ -5451,8 +5506,8 @@
"showSubtechniques": false
},
{
"techniqueID": "T1561.002",
"tactic": "impact",
"techniqueID": "T1578",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
@@ -5462,8 +5517,30 @@
"showSubtechniques": false
},
{
"techniqueID": "T1495",
"tactic": "impact",
"techniqueID": "T1505.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.004",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1176",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
@@ -5483,17 +5560,6 @@
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.004",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1559",
"tactic": "execution",
other/sigma_attack_nav_coverage.svg
+1 -1
View File
File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 117 KiB

After

Width:  |  Height:  |  Size: 121 KiB