From 941f2e9df4757065959c9bd7aa2bcc62887900eb Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Sun, 2 Nov 2025 00:16:18 +0100
Subject: [PATCH] Merge PR #5734 from @phantinuss - Update ATT&CK Heatmap
 Coverage

chore: update ATT&CK heatmap

---------

Co-authored-by: phantinuss <phantinuss@users.noreply.github.com>
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
---
 other/sigma_attack_nav_coverage.json | 377 +++++++++++++++------------
 other/sigma_attack_nav_coverage.svg  |   2 +-
 2 files changed, 206 insertions(+), 173 deletions(-)

diff --git a/other/sigma_attack_nav_coverage.json b/other/sigma_attack_nav_coverage.json
index 11079c002..b54020fa8 100644
--- a/other/sigma_attack_nav_coverage.json
+++ b/other/sigma_attack_nav_coverage.json
@@ -85,7 +85,7 @@
     {
       "techniqueID": "T1078.004",
       "tactic": "defense-evasion",
-      "score": 38,
+      "score": 40,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -96,7 +96,7 @@
     {
       "techniqueID": "T1078.004",
       "tactic": "persistence",
-      "score": 38,
+      "score": 40,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -107,7 +107,7 @@
     {
       "techniqueID": "T1078.004",
       "tactic": "privilege-escalation",
-      "score": 38,
+      "score": 40,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -118,7 +118,7 @@
     {
       "techniqueID": "T1078.004",
       "tactic": "initial-access",
-      "score": 38,
+      "score": 40,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -206,7 +206,7 @@
     {
       "techniqueID": "T1562.001",
       "tactic": "defense-evasion",
-      "score": 111,
+      "score": 113,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -302,10 +302,21 @@
       "links": [],
       "showSubtechniques": false
     },
+    {
+      "techniqueID": "T1567.001",
+      "tactic": "exfiltration",
+      "score": 2,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
     {
       "techniqueID": "T1070",
       "tactic": "defense-evasion",
-      "score": 19,
+      "score": 20,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -327,7 +338,7 @@
     {
       "techniqueID": "T1190",
       "tactic": "initial-access",
-      "score": 133,
+      "score": 140,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -393,7 +404,7 @@
     {
       "techniqueID": "T1486",
       "tactic": "impact",
-      "score": 15,
+      "score": 16,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -426,7 +437,7 @@
     {
       "techniqueID": "T1005",
       "tactic": "collection",
-      "score": 11,
+      "score": 12,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -445,6 +456,17 @@
       "links": [],
       "showSubtechniques": false
     },
+    {
+      "techniqueID": "T1110",
+      "tactic": "credential-access",
+      "score": 25,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
     {
       "techniqueID": "T1485",
       "tactic": "impact",
@@ -478,6 +500,39 @@
       "links": [],
       "showSubtechniques": false
     },
+    {
+      "techniqueID": "T1087.004",
+      "tactic": "discovery",
+      "score": 3,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
+    {
+      "techniqueID": "T1555",
+      "tactic": "credential-access",
+      "score": 8,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
+    {
+      "techniqueID": "T1003",
+      "tactic": "credential-access",
+      "score": 34,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
     {
       "techniqueID": "T1078",
       "tactic": "defense-evasion",
@@ -569,7 +624,7 @@
     {
       "techniqueID": "T1562",
       "tactic": "defense-evasion",
-      "score": 24,
+      "score": 25,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -610,6 +665,17 @@
       "links": [],
       "showSubtechniques": false
     },
+    {
+      "techniqueID": "T1608.003",
+      "tactic": "resource-development",
+      "score": 1,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
     {
       "techniqueID": "T1078.002",
       "tactic": "defense-evasion",
@@ -679,7 +745,7 @@
     {
       "techniqueID": "T1059.003",
       "tactic": "execution",
-      "score": 36,
+      "score": 40,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -753,17 +819,6 @@
       "links": [],
       "showSubtechniques": false
     },
-    {
-      "techniqueID": "T1110",
-      "tactic": "credential-access",
-      "score": 24,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
     {
       "techniqueID": "T1552.007",
       "tactic": "credential-access",
@@ -896,21 +951,10 @@
       "links": [],
       "showSubtechniques": false
     },
-    {
-      "techniqueID": "T1003",
-      "tactic": "credential-access",
-      "score": 32,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
     {
       "techniqueID": "T1059",
       "tactic": "execution",
-      "score": 91,
+      "score": 92,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -965,7 +1009,7 @@
     {
       "techniqueID": "T1552.001",
       "tactic": "credential-access",
-      "score": 20,
+      "score": 24,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1039,17 +1083,6 @@
       "links": [],
       "showSubtechniques": false
     },
-    {
-      "techniqueID": "T1087.004",
-      "tactic": "discovery",
-      "score": 2,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
     {
       "techniqueID": "T1573",
       "tactic": "command-and-control",
@@ -1163,7 +1196,7 @@
     {
       "techniqueID": "T1567.002",
       "tactic": "exfiltration",
-      "score": 12,
+      "score": 13,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1229,7 +1262,18 @@
     {
       "techniqueID": "T1204.002",
       "tactic": "execution",
-      "score": 32,
+      "score": 33,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
+    {
+      "techniqueID": "T1595",
+      "tactic": "reconnaissance",
+      "score": 3,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1284,7 +1328,7 @@
     {
       "techniqueID": "T1036.005",
       "tactic": "defense-evasion",
-      "score": 15,
+      "score": 16,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1295,7 +1339,7 @@
     {
       "techniqueID": "T1505.003",
       "tactic": "persistence",
-      "score": 32,
+      "score": 34,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1306,7 +1350,7 @@
     {
       "techniqueID": "T1083",
       "tactic": "discovery",
-      "score": 21,
+      "score": 23,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1361,7 +1405,7 @@
     {
       "techniqueID": "T1048.003",
       "tactic": "exfiltration",
-      "score": 8,
+      "score": 9,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1394,7 +1438,7 @@
     {
       "techniqueID": "T1021.002",
       "tactic": "lateral-movement",
-      "score": 36,
+      "score": 37,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1471,7 +1515,7 @@
     {
       "techniqueID": "T1048",
       "tactic": "exfiltration",
-      "score": 8,
+      "score": 11,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1493,7 +1537,7 @@
     {
       "techniqueID": "T1569.002",
       "tactic": "execution",
-      "score": 42,
+      "score": 43,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1537,7 +1581,7 @@
     {
       "techniqueID": "T1068",
       "tactic": "privilege-escalation",
-      "score": 27,
+      "score": 29,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1548,7 +1592,7 @@
     {
       "techniqueID": "T1021.006",
       "tactic": "lateral-movement",
-      "score": 9,
+      "score": 11,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1636,7 +1680,7 @@
     {
       "techniqueID": "T1557",
       "tactic": "credential-access",
-      "score": 5,
+      "score": 6,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1647,7 +1691,7 @@
     {
       "techniqueID": "T1557",
       "tactic": "collection",
-      "score": 5,
+      "score": 6,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1746,7 +1790,7 @@
     {
       "techniqueID": "T1033",
       "tactic": "discovery",
-      "score": 31,
+      "score": 30,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1768,7 +1812,7 @@
     {
       "techniqueID": "T1070.003",
       "tactic": "defense-evasion",
-      "score": 7,
+      "score": 9,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1812,7 +1856,7 @@
     {
       "techniqueID": "T1565.002",
       "tactic": "impact",
-      "score": 1,
+      "score": 2,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -1944,7 +1988,7 @@
     {
       "techniqueID": "T1562.002",
       "tactic": "defense-evasion",
-      "score": 23,
+      "score": 26,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -2095,17 +2139,6 @@
       "links": [],
       "showSubtechniques": false
     },
-    {
-      "techniqueID": "T1555",
-      "tactic": "credential-access",
-      "score": 7,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
     {
       "techniqueID": "T1555.003",
       "tactic": "credential-access",
@@ -2175,7 +2208,7 @@
     {
       "techniqueID": "T1202",
       "tactic": "defense-evasion",
-      "score": 37,
+      "score": 39,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -2186,7 +2219,7 @@
     {
       "techniqueID": "T1059.005",
       "tactic": "execution",
-      "score": 21,
+      "score": 22,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -2197,7 +2230,7 @@
     {
       "techniqueID": "T1059.007",
       "tactic": "execution",
-      "score": 19,
+      "score": 21,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -2307,7 +2340,7 @@
     {
       "techniqueID": "T1218",
       "tactic": "defense-evasion",
-      "score": 144,
+      "score": 150,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -2406,7 +2439,7 @@
     {
       "techniqueID": "T1053.005",
       "tactic": "execution",
-      "score": 48,
+      "score": 50,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -2417,7 +2450,7 @@
     {
       "techniqueID": "T1053.005",
       "tactic": "persistence",
-      "score": 48,
+      "score": 50,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -2428,7 +2461,7 @@
     {
       "techniqueID": "T1053.005",
       "tactic": "privilege-escalation",
-      "score": 48,
+      "score": 50,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -2560,7 +2593,7 @@
     {
       "techniqueID": "T1119",
       "tactic": "collection",
-      "score": 4,
+      "score": 5,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -2678,6 +2711,28 @@
       "links": [],
       "showSubtechniques": false
     },
+    {
+      "techniqueID": "T1112",
+      "tactic": "defense-evasion",
+      "score": 88,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
+    {
+      "techniqueID": "T1112",
+      "tactic": "persistence",
+      "score": 88,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
     {
       "techniqueID": "T1220",
       "tactic": "defense-evasion",
@@ -2755,28 +2810,6 @@
       "links": [],
       "showSubtechniques": false
     },
-    {
-      "techniqueID": "T1112",
-      "tactic": "defense-evasion",
-      "score": 86,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
-    {
-      "techniqueID": "T1112",
-      "tactic": "persistence",
-      "score": 86,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
     {
       "techniqueID": "T1132.001",
       "tactic": "command-and-control",
@@ -2799,10 +2832,21 @@
       "links": [],
       "showSubtechniques": false
     },
+    {
+      "techniqueID": "T1036.004",
+      "tactic": "defense-evasion",
+      "score": 3,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
     {
       "techniqueID": "T1133",
       "tactic": "persistence",
-      "score": 15,
+      "score": 16,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -2813,7 +2857,7 @@
     {
       "techniqueID": "T1133",
       "tactic": "initial-access",
-      "score": 15,
+      "score": 16,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -3418,7 +3462,7 @@
     {
       "techniqueID": "T1547.001",
       "tactic": "persistence",
-      "score": 37,
+      "score": 38,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -3429,7 +3473,7 @@
     {
       "techniqueID": "T1547.001",
       "tactic": "privilege-escalation",
-      "score": 37,
+      "score": 38,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -3462,7 +3506,7 @@
     {
       "techniqueID": "T1021.003",
       "tactic": "lateral-movement",
-      "score": 10,
+      "score": 13,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -3495,7 +3539,7 @@
     {
       "techniqueID": "T1055",
       "tactic": "defense-evasion",
-      "score": 31,
+      "score": 32,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -3506,7 +3550,7 @@
     {
       "techniqueID": "T1055",
       "tactic": "privilege-escalation",
-      "score": 31,
+      "score": 32,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -3536,17 +3580,6 @@
       "links": [],
       "showSubtechniques": false
     },
-    {
-      "techniqueID": "T1595",
-      "tactic": "reconnaissance",
-      "score": 2,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
     {
       "techniqueID": "T1027.009",
       "tactic": "defense-evasion",
@@ -3613,17 +3646,6 @@
       "links": [],
       "showSubtechniques": false
     },
-    {
-      "techniqueID": "T1104",
-      "tactic": "command-and-control",
-      "score": 1,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
     {
       "techniqueID": "T1055.001",
       "tactic": "defense-evasion",
@@ -3822,6 +3844,28 @@
       "links": [],
       "showSubtechniques": false
     },
+    {
+      "techniqueID": "T1218.014",
+      "tactic": "defense-evasion",
+      "score": 2,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
+    {
+      "techniqueID": "T1036.002",
+      "tactic": "defense-evasion",
+      "score": 3,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
     {
       "techniqueID": "T1505.005",
       "tactic": "persistence",
@@ -4064,17 +4108,6 @@
       "links": [],
       "showSubtechniques": false
     },
-    {
-      "techniqueID": "T1036.002",
-      "tactic": "defense-evasion",
-      "score": 2,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
     {
       "techniqueID": "T1562.010",
       "tactic": "defense-evasion",
@@ -4229,17 +4262,6 @@
       "links": [],
       "showSubtechniques": false
     },
-    {
-      "techniqueID": "T1567.001",
-      "tactic": "exfiltration",
-      "score": 1,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
     {
       "techniqueID": "T1127.001",
       "tactic": "defense-evasion",
@@ -4265,7 +4287,7 @@
     {
       "techniqueID": "T1041",
       "tactic": "exfiltration",
-      "score": 4,
+      "score": 5,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -4980,7 +5002,7 @@
     {
       "techniqueID": "T1078.001",
       "tactic": "defense-evasion",
-      "score": 3,
+      "score": 4,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -4991,7 +5013,7 @@
     {
       "techniqueID": "T1078.001",
       "tactic": "persistence",
-      "score": 3,
+      "score": 4,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -5002,7 +5024,7 @@
     {
       "techniqueID": "T1078.001",
       "tactic": "privilege-escalation",
-      "score": 3,
+      "score": 4,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -5013,7 +5035,7 @@
     {
       "techniqueID": "T1078.001",
       "tactic": "initial-access",
-      "score": 3,
+      "score": 4,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -5186,6 +5208,17 @@
       "links": [],
       "showSubtechniques": false
     },
+    {
+      "techniqueID": "T1562.012",
+      "tactic": "defense-evasion",
+      "score": 1,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
     {
       "techniqueID": "T1548.001",
       "tactic": "privilege-escalation",
@@ -5219,6 +5252,17 @@
       "links": [],
       "showSubtechniques": false
     },
+    {
+      "techniqueID": "T1653",
+      "tactic": "persistence",
+      "score": 1,
+      "color": "",
+      "comment": "",
+      "enabled": true,
+      "metadata": [],
+      "links": [],
+      "showSubtechniques": false
+    },
     {
       "techniqueID": "T1070.002",
       "tactic": "defense-evasion",
@@ -5442,7 +5486,7 @@
     {
       "techniqueID": "T1059.002",
       "tactic": "execution",
-      "score": 7,
+      "score": 8,
       "color": "",
       "comment": "",
       "enabled": true,
@@ -5560,17 +5604,6 @@
       "links": [],
       "showSubtechniques": false
     },
-    {
-      "techniqueID": "T1036.004",
-      "tactic": "defense-evasion",
-      "score": 2,
-      "color": "",
-      "comment": "",
-      "enabled": true,
-      "metadata": [],
-      "links": [],
-      "showSubtechniques": false
-    },
     {
       "techniqueID": "T1129",
       "tactic": "execution",
diff --git a/other/sigma_attack_nav_coverage.svg b/other/sigma_attack_nav_coverage.svg
index f8519286b..8a4f7610e 100644
--- a/other/sigma_attack_nav_coverage.svg
+++ b/other/sigma_attack_nav_coverage.svg
@@ -1,2 +1,2 @@
 <?xml version="1.0" standalone="no"?>
-<svg width="1056" height="816" xmlns="http://www.w3.org/2000/svg" id="svgvm0"><g transform="translate(5,5)" style="font-family: sans-serif;"><g><g transform="translate(0, 0)"><g transform="translate(0,5)"><rect class="header-box" width="251.56962025316454" height="86" stroke="black" fill="white" rx="5"/><rect class="label-cover" x="8" y="-12" width="37.13333511352539" height="21" fill="white" rx="5"/><text class="header-box-label" x="10" font-size="12" fill="black" y="3">about</text><g class="header-box-content" fill="black" transform="translate(5, 0)"><g transform="translate(0, 2.0975609756097526)"><text font-size="12"><tspan x="4" y="23.426829268292682">Sigma Analytics Coverage</tspan></text><line x1="0" x2="241.56962025316454" y1="39.853658536585364" y2="39.853658536585364" stroke="#dddddd"/></g><g transform="translate(0, 44.048780487804876)"><text font-size="10.627642276422764"><tspan x="4" y="10.475609756097562">Sigma coverage</tspan><tspan x="4" y="23.426829268292682">heatmap generated by Sigma</tspan><tspan x="4" y="36.3780487804878">CLI with score function count</tspan></text></g></g></g></g><g transform="translate(264.8101265822785, 0)"><g transform="translate(0,5)"><rect class="header-box" width="251.56962025316454" height="86" stroke="black" fill="white" rx="5"/><rect class="label-cover" x="8" y="-12" width="47.11666488647461" height="21" fill="white" rx="5"/><text class="header-box-label" x="10" font-size="12" fill="black" y="3">domain</text><g class="header-box-content" fill="black" transform="translate(5, 0)"><g transform="translate(0, 4.095238095238102)"><text font-size="12"><tspan x="4" y="42.4047619047619">Enterprise ATT&amp;CK v17</tspan></text></g></g></g></g><g transform="translate(529.620253164557, 0)"><g transform="translate(0,5)"><rect class="header-box" width="251.56962025316454" height="86" stroke="black" fill="white" rx="5"/><rect class="label-cover" x="8" y="-12" width="58.86666488647461" height="21" fill="white" rx="5"/><text class="header-box-label" x="10" font-size="12" fill="black" y="3">platforms</text><g class="header-box-content" fill="black" transform="translate(5, 0)"><g transform="translate(0, 4.095238095238102)"><text font-size="11.289198312236286"><tspan x="4" y="20.279761904761898">Windows, Linux, macOS,</tspan><tspan x="4" y="35.0297619047619">Network Devices, ESXi, PRE,</tspan><tspan x="4" y="49.7797619047619">Containers, IaaS, SaaS, Office</tspan><tspan x="4" y="64.5297619047619">Suite, Identity Provider</tspan></text></g></g></g></g><g transform="translate(794.4303797468355, 0)"><g transform="translate(0,5)"><rect class="header-box" width="251.56962025316454" height="86" stroke="black" fill="white" rx="5"/><rect class="label-cover" x="8" y="-12" width="42.81666564941406" height="21" fill="white" rx="5"/><text class="header-box-label" x="10" font-size="12" fill="black" y="3">legend</text><g class="header-box-content" fill="black" transform="translate(5, 0)"><g transform="translate(0, 4.095238095238102)"><g transform="translate(0, 5)"><g class="legendCells"><g class="cell" transform="translate(0,0)"><rect class="swatch" height="15" width="60.392405063291136" style="fill: rgb(102, 177, 255);"/><text class="label" transform="translate(30.196203231811523,&#xA;          25)" style="text-anchor: middle;">0.0</text></g><g class="cell" transform="translate(60.39240646362305,0)"><rect class="swatch" height="15" width="60.392405063291136" style="fill: rgb(153, 152, 251);"/><text class="label" transform="translate(30.196203231811523,&#xA;          25)" style="text-anchor: middle;">13</text></g><g class="cell" transform="translate(120.7848129272461,0)"><rect class="swatch" height="15" width="60.392405063291136" style="fill: rgb(204, 127, 248);"/><text class="label" transform="translate(30.196203231811523,&#xA;          25)" style="text-anchor: middle;">27</text></g><g class="cell" transform="translate(181.17721939086914,0)"><rect class="swatch" height="15" width="60.392405063291136" style="fill: rgb(255, 102, 244);"/><text class="label" transform="translate(30.196203231811523,&#xA;          25)" style="text-anchor: middle;">40</text></g></g></g></g></g></g></g></g><g transform="translate(0,97)"><g><g class="tactic reconnaissance" transform="translate(0, 0)"><g class="techniques"><g class="technique T1595" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Active Scanning</tspan></text></g><g class="technique T1592" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Gather Victim</tspan><tspan x="4" y="12.826086956521738">Host Information</tspan></text></g><g class="technique T1589" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Gather Victim</tspan><tspan x="4" y="12.826086956521738">Identity Information</tspan></text></g><g class="technique T1590" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Gather Victim</tspan><tspan x="4" y="12.826086956521738">Network Information</tspan></text></g><g class="technique T1591" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Gather Victim</tspan><tspan x="4" y="12.826086956521738">Org Information</tspan></text></g><g class="technique T1598" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Phishing</tspan><tspan x="4" y="12.826086956521738">for Information</tspan></text></g><g class="technique T1597" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Search</tspan><tspan x="4" y="12.826086956521738">Closed Sources</tspan></text></g><g class="technique T1596" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Search Open</tspan><tspan x="4" y="12.826086956521738">Technical Databases</tspan></text></g><g class="technique T1593" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Search Open</tspan><tspan x="4" y="12.826086956521738">Websites/Domains</tspan></text></g><g class="technique T1594" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Search Victim-Owned</tspan><tspan x="4" y="12.826086956521738">Websites</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="10.217391304347826">Reconnaissance</tspan></text></g></g><g class="tactic resource-development" transform="translate(74.71428571428571, 0)"><g class="techniques"><g class="technique T1650" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Acquire Access</tspan></text></g><g class="technique T1583" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Acquire</tspan><tspan x="4" y="12.826086956521738">Infrastructure</tspan></text></g><g class="technique T1586" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Compromise</tspan><tspan x="4" y="12.826086956521738">Accounts</tspan></text></g><g class="technique T1584" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Compromise</tspan><tspan x="4" y="12.826086956521738">Infrastructure</tspan></text></g><g class="technique T1587" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Develop</tspan><tspan x="4" y="12.826086956521738">Capabilities</tspan></text></g><g class="technique T1585" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Establish</tspan><tspan x="4" y="12.826086956521738">Accounts</tspan></text></g><g class="technique T1588" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Obtain</tspan><tspan x="4" y="12.826086956521738">Capabilities</tspan></text></g><g class="technique T1608" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Stage</tspan><tspan x="4" y="12.826086956521738">Capabilities</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="5.608695652173913">Resource</tspan><tspan text-anchor="middle" x="37.357142857142854" y="12.826086956521738">Development</tspan></text></g></g><g class="tactic initial-access" transform="translate(149.42857142857142, 0)"><g class="techniques"><g class="technique T1659" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Content</tspan><tspan x="4" y="12.826086956521738">Injection</tspan></text></g><g class="technique T1189" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#72abfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Drive-by</tspan><tspan x="4" y="12.826086956521738">Compromise</tspan></text></g><g class="technique T1190" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploit Public-Facing</tspan><tspan x="4" y="12.826086956521738">Application</tspan></text></g><g class="technique T1133" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a194fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">External</tspan><tspan x="4" y="12.826086956521738">Remote Services</tspan></text></g><g class="technique T1200" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#72abfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Hardware</tspan><tspan x="4" y="12.826086956521738">Additions</tspan></text></g><g class="technique T1566" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="11.217391304347826">Phishing</tspan></text></g><g class="technique T1091" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Replication Through</tspan><tspan x="4" y="12.826086956521738">Removable Media</tspan></text></g><g class="technique T1195" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Supply Chain</tspan><tspan x="4" y="12.826086956521738">Compromise</tspan></text></g><g class="technique T1199" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Trusted</tspan><tspan x="4" y="12.826086956521738">Relationship</tspan></text></g><g class="technique T1078" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Valid Accounts</tspan></text></g><g class="technique T1669" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Wi-Fi Networks</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="10.217391304347826">Initial Access</tspan></text></g></g><g class="tactic execution" transform="translate(224.1428571428571, 0)"><g class="techniques"><g class="technique T1651" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Cloud Administration</tspan><tspan x="4" y="12.826086956521738">Command</tspan></text></g><g class="technique T1059" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Command and</tspan><tspan x="4" y="12.826086956521738">Scripting Interpreter</tspan></text></g><g class="technique T1609" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Container</tspan><tspan x="4" y="12.826086956521738">Administration Command</tspan></text></g><g class="technique T1610" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Deploy</tspan><tspan x="4" y="12.826086956521738">Container</tspan></text></g><g class="technique T1675" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">ESXi Administration</tspan><tspan x="4" y="12.826086956521738">Command</tspan></text></g><g class="technique T1203" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#d27cf7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploitation for</tspan><tspan x="4" y="12.826086956521738">Client Execution</tspan></text></g><g class="technique T1674" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="9.217391304347826">Input Injection</tspan></text></g><g class="technique T1559" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Inter-Process</tspan><tspan x="4" y="12.826086956521738">Communication</tspan></text></g><g class="technique T1106" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Native API</tspan></text></g><g class="technique T1053" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Scheduled</tspan><tspan x="4" y="12.826086956521738">Task/Job</tspan></text></g><g class="technique T1648" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Serverless</tspan><tspan x="4" y="12.826086956521738">Execution</tspan></text></g><g class="technique T1129" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Shared Modules</tspan></text></g><g class="technique T1072" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Software</tspan><tspan x="4" y="12.826086956521738">Deployment Tools</tspan></text></g><g class="technique T1569" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">System Services</tspan></text></g><g class="technique T1204" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">User Execution</tspan></text></g><g class="technique T1047" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Windows Management</tspan><tspan x="4" y="12.826086956521738">Instrumentation</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="11.217391304347826">Execution</tspan></text></g></g><g class="tactic persistence" transform="translate(298.85714285714283, 0)"><g class="techniques"><g class="technique T1098" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#d77af7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Account</tspan><tspan x="4" y="12.826086956521738">Manipulation</tspan></text></g><g class="technique T1197" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a890fa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="11.217391304347826">BITS Jobs</tspan></text></g><g class="technique T1547" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#82a3fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Boot or Logon</tspan><tspan x="4" y="12.826086956521738">Autostart Execution</tspan></text></g><g class="technique T1037" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Boot or Logon</tspan><tspan x="4" y="12.826086956521738">Initialization Scripts</tspan></text></g><g class="technique T1671" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Cloud Application</tspan><tspan x="4" y="12.826086956521738">Integration</tspan></text></g><g class="technique T1554" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#72abfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Compromise Host</tspan><tspan x="4" y="12.826086956521738">Software Binary</tspan></text></g><g class="technique T1136" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#72abfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Create Account</tspan></text></g><g class="technique T1543" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8aa0fc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Create or Modify</tspan><tspan x="4" y="12.826086956521738">System Process</tspan></text></g><g class="technique T1546" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Event Triggered</tspan><tspan x="4" y="12.826086956521738">Execution</tspan></text></g><g class="technique T1668" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Exclusive</tspan><tspan x="4" y="12.826086956521738">Control</tspan></text></g><g class="technique T1133" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a194fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">External</tspan><tspan x="4" y="12.826086956521738">Remote Services</tspan></text></g><g class="technique T1574" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Hijack</tspan><tspan x="4" y="12.826086956521738">Execution Flow</tspan></text></g><g class="technique T1525" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Implant</tspan><tspan x="4" y="12.826086956521738">Internal Image</tspan></text></g><g class="technique T1556" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Modify Authentication</tspan><tspan x="4" y="12.826086956521738">Process</tspan></text></g><g class="technique T1112" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Modify Registry</tspan></text></g><g class="technique T1137" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8aa0fc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Office Application</tspan><tspan x="4" y="12.826086956521738">Startup</tspan></text></g><g class="technique T1653" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Power Settings</tspan></text></g><g class="technique T1542" transform="translate(0, 277.82608695652175)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Pre-OS Boot</tspan></text></g><g class="technique T1053" transform="translate(0, 293.2608695652174)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Scheduled</tspan><tspan x="4" y="12.826086956521738">Task/Job</tspan></text></g><g class="technique T1505" transform="translate(0, 308.69565217391306)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Server Software</tspan><tspan x="4" y="12.826086956521738">Component</tspan></text></g><g class="technique T1176" transform="translate(0, 324.1304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Software</tspan><tspan x="4" y="12.826086956521738">Extensions</tspan></text></g><g class="technique T1205" transform="translate(0, 339.5652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Traffic</tspan><tspan x="4" y="12.826086956521738">Signaling</tspan></text></g><g class="technique T1078" transform="translate(0, 355)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Valid Accounts</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="10.217391304347826">Persistence</tspan></text></g></g><g class="tactic privilege-escalation" transform="translate(373.57142857142856, 0)"><g class="techniques"><g class="technique T1548" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b38bf9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Abuse Elevation</tspan><tspan x="4" y="12.826086956521738">Control Mechanism</tspan></text></g><g class="technique T1134" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Access Token</tspan><tspan x="4" y="12.826086956521738">Manipulation</tspan></text></g><g class="technique T1098" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#d77af7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Account</tspan><tspan x="4" y="12.826086956521738">Manipulation</tspan></text></g><g class="technique T1547" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#82a3fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Boot or Logon</tspan><tspan x="4" y="12.826086956521738">Autostart Execution</tspan></text></g><g class="technique T1037" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Boot or Logon</tspan><tspan x="4" y="12.826086956521738">Initialization Scripts</tspan></text></g><g class="technique T1543" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8aa0fc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Create or Modify</tspan><tspan x="4" y="12.826086956521738">System Process</tspan></text></g><g class="technique T1484" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Domain or Tenant</tspan><tspan x="4" y="12.826086956521738">Policy Modification</tspan></text></g><g class="technique T1611" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Escape to Host</tspan></text></g><g class="technique T1546" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Event Triggered</tspan><tspan x="4" y="12.826086956521738">Execution</tspan></text></g><g class="technique T1068" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ca80f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploitation for</tspan><tspan x="4" y="12.826086956521738">Privilege Escalation</tspan></text></g><g class="technique T1574" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Hijack</tspan><tspan x="4" y="12.826086956521738">Execution Flow</tspan></text></g><g class="technique T1055" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#df76f6" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Process</tspan><tspan x="4" y="12.826086956521738">Injection</tspan></text></g><g class="technique T1053" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Scheduled</tspan><tspan x="4" y="12.826086956521738">Task/Job</tspan></text></g><g class="technique T1078" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Valid Accounts</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="5.608695652173913">Privilege</tspan><tspan text-anchor="middle" x="37.357142857142854" y="12.826086956521738">Escalation</tspan></text></g></g><g class="tactic defense-evasion" transform="translate(448.2857142857142, 0)"><g class="techniques"><g class="technique T1548" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b38bf9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Abuse Elevation</tspan><tspan x="4" y="12.826086956521738">Control Mechanism</tspan></text></g><g class="technique T1134" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Access Token</tspan><tspan x="4" y="12.826086956521738">Manipulation</tspan></text></g><g class="technique T1197" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a890fa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="11.217391304347826">BITS Jobs</tspan></text></g><g class="technique T1612" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Build</tspan><tspan x="4" y="12.826086956521738">Image on Host</tspan></text></g><g class="technique T1622" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Debugger</tspan><tspan x="4" y="12.826086956521738">Evasion</tspan></text></g><g class="technique T1140" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ac8ffa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Deobfuscate/Decode</tspan><tspan x="4" y="12.826086956521738">Files or Information</tspan></text></g><g class="technique T1610" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Deploy</tspan><tspan x="4" y="12.826086956521738">Container</tspan></text></g><g class="technique T1006" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Direct</tspan><tspan x="4" y="12.826086956521738">Volume Access</tspan></text></g><g class="technique T1484" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Domain or Tenant</tspan><tspan x="4" y="12.826086956521738">Policy Modification</tspan></text></g><g class="technique T1672" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Email Spoofing</tspan></text></g><g class="technique T1480" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Execution</tspan><tspan x="4" y="12.826086956521738">Guardrails</tspan></text></g><g class="technique T1211" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploitation for</tspan><tspan x="4" y="12.826086956521738">Defense Evasion</tspan></text></g><g class="technique T1222" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="4.405797101449275">File and</tspan><tspan x="4" y="9.217391304347826">Directory Permissions</tspan><tspan x="4" y="14.028985507246377">Modification</tspan></text></g><g class="technique T1564" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Hide Artifacts</tspan></text></g><g class="technique T1574" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Hijack</tspan><tspan x="4" y="12.826086956521738">Execution Flow</tspan></text></g><g class="technique T1562" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Impair Defenses</tspan></text></g><g class="technique T1656" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Impersonation</tspan></text></g><g class="technique T1070" transform="translate(0, 277.82608695652175)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b08dfa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Indicator</tspan><tspan x="4" y="12.826086956521738">Removal</tspan></text></g><g class="technique T1202" transform="translate(0, 293.2608695652174)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#f66bf5" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Indirect Command</tspan><tspan x="4" y="12.826086956521738">Execution</tspan></text></g><g class="technique T1036" transform="translate(0, 308.69565217391306)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Masquerading</tspan></text></g><g class="technique T1556" transform="translate(0, 324.1304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Modify Authentication</tspan><tspan x="4" y="12.826086956521738">Process</tspan></text></g><g class="technique T1578" transform="translate(0, 339.5652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Modify Cloud Compute</tspan><tspan x="4" y="12.826086956521738">Infrastructure</tspan></text></g><g class="technique T1666" transform="translate(0, 355)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Modify Cloud</tspan><tspan x="4" y="12.826086956521738">Resource Hierarchy</tspan></text></g><g class="technique T1112" transform="translate(0, 370.4347826086956)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Modify Registry</tspan></text></g><g class="technique T1601" transform="translate(0, 385.8695652173913)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Modify</tspan><tspan x="4" y="12.826086956521738">System Image</tspan></text></g><g class="technique T1599" transform="translate(0, 401.30434782608694)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Network Boundary</tspan><tspan x="4" y="12.826086956521738">Bridging</tspan></text></g><g class="technique T1027" transform="translate(0, 416.7391304347826)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Obfuscated Files</tspan><tspan x="4" y="12.826086956521738">or Information</tspan></text></g><g class="technique T1647" transform="translate(0, 432.1739130434783)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Plist File</tspan><tspan x="4" y="12.826086956521738">Modification</tspan></text></g><g class="technique T1542" transform="translate(0, 447.60869565217394)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Pre-OS Boot</tspan></text></g><g class="technique T1055" transform="translate(0, 463.04347826086956)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#df76f6" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Process</tspan><tspan x="4" y="12.826086956521738">Injection</tspan></text></g><g class="technique T1620" transform="translate(0, 478.4782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Reflective</tspan><tspan x="4" y="12.826086956521738">Code Loading</tspan></text></g><g class="technique T1207" transform="translate(0, 493.9130434782609)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Rogue Domain</tspan><tspan x="4" y="12.826086956521738">Controller</tspan></text></g><g class="technique T1014" transform="translate(0, 509.3478260869565)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="11.217391304347826">Rootkit</tspan></text></g><g class="technique T1553" transform="translate(0, 524.7826086956521)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Subvert</tspan><tspan x="4" y="12.826086956521738">Trust Controls</tspan></text></g><g class="technique T1218" transform="translate(0, 540.2173913043479)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Binary</tspan><tspan x="4" y="12.826086956521738">Proxy Execution</tspan></text></g><g class="technique T1216" transform="translate(0, 555.6521739130435)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9998fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Script</tspan><tspan x="4" y="12.826086956521738">Proxy Execution</tspan></text></g><g class="technique T1221" transform="translate(0, 571.0869565217391)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Template</tspan><tspan x="4" y="12.826086956521738">Injection</tspan></text></g><g class="technique T1205" transform="translate(0, 586.5217391304348)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Traffic</tspan><tspan x="4" y="12.826086956521738">Signaling</tspan></text></g><g class="technique T1127" transform="translate(0, 601.9565217391304)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b08dfa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="4.405797101449275">Trusted</tspan><tspan x="4" y="9.217391304347826">Developer Utilities</tspan><tspan x="4" y="14.028985507246377">Proxy Execution</tspan></text></g><g class="technique T1535" transform="translate(0, 617.3913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Unused/Unsupported</tspan><tspan x="4" y="12.826086956521738">Cloud Regions</tspan></text></g><g class="technique T1550" transform="translate(0, 632.8260869565217)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7aa7fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Use Alternate</tspan><tspan x="4" y="12.826086956521738">Authentication Material</tspan></text></g><g class="technique T1078" transform="translate(0, 648.2608695652174)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Valid Accounts</tspan></text></g><g class="technique T1497" transform="translate(0, 663.6956521739131)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Virtualization/Sandbox</tspan><tspan x="4" y="12.826086956521738">Evasion</tspan></text></g><g class="technique T1600" transform="translate(0, 679.1304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Weaken</tspan><tspan x="4" y="12.826086956521738">Encryption</tspan></text></g><g class="technique T1220" transform="translate(0, 694.5652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7aa7fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">XSL Script</tspan><tspan x="4" y="12.826086956521738">Processing</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="9.217391304347826">Defense Evasion</tspan></text></g></g><g class="tactic credential-access" transform="translate(523, 0)"><g class="techniques"><g class="technique T1557" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7aa7fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Adversary-in-the-Middle</tspan></text></g><g class="technique T1110" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Brute Force</tspan></text></g><g class="technique T1555" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#82a3fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Credentials from</tspan><tspan x="4" y="12.826086956521738">Password Stores</tspan></text></g><g class="technique T1212" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7aa7fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploitation for</tspan><tspan x="4" y="12.826086956521738">Credential Access</tspan></text></g><g class="technique T1187" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Forced</tspan><tspan x="4" y="12.826086956521738">Authentication</tspan></text></g><g class="technique T1606" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Forge</tspan><tspan x="4" y="12.826086956521738">Web Credentials</tspan></text></g><g class="technique T1056" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Input Capture</tspan></text></g><g class="technique T1556" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Modify Authentication</tspan><tspan x="4" y="12.826086956521738">Process</tspan></text></g><g class="technique T1111" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="4.405797101449275">Multi-Factor</tspan><tspan x="4" y="9.217391304347826">Authentication</tspan><tspan x="4" y="14.028985507246377">Interception</tspan></text></g><g class="technique T1621" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="4.405797101449275">Multi-Factor</tspan><tspan x="4" y="9.217391304347826">Authentication</tspan><tspan x="4" y="14.028985507246377">Request Generation</tspan></text></g><g class="technique T1040" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8aa0fc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Network</tspan><tspan x="4" y="12.826086956521738">Sniffing</tspan></text></g><g class="technique T1003" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#e274f6" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">OS Credential</tspan><tspan x="4" y="12.826086956521738">Dumping</tspan></text></g><g class="technique T1528" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Steal Application</tspan><tspan x="4" y="12.826086956521738">Access Token</tspan></text></g><g class="technique T1649" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7aa7fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="4.405797101449275">Steal</tspan><tspan x="4" y="9.217391304347826">or Forge Authentication</tspan><tspan x="4" y="14.028985507246377">Certificates</tspan></text></g><g class="technique T1558" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Steal or Forge</tspan><tspan x="4" y="12.826086956521738">Kerberos Tickets</tspan></text></g><g class="technique T1539" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Steal Web</tspan><tspan x="4" y="12.826086956521738">Session Cookie</tspan></text></g><g class="technique T1552" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#919cfc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Unsecured</tspan><tspan x="4" y="12.826086956521738">Credentials</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="5.608695652173913">Credential</tspan><tspan text-anchor="middle" x="37.357142857142854" y="12.826086956521738">Access</tspan></text></g></g><g class="tactic discovery" transform="translate(597.7142857142857, 0)"><g class="techniques"><g class="technique T1087" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a194fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Account</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1010" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Application</tspan><tspan x="4" y="12.826086956521738">Window Discovery</tspan></text></g><g class="technique T1217" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Browser Information</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1580" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Cloud Infrastructure</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1538" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Cloud Service</tspan><tspan x="4" y="12.826086956521738">Dashboard</tspan></text></g><g class="technique T1526" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#72abfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Cloud Service</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1619" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Cloud Storage</tspan><tspan x="4" y="12.826086956521738">Object Discovery</tspan></text></g><g class="technique T1613" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Container and</tspan><tspan x="4" y="12.826086956521738">Resource Discovery</tspan></text></g><g class="technique T1622" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Debugger</tspan><tspan x="4" y="12.826086956521738">Evasion</tspan></text></g><g class="technique T1652" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Device Driver</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1482" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a890fa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Domain</tspan><tspan x="4" y="12.826086956521738">Trust Discovery</tspan></text></g><g class="technique T1083" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b889f9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">File and Directory</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1615" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7aa7fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Group Policy</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1654" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="9.217391304347826">Log Enumeration</tspan></text></g><g class="technique T1046" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Network Service</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1135" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#82a3fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Network</tspan><tspan x="4" y="12.826086956521738">Share Discovery</tspan></text></g><g class="technique T1040" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8aa0fc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Network</tspan><tspan x="4" y="12.826086956521738">Sniffing</tspan></text></g><g class="technique T1201" transform="translate(0, 277.82608695652175)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Password Policy</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1120" transform="translate(0, 293.2608695652174)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Peripheral</tspan><tspan x="4" y="12.826086956521738">Device Discovery</tspan></text></g><g class="technique T1069" transform="translate(0, 308.69565217391306)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#72abfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Permission</tspan><tspan x="4" y="12.826086956521738">Groups Discovery</tspan></text></g><g class="technique T1057" transform="translate(0, 324.1304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#82a3fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Process</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1012" transform="translate(0, 339.5652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9998fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Query Registry</tspan></text></g><g class="technique T1018" transform="translate(0, 355)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a493fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Remote System</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1518" transform="translate(0, 370.4347826086956)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Software</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1082" transform="translate(0, 385.8695652173913)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#e672f6" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Information</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1614" transform="translate(0, 401.30434782608694)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">System Location</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1016" transform="translate(0, 416.7391304347826)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Network</tspan><tspan x="4" y="12.826086956521738">Configuration Discovery</tspan></text></g><g class="technique T1049" transform="translate(0, 432.1739130434783)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8aa0fc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Network</tspan><tspan x="4" y="12.826086956521738">Connections Discovery</tspan></text></g><g class="technique T1033" transform="translate(0, 447.60869565217394)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#df76f6" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Owner/User</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1007" transform="translate(0, 463.04347826086956)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#919cfc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Service</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1124" transform="translate(0, 478.4782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#72abfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System</tspan><tspan x="4" y="12.826086956521738">Time Discovery</tspan></text></g><g class="technique T1673" transform="translate(0, 493.9130434782609)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Virtual Machine</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1497" transform="translate(0, 509.3478260869565)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Virtualization/Sandbox</tspan><tspan x="4" y="12.826086956521738">Evasion</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="11.217391304347826">Discovery</tspan></text></g></g><g class="tactic lateral-movement" transform="translate(672.4285714285713, 0)"><g class="techniques"><g class="technique T1210" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a194fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploitation of</tspan><tspan x="4" y="12.826086956521738">Remote Services</tspan></text></g><g class="technique T1534" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Internal</tspan><tspan x="4" y="12.826086956521738">Spearphishing</tspan></text></g><g class="technique T1570" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7aa7fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Lateral</tspan><tspan x="4" y="12.826086956521738">Tool Transfer</tspan></text></g><g class="technique T1563" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Remote Service</tspan><tspan x="4" y="12.826086956521738">Session Hijacking</tspan></text></g><g class="technique T1021" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Remote Services</tspan></text></g><g class="technique T1091" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Replication Through</tspan><tspan x="4" y="12.826086956521738">Removable Media</tspan></text></g><g class="technique T1072" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Software</tspan><tspan x="4" y="12.826086956521738">Deployment Tools</tspan></text></g><g class="technique T1080" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Taint</tspan><tspan x="4" y="12.826086956521738">Shared Content</tspan></text></g><g class="technique T1550" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7aa7fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Use Alternate</tspan><tspan x="4" y="12.826086956521738">Authentication Material</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="5.608695652173913">Lateral</tspan><tspan text-anchor="middle" x="37.357142857142854" y="12.826086956521738">Movement</tspan></text></g></g><g class="tactic collection" transform="translate(747.1428571428571, 0)"><g class="techniques"><g class="technique T1557" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7aa7fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Adversary-in-the-Middle</tspan></text></g><g class="technique T1560" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Archive</tspan><tspan x="4" y="12.826086956521738">Collected Data</tspan></text></g><g class="technique T1123" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#82a3fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Audio Capture</tspan></text></g><g class="technique T1119" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Automated</tspan><tspan x="4" y="12.826086956521738">Collection</tspan></text></g><g class="technique T1185" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Browser Session</tspan><tspan x="4" y="12.826086956521738">Hijacking</tspan></text></g><g class="technique T1115" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Clipboard Data</tspan></text></g><g class="technique T1530" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Data from</tspan><tspan x="4" y="12.826086956521738">Cloud Storage</tspan></text></g><g class="technique T1602" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Data from Configuration</tspan><tspan x="4" y="12.826086956521738">Repository</tspan></text></g><g class="technique T1213" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#82a3fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data from Information</tspan><tspan x="4" y="12.826086956521738">Repositories</tspan></text></g><g class="technique T1005" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#919cfc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data from</tspan><tspan x="4" y="12.826086956521738">Local System</tspan></text></g><g class="technique T1039" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data from Network</tspan><tspan x="4" y="12.826086956521738">Shared Drive</tspan></text></g><g class="technique T1025" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Data from</tspan><tspan x="4" y="12.826086956521738">Removable Media</tspan></text></g><g class="technique T1074" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Data Staged</tspan></text></g><g class="technique T1114" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Email</tspan><tspan x="4" y="12.826086956521738">Collection</tspan></text></g><g class="technique T1056" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Input Capture</tspan></text></g><g class="technique T1113" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Screen Capture</tspan></text></g><g class="technique T1125" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Video Capture</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="10.217391304347826">Collection</tspan></text></g></g><g class="tactic command-and-control" transform="translate(821.8571428571428, 0)"><g class="techniques"><g class="technique T1071" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Application</tspan><tspan x="4" y="12.826086956521738">Layer Protocol</tspan></text></g><g class="technique T1092" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Communication Through</tspan><tspan x="4" y="12.826086956521738">Removable Media</tspan></text></g><g class="technique T1659" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Content</tspan><tspan x="4" y="12.826086956521738">Injection</tspan></text></g><g class="technique T1132" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Data Encoding</tspan></text></g><g class="technique T1001" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Data</tspan><tspan x="4" y="12.826086956521738">Obfuscation</tspan></text></g><g class="technique T1568" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Dynamic</tspan><tspan x="4" y="12.826086956521738">Resolution</tspan></text></g><g class="technique T1573" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Encrypted</tspan><tspan x="4" y="12.826086956521738">Channel</tspan></text></g><g class="technique T1008" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Fallback</tspan><tspan x="4" y="12.826086956521738">Channels</tspan></text></g><g class="technique T1665" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Hide</tspan><tspan x="4" y="12.826086956521738">Infrastructure</tspan></text></g><g class="technique T1105" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Ingress</tspan><tspan x="4" y="12.826086956521738">Tool Transfer</tspan></text></g><g class="technique T1104" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Multi-Stage</tspan><tspan x="4" y="12.826086956521738">Channels</tspan></text></g><g class="technique T1095" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#72abfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Non-Application</tspan><tspan x="4" y="12.826086956521738">Layer Protocol</tspan></text></g><g class="technique T1571" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7aa7fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Non-Standard</tspan><tspan x="4" y="12.826086956521738">Port</tspan></text></g><g class="technique T1572" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Protocol</tspan><tspan x="4" y="12.826086956521738">Tunneling</tspan></text></g><g class="technique T1090" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#bb87f9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="11.217391304347826">Proxy</tspan></text></g><g class="technique T1219" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Remote</tspan><tspan x="4" y="12.826086956521738">Access Tools</tspan></text></g><g class="technique T1205" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Traffic</tspan><tspan x="4" y="12.826086956521738">Signaling</tspan></text></g><g class="technique T1102" transform="translate(0, 277.82608695652175)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9998fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Web Service</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="5.608695652173913">Command</tspan><tspan text-anchor="middle" x="37.357142857142854" y="12.826086956521738">and Control</tspan></text></g></g><g class="tactic exfiltration" transform="translate(896.5714285714284, 0)"><g class="techniques"><g class="technique T1020" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8aa0fc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Automated</tspan><tspan x="4" y="12.826086956521738">Exfiltration</tspan></text></g><g class="technique T1030" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data Transfer</tspan><tspan x="4" y="12.826086956521738">Size Limits</tspan></text></g><g class="technique T1048" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exfiltration Over</tspan><tspan x="4" y="12.826086956521738">Alternative Protocol</tspan></text></g><g class="technique T1041" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exfiltration</tspan><tspan x="4" y="12.826086956521738">Over C2 Channel</tspan></text></g><g class="technique T1011" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Exfiltration Over</tspan><tspan x="4" y="12.826086956521738">Other Network Medium</tspan></text></g><g class="technique T1052" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Exfiltration Over</tspan><tspan x="4" y="12.826086956521738">Physical Medium</tspan></text></g><g class="technique T1567" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exfiltration</tspan><tspan x="4" y="12.826086956521738">Over Web Service</tspan></text></g><g class="technique T1029" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Scheduled</tspan><tspan x="4" y="12.826086956521738">Transfer</tspan></text></g><g class="technique T1537" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Transfer Data</tspan><tspan x="4" y="12.826086956521738">to Cloud Account</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="10.217391304347826">Exfiltration</tspan></text></g></g><g class="tactic impact" transform="translate(971.2857142857142, 0)"><g class="techniques"><g class="technique T1531" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8aa0fc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Account</tspan><tspan x="4" y="12.826086956521738">Access Removal</tspan></text></g><g class="technique T1485" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b38bf9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data</tspan><tspan x="4" y="12.826086956521738">Destruction</tspan></text></g><g class="technique T1486" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data Encrypted</tspan><tspan x="4" y="12.826086956521738">for Impact</tspan></text></g><g class="technique T1565" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#72abfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data</tspan><tspan x="4" y="12.826086956521738">Manipulation</tspan></text></g><g class="technique T1491" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Defacement</tspan></text></g><g class="technique T1561" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="11.217391304347826">Disk Wipe</tspan></text></g><g class="technique T1667" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Email Bombing</tspan></text></g><g class="technique T1499" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Endpoint Denial</tspan><tspan x="4" y="12.826086956521738">of Service</tspan></text></g><g class="technique T1657" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="9.217391304347826">Financial Theft</tspan></text></g><g class="technique T1495" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6bafff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Firmware</tspan><tspan x="4" y="12.826086956521738">Corruption</tspan></text></g><g class="technique T1490" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ca80f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Inhibit</tspan><tspan x="4" y="12.826086956521738">System Recovery</tspan></text></g><g class="technique T1498" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#72abfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Network Denial</tspan><tspan x="4" y="12.826086956521738">of Service</tspan></text></g><g class="technique T1496" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9998fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Resource</tspan><tspan x="4" y="12.826086956521738">Hijacking</tspan></text></g><g class="technique T1489" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b08dfa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Service Stop</tspan></text></g><g class="technique T1529" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System</tspan><tspan x="4" y="12.826086956521738">Shutdown/Reboot</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="11.217391304347826">Impact</tspan></text></g></g></g></g></g></svg>
\ No newline at end of file
+<svg width="1056" height="816" xmlns="http://www.w3.org/2000/svg" id="svgvm0"><g transform="translate(5,5)" style="font-family: sans-serif;"><g><g transform="translate(0, 0)"><g transform="translate(0,5)"><rect class="header-box" width="251.56962025316454" height="86" stroke="black" fill="white" rx="5"/><rect class="label-cover" x="8" y="-9.666666984558105" width="34.6953125" height="17.33333396911621" fill="white" rx="5"/><text class="header-box-label" x="10" font-size="12" fill="black" y="3">about</text><g class="header-box-content" fill="black" transform="translate(5, 0)"><g transform="translate(0, 2.0975609756097526)"><text font-size="12"><tspan x="4" y="23.426829268292682">Sigma Analytics Coverage</tspan></text><line x1="0" x2="241.56962025316454" y1="39.853658536585364" y2="39.853658536585364" stroke="#dddddd"/></g><g transform="translate(0, 44.048780487804876)"><text font-size="10.627642276422764"><tspan x="4" y="10.475609756097562">Sigma coverage</tspan><tspan x="4" y="23.426829268292682">heatmap generated by Sigma</tspan><tspan x="4" y="36.3780487804878">CLI with score function count</tspan></text></g></g></g></g><g transform="translate(264.8101265822785, 0)"><g transform="translate(0,5)"><rect class="header-box" width="251.56962025316454" height="86" stroke="black" fill="white" rx="5"/><rect class="label-cover" x="8" y="-9.666666984558105" width="43.364585876464844" height="17.33333396911621" fill="white" rx="5"/><text class="header-box-label" x="10" font-size="12" fill="black" y="3">domain</text><g class="header-box-content" fill="black" transform="translate(5, 0)"><g transform="translate(0, 4.095238095238102)"><text font-size="12"><tspan x="4" y="42.4047619047619">Enterprise ATT&amp;CK v17</tspan></text></g></g></g></g><g transform="translate(529.620253164557, 0)"><g transform="translate(0,5)"><rect class="header-box" width="251.56962025316454" height="86" stroke="black" fill="white" rx="5"/><rect class="label-cover" x="8" y="-9.666666984558105" width="53.35416793823242" height="17.33333396911621" fill="white" rx="5"/><text class="header-box-label" x="10" font-size="12" fill="black" y="3">platforms</text><g class="header-box-content" fill="black" transform="translate(5, 0)"><g transform="translate(0, 4.095238095238102)"><text font-size="11.289198312236286"><tspan x="4" y="20.279761904761898">Windows, Linux, macOS,</tspan><tspan x="4" y="35.0297619047619">Network Devices, ESXi, PRE,</tspan><tspan x="4" y="49.7797619047619">Containers, IaaS, SaaS, Office</tspan><tspan x="4" y="64.5297619047619">Suite, Identity Provider</tspan></text></g></g></g></g><g transform="translate(794.4303797468355, 0)"><g transform="translate(0,5)"><rect class="header-box" width="251.56962025316454" height="86" stroke="black" fill="white" rx="5"/><rect class="label-cover" x="8" y="-9.666666984558105" width="40.04166793823242" height="17.33333396911621" fill="white" rx="5"/><text class="header-box-label" x="10" font-size="12" fill="black" y="3">legend</text><g class="header-box-content" fill="black" transform="translate(5, 0)"><g transform="translate(0, 4.095238095238102)"><g transform="translate(0, 5)"><g class="legendCells"><g class="cell" transform="translate(0,0)"><rect class="swatch" height="15" width="60.392405063291136" style="fill: rgb(102, 177, 255);"/><text class="label" transform="translate(30.196203231811523,&#10;          25)" style="text-anchor: middle;">0.0</text></g><g class="cell" transform="translate(60.39240646362305,0)"><rect class="swatch" height="15" width="60.392405063291136" style="fill: rgb(153, 152, 251);"/><text class="label" transform="translate(30.196203231811523,&#10;          25)" style="text-anchor: middle;">6.7</text></g><g class="cell" transform="translate(120.7848129272461,0)"><rect class="swatch" height="15" width="60.392405063291136" style="fill: rgb(204, 127, 248);"/><text class="label" transform="translate(30.196203231811523,&#10;          25)" style="text-anchor: middle;">13</text></g><g class="cell" transform="translate(181.17721939086914,0)"><rect class="swatch" height="15" width="60.392405063291136" style="fill: rgb(255, 102, 244);"/><text class="label" transform="translate(30.196203231811523,&#10;          25)" style="text-anchor: middle;">20</text></g></g></g></g></g></g></g></g><g transform="translate(0,97)"><g><g class="tactic reconnaissance" transform="translate(0, 0)"><g class="techniques"><g class="technique T1595" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Active Scanning</tspan></text></g><g class="technique T1592" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Gather Victim</tspan><tspan x="4" y="12.826086956521738">Host Information</tspan></text></g><g class="technique T1589" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Gather Victim</tspan><tspan x="4" y="12.826086956521738">Identity Information</tspan></text></g><g class="technique T1590" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Gather Victim</tspan><tspan x="4" y="12.826086956521738">Network Information</tspan></text></g><g class="technique T1591" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Gather Victim</tspan><tspan x="4" y="12.826086956521738">Org Information</tspan></text></g><g class="technique T1598" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Phishing</tspan><tspan x="4" y="12.826086956521738">for Information</tspan></text></g><g class="technique T1597" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Search</tspan><tspan x="4" y="12.826086956521738">Closed Sources</tspan></text></g><g class="technique T1596" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Search Open</tspan><tspan x="4" y="12.826086956521738">Technical Databases</tspan></text></g><g class="technique T1593" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Search Open</tspan><tspan x="4" y="12.826086956521738">Websites/Domains</tspan></text></g><g class="technique T1594" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Search Victim-Owned</tspan><tspan x="4" y="12.826086956521738">Websites</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="10.217391304347826">Reconnaissance</tspan></text></g></g><g class="tactic resource-development" transform="translate(74.71428571428571, 0)"><g class="techniques"><g class="technique T1650" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Acquire Access</tspan></text></g><g class="technique T1583" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Acquire</tspan><tspan x="4" y="12.826086956521738">Infrastructure</tspan></text></g><g class="technique T1586" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Compromise</tspan><tspan x="4" y="12.826086956521738">Accounts</tspan></text></g><g class="technique T1584" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Compromise</tspan><tspan x="4" y="12.826086956521738">Infrastructure</tspan></text></g><g class="technique T1587" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Develop</tspan><tspan x="4" y="12.826086956521738">Capabilities</tspan></text></g><g class="technique T1585" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Establish</tspan><tspan x="4" y="12.826086956521738">Accounts</tspan></text></g><g class="technique T1588" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Obtain</tspan><tspan x="4" y="12.826086956521738">Capabilities</tspan></text></g><g class="technique T1608" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Stage</tspan><tspan x="4" y="12.826086956521738">Capabilities</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="5.608695652173913">Resource</tspan><tspan text-anchor="middle" x="37.357142857142854" y="12.826086956521738">Development</tspan></text></g></g><g class="tactic initial-access" transform="translate(149.42857142857142, 0)"><g class="techniques"><g class="technique T1659" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Content</tspan><tspan x="4" y="12.826086956521738">Injection</tspan></text></g><g class="technique T1189" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Drive-by</tspan><tspan x="4" y="12.826086956521738">Compromise</tspan></text></g><g class="technique T1190" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploit Public-Facing</tspan><tspan x="4" y="12.826086956521738">Application</tspan></text></g><g class="technique T1133" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#da78f7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">External</tspan><tspan x="4" y="12.826086956521738">Remote Services</tspan></text></g><g class="technique T1200" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Hardware</tspan><tspan x="4" y="12.826086956521738">Additions</tspan></text></g><g class="technique T1566" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#d27cf7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="11.217391304347826">Phishing</tspan></text></g><g class="technique T1091" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Replication Through</tspan><tspan x="4" y="12.826086956521738">Removable Media</tspan></text></g><g class="technique T1195" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Supply Chain</tspan><tspan x="4" y="12.826086956521738">Compromise</tspan></text></g><g class="technique T1199" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Trusted</tspan><tspan x="4" y="12.826086956521738">Relationship</tspan></text></g><g class="technique T1078" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Valid Accounts</tspan></text></g><g class="technique T1669" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Wi-Fi Networks</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="10.217391304347826">Initial Access</tspan></text></g></g><g class="tactic execution" transform="translate(224.1428571428571, 0)"><g class="techniques"><g class="technique T1651" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Cloud Administration</tspan><tspan x="4" y="12.826086956521738">Command</tspan></text></g><g class="technique T1059" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Command and</tspan><tspan x="4" y="12.826086956521738">Scripting Interpreter</tspan></text></g><g class="technique T1609" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Container</tspan><tspan x="4" y="12.826086956521738">Administration Command</tspan></text></g><g class="technique T1610" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Deploy</tspan><tspan x="4" y="12.826086956521738">Container</tspan></text></g><g class="technique T1675" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">ESXi Administration</tspan><tspan x="4" y="12.826086956521738">Command</tspan></text></g><g class="technique T1203" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploitation for</tspan><tspan x="4" y="12.826086956521738">Client Execution</tspan></text></g><g class="technique T1674" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="9.217391304347826">Input Injection</tspan></text></g><g class="technique T1559" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Inter-Process</tspan><tspan x="4" y="12.826086956521738">Communication</tspan></text></g><g class="technique T1106" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#d27cf7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Native API</tspan></text></g><g class="technique T1053" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Scheduled</tspan><tspan x="4" y="12.826086956521738">Task/Job</tspan></text></g><g class="technique T1648" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Serverless</tspan><tspan x="4" y="12.826086956521738">Execution</tspan></text></g><g class="technique T1129" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Shared Modules</tspan></text></g><g class="technique T1072" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Software</tspan><tspan x="4" y="12.826086956521738">Deployment Tools</tspan></text></g><g class="technique T1569" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">System Services</tspan></text></g><g class="technique T1204" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b38bf9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">User Execution</tspan></text></g><g class="technique T1047" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Windows Management</tspan><tspan x="4" y="12.826086956521738">Instrumentation</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="11.217391304347826">Execution</tspan></text></g></g><g class="tactic persistence" transform="translate(298.85714285714283, 0)"><g class="techniques"><g class="technique T1098" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Account</tspan><tspan x="4" y="12.826086956521738">Manipulation</tspan></text></g><g class="technique T1197" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#e971f6" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="11.217391304347826">BITS Jobs</tspan></text></g><g class="technique T1547" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Boot or Logon</tspan><tspan x="4" y="12.826086956521738">Autostart Execution</tspan></text></g><g class="technique T1037" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Boot or Logon</tspan><tspan x="4" y="12.826086956521738">Initialization Scripts</tspan></text></g><g class="technique T1671" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Cloud Application</tspan><tspan x="4" y="12.826086956521738">Integration</tspan></text></g><g class="technique T1554" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Compromise Host</tspan><tspan x="4" y="12.826086956521738">Software Binary</tspan></text></g><g class="technique T1136" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Create Account</tspan></text></g><g class="technique T1543" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ac8ffa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Create or Modify</tspan><tspan x="4" y="12.826086956521738">System Process</tspan></text></g><g class="technique T1546" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b38bf9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Event Triggered</tspan><tspan x="4" y="12.826086956521738">Execution</tspan></text></g><g class="technique T1668" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Exclusive</tspan><tspan x="4" y="12.826086956521738">Control</tspan></text></g><g class="technique T1133" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#da78f7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">External</tspan><tspan x="4" y="12.826086956521738">Remote Services</tspan></text></g><g class="technique T1574" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a493fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Hijack</tspan><tspan x="4" y="12.826086956521738">Execution Flow</tspan></text></g><g class="technique T1525" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Implant</tspan><tspan x="4" y="12.826086956521738">Internal Image</tspan></text></g><g class="technique T1556" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Modify Authentication</tspan><tspan x="4" y="12.826086956521738">Process</tspan></text></g><g class="technique T1112" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Modify Registry</tspan></text></g><g class="technique T1137" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ac8ffa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Office Application</tspan><tspan x="4" y="12.826086956521738">Startup</tspan></text></g><g class="technique T1653" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Power Settings</tspan></text></g><g class="technique T1542" transform="translate(0, 277.82608695652175)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Pre-OS Boot</tspan></text></g><g class="technique T1053" transform="translate(0, 293.2608695652174)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Scheduled</tspan><tspan x="4" y="12.826086956521738">Task/Job</tspan></text></g><g class="technique T1505" transform="translate(0, 308.69565217391306)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Server Software</tspan><tspan x="4" y="12.826086956521738">Component</tspan></text></g><g class="technique T1176" transform="translate(0, 324.1304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Software</tspan><tspan x="4" y="12.826086956521738">Extensions</tspan></text></g><g class="technique T1205" transform="translate(0, 339.5652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Traffic</tspan><tspan x="4" y="12.826086956521738">Signaling</tspan></text></g><g class="technique T1078" transform="translate(0, 355)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Valid Accounts</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="10.217391304347826">Persistence</tspan></text></g></g><g class="tactic privilege-escalation" transform="translate(373.57142857142856, 0)"><g class="techniques"><g class="technique T1548" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Abuse Elevation</tspan><tspan x="4" y="12.826086956521738">Control Mechanism</tspan></text></g><g class="technique T1134" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Access Token</tspan><tspan x="4" y="12.826086956521738">Manipulation</tspan></text></g><g class="technique T1098" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Account</tspan><tspan x="4" y="12.826086956521738">Manipulation</tspan></text></g><g class="technique T1547" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Boot or Logon</tspan><tspan x="4" y="12.826086956521738">Autostart Execution</tspan></text></g><g class="technique T1037" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Boot or Logon</tspan><tspan x="4" y="12.826086956521738">Initialization Scripts</tspan></text></g><g class="technique T1543" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ac8ffa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Create or Modify</tspan><tspan x="4" y="12.826086956521738">System Process</tspan></text></g><g class="technique T1484" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Domain or Tenant</tspan><tspan x="4" y="12.826086956521738">Policy Modification</tspan></text></g><g class="technique T1611" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Escape to Host</tspan></text></g><g class="technique T1546" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b38bf9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Event Triggered</tspan><tspan x="4" y="12.826086956521738">Execution</tspan></text></g><g class="technique T1068" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploitation for</tspan><tspan x="4" y="12.826086956521738">Privilege Escalation</tspan></text></g><g class="technique T1574" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a493fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Hijack</tspan><tspan x="4" y="12.826086956521738">Execution Flow</tspan></text></g><g class="technique T1055" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Process</tspan><tspan x="4" y="12.826086956521738">Injection</tspan></text></g><g class="technique T1053" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Scheduled</tspan><tspan x="4" y="12.826086956521738">Task/Job</tspan></text></g><g class="technique T1078" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Valid Accounts</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="5.608695652173913">Privilege</tspan><tspan text-anchor="middle" x="37.357142857142854" y="12.826086956521738">Escalation</tspan></text></g></g><g class="tactic defense-evasion" transform="translate(448.2857142857142, 0)"><g class="techniques"><g class="technique T1548" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Abuse Elevation</tspan><tspan x="4" y="12.826086956521738">Control Mechanism</tspan></text></g><g class="technique T1134" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Access Token</tspan><tspan x="4" y="12.826086956521738">Manipulation</tspan></text></g><g class="technique T1197" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#e971f6" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="11.217391304347826">BITS Jobs</tspan></text></g><g class="technique T1612" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Build</tspan><tspan x="4" y="12.826086956521738">Image on Host</tspan></text></g><g class="technique T1622" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Debugger</tspan><tspan x="4" y="12.826086956521738">Evasion</tspan></text></g><g class="technique T1140" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#f16df5" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Deobfuscate/Decode</tspan><tspan x="4" y="12.826086956521738">Files or Information</tspan></text></g><g class="technique T1610" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Deploy</tspan><tspan x="4" y="12.826086956521738">Container</tspan></text></g><g class="technique T1006" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Direct</tspan><tspan x="4" y="12.826086956521738">Volume Access</tspan></text></g><g class="technique T1484" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Domain or Tenant</tspan><tspan x="4" y="12.826086956521738">Policy Modification</tspan></text></g><g class="technique T1672" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Email Spoofing</tspan></text></g><g class="technique T1480" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Execution</tspan><tspan x="4" y="12.826086956521738">Guardrails</tspan></text></g><g class="technique T1211" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploitation for</tspan><tspan x="4" y="12.826086956521738">Defense Evasion</tspan></text></g><g class="technique T1222" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="4.405797101449275">File and</tspan><tspan x="4" y="9.217391304347826">Directory Permissions</tspan><tspan x="4" y="14.028985507246377">Modification</tspan></text></g><g class="technique T1564" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b38bf9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Hide Artifacts</tspan></text></g><g class="technique T1574" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a493fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Hijack</tspan><tspan x="4" y="12.826086956521738">Execution Flow</tspan></text></g><g class="technique T1562" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Impair Defenses</tspan></text></g><g class="technique T1656" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Impersonation</tspan></text></g><g class="technique T1070" transform="translate(0, 277.82608695652175)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#f969f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Indicator</tspan><tspan x="4" y="12.826086956521738">Removal</tspan></text></g><g class="technique T1202" transform="translate(0, 293.2608695652174)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Indirect Command</tspan><tspan x="4" y="12.826086956521738">Execution</tspan></text></g><g class="technique T1036" transform="translate(0, 308.69565217391306)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Masquerading</tspan></text></g><g class="technique T1556" transform="translate(0, 324.1304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Modify Authentication</tspan><tspan x="4" y="12.826086956521738">Process</tspan></text></g><g class="technique T1578" transform="translate(0, 339.5652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Modify Cloud Compute</tspan><tspan x="4" y="12.826086956521738">Infrastructure</tspan></text></g><g class="technique T1666" transform="translate(0, 355)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Modify Cloud</tspan><tspan x="4" y="12.826086956521738">Resource Hierarchy</tspan></text></g><g class="technique T1112" transform="translate(0, 370.4347826086956)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Modify Registry</tspan></text></g><g class="technique T1601" transform="translate(0, 385.8695652173913)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Modify</tspan><tspan x="4" y="12.826086956521738">System Image</tspan></text></g><g class="technique T1599" transform="translate(0, 401.30434782608694)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Network Boundary</tspan><tspan x="4" y="12.826086956521738">Bridging</tspan></text></g><g class="technique T1027" transform="translate(0, 416.7391304347826)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Obfuscated Files</tspan><tspan x="4" y="12.826086956521738">or Information</tspan></text></g><g class="technique T1647" transform="translate(0, 432.1739130434783)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Plist File</tspan><tspan x="4" y="12.826086956521738">Modification</tspan></text></g><g class="technique T1542" transform="translate(0, 447.60869565217394)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Pre-OS Boot</tspan></text></g><g class="technique T1055" transform="translate(0, 463.04347826086956)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Process</tspan><tspan x="4" y="12.826086956521738">Injection</tspan></text></g><g class="technique T1620" transform="translate(0, 478.4782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Reflective</tspan><tspan x="4" y="12.826086956521738">Code Loading</tspan></text></g><g class="technique T1207" transform="translate(0, 493.9130434782609)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Rogue Domain</tspan><tspan x="4" y="12.826086956521738">Controller</tspan></text></g><g class="technique T1014" transform="translate(0, 509.3478260869565)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="11.217391304347826">Rootkit</tspan></text></g><g class="technique T1553" transform="translate(0, 524.7826086956521)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Subvert</tspan><tspan x="4" y="12.826086956521738">Trust Controls</tspan></text></g><g class="technique T1218" transform="translate(0, 540.2173913043479)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Binary</tspan><tspan x="4" y="12.826086956521738">Proxy Execution</tspan></text></g><g class="technique T1216" transform="translate(0, 555.6521739130435)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ca80f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Script</tspan><tspan x="4" y="12.826086956521738">Proxy Execution</tspan></text></g><g class="technique T1221" transform="translate(0, 571.0869565217391)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Template</tspan><tspan x="4" y="12.826086956521738">Injection</tspan></text></g><g class="technique T1205" transform="translate(0, 586.5217391304348)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Traffic</tspan><tspan x="4" y="12.826086956521738">Signaling</tspan></text></g><g class="technique T1127" transform="translate(0, 601.9565217391304)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#f969f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="4.405797101449275">Trusted</tspan><tspan x="4" y="9.217391304347826">Developer Utilities</tspan><tspan x="4" y="14.028985507246377">Proxy Execution</tspan></text></g><g class="technique T1535" transform="translate(0, 617.3913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Unused/Unsupported</tspan><tspan x="4" y="12.826086956521738">Cloud Regions</tspan></text></g><g class="technique T1550" transform="translate(0, 632.8260869565217)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Use Alternate</tspan><tspan x="4" y="12.826086956521738">Authentication Material</tspan></text></g><g class="technique T1078" transform="translate(0, 648.2608695652174)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Valid Accounts</tspan></text></g><g class="technique T1497" transform="translate(0, 663.6956521739131)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Virtualization/Sandbox</tspan><tspan x="4" y="12.826086956521738">Evasion</tspan></text></g><g class="technique T1600" transform="translate(0, 679.1304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Weaken</tspan><tspan x="4" y="12.826086956521738">Encryption</tspan></text></g><g class="technique T1220" transform="translate(0, 694.5652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">XSL Script</tspan><tspan x="4" y="12.826086956521738">Processing</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="9.217391304347826">Defense Evasion</tspan></text></g></g><g class="tactic credential-access" transform="translate(523, 0)"><g class="techniques"><g class="technique T1557" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Adversary-in-the-Middle</tspan></text></g><g class="technique T1110" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Brute Force</tspan></text></g><g class="technique T1555" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Credentials from</tspan><tspan x="4" y="12.826086956521738">Password Stores</tspan></text></g><g class="technique T1212" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploitation for</tspan><tspan x="4" y="12.826086956521738">Credential Access</tspan></text></g><g class="technique T1187" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Forced</tspan><tspan x="4" y="12.826086956521738">Authentication</tspan></text></g><g class="technique T1606" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Forge</tspan><tspan x="4" y="12.826086956521738">Web Credentials</tspan></text></g><g class="technique T1056" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Input Capture</tspan></text></g><g class="technique T1556" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Modify Authentication</tspan><tspan x="4" y="12.826086956521738">Process</tspan></text></g><g class="technique T1111" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="4.405797101449275">Multi-Factor</tspan><tspan x="4" y="9.217391304347826">Authentication</tspan><tspan x="4" y="14.028985507246377">Interception</tspan></text></g><g class="technique T1621" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="4.405797101449275">Multi-Factor</tspan><tspan x="4" y="9.217391304347826">Authentication</tspan><tspan x="4" y="14.028985507246377">Request Generation</tspan></text></g><g class="technique T1040" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ac8ffa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Network</tspan><tspan x="4" y="12.826086956521738">Sniffing</tspan></text></g><g class="technique T1003" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">OS Credential</tspan><tspan x="4" y="12.826086956521738">Dumping</tspan></text></g><g class="technique T1528" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#d27cf7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Steal Application</tspan><tspan x="4" y="12.826086956521738">Access Token</tspan></text></g><g class="technique T1649" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="4.405797101449275">Steal</tspan><tspan x="4" y="9.217391304347826">or Forge Authentication</tspan><tspan x="4" y="14.028985507246377">Certificates</tspan></text></g><g class="technique T1558" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Steal or Forge</tspan><tspan x="4" y="12.826086956521738">Kerberos Tickets</tspan></text></g><g class="technique T1539" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Steal Web</tspan><tspan x="4" y="12.826086956521738">Session Cookie</tspan></text></g><g class="technique T1552" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#bb87f9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Unsecured</tspan><tspan x="4" y="12.826086956521738">Credentials</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="5.608695652173913">Credential</tspan><tspan text-anchor="middle" x="37.357142857142854" y="12.826086956521738">Access</tspan></text></g></g><g class="tactic discovery" transform="translate(597.7142857142857, 0)"><g class="techniques"><g class="technique T1087" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#da78f7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Account</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1010" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Application</tspan><tspan x="4" y="12.826086956521738">Window Discovery</tspan></text></g><g class="technique T1217" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Browser Information</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1580" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Cloud Infrastructure</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1538" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Cloud Service</tspan><tspan x="4" y="12.826086956521738">Dashboard</tspan></text></g><g class="technique T1526" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Cloud Service</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1619" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Cloud Storage</tspan><tspan x="4" y="12.826086956521738">Object Discovery</tspan></text></g><g class="technique T1613" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Container and</tspan><tspan x="4" y="12.826086956521738">Resource Discovery</tspan></text></g><g class="technique T1622" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Debugger</tspan><tspan x="4" y="12.826086956521738">Evasion</tspan></text></g><g class="technique T1652" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Device Driver</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1482" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#e971f6" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Domain</tspan><tspan x="4" y="12.826086956521738">Trust Discovery</tspan></text></g><g class="technique T1083" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">File and Directory</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1615" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Group Policy</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1654" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="9.217391304347826">Log Enumeration</tspan></text></g><g class="technique T1046" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#d27cf7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Network Service</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1135" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Network</tspan><tspan x="4" y="12.826086956521738">Share Discovery</tspan></text></g><g class="technique T1040" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ac8ffa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Network</tspan><tspan x="4" y="12.826086956521738">Sniffing</tspan></text></g><g class="technique T1201" transform="translate(0, 277.82608695652175)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Password Policy</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1120" transform="translate(0, 293.2608695652174)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Peripheral</tspan><tspan x="4" y="12.826086956521738">Device Discovery</tspan></text></g><g class="technique T1069" transform="translate(0, 308.69565217391306)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Permission</tspan><tspan x="4" y="12.826086956521738">Groups Discovery</tspan></text></g><g class="technique T1057" transform="translate(0, 324.1304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Process</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1012" transform="translate(0, 339.5652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#d27cf7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Query Registry</tspan></text></g><g class="technique T1018" transform="translate(0, 355)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#e274f6" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Remote System</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1518" transform="translate(0, 370.4347826086956)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Software</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1082" transform="translate(0, 385.8695652173913)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Information</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1614" transform="translate(0, 401.30434782608694)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">System Location</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1016" transform="translate(0, 416.7391304347826)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Network</tspan><tspan x="4" y="12.826086956521738">Configuration Discovery</tspan></text></g><g class="technique T1049" transform="translate(0, 432.1739130434783)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ac8ffa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Network</tspan><tspan x="4" y="12.826086956521738">Connections Discovery</tspan></text></g><g class="technique T1033" transform="translate(0, 447.60869565217394)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Owner/User</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1007" transform="translate(0, 463.04347826086956)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#bb87f9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System Service</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1124" transform="translate(0, 478.4782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System</tspan><tspan x="4" y="12.826086956521738">Time Discovery</tspan></text></g><g class="technique T1673" transform="translate(0, 493.9130434782609)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Virtual Machine</tspan><tspan x="4" y="12.826086956521738">Discovery</tspan></text></g><g class="technique T1497" transform="translate(0, 509.3478260869565)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Virtualization/Sandbox</tspan><tspan x="4" y="12.826086956521738">Evasion</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="11.217391304347826">Discovery</tspan></text></g></g><g class="tactic lateral-movement" transform="translate(672.4285714285713, 0)"><g class="techniques"><g class="technique T1210" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#da78f7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exploitation of</tspan><tspan x="4" y="12.826086956521738">Remote Services</tspan></text></g><g class="technique T1534" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Internal</tspan><tspan x="4" y="12.826086956521738">Spearphishing</tspan></text></g><g class="technique T1570" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Lateral</tspan><tspan x="4" y="12.826086956521738">Tool Transfer</tspan></text></g><g class="technique T1563" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Remote Service</tspan><tspan x="4" y="12.826086956521738">Session Hijacking</tspan></text></g><g class="technique T1021" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b38bf9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Remote Services</tspan></text></g><g class="technique T1091" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Replication Through</tspan><tspan x="4" y="12.826086956521738">Removable Media</tspan></text></g><g class="technique T1072" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Software</tspan><tspan x="4" y="12.826086956521738">Deployment Tools</tspan></text></g><g class="technique T1080" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Taint</tspan><tspan x="4" y="12.826086956521738">Shared Content</tspan></text></g><g class="technique T1550" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Use Alternate</tspan><tspan x="4" y="12.826086956521738">Authentication Material</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="5.608695652173913">Lateral</tspan><tspan text-anchor="middle" x="37.357142857142854" y="12.826086956521738">Movement</tspan></text></g></g><g class="tactic collection" transform="translate(747.1428571428571, 0)"><g class="techniques"><g class="technique T1557" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="9.217391304347826">Adversary-in-the-Middle</tspan></text></g><g class="technique T1560" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Archive</tspan><tspan x="4" y="12.826086956521738">Collected Data</tspan></text></g><g class="technique T1123" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Audio Capture</tspan></text></g><g class="technique T1119" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Automated</tspan><tspan x="4" y="12.826086956521738">Collection</tspan></text></g><g class="technique T1185" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Browser Session</tspan><tspan x="4" y="12.826086956521738">Hijacking</tspan></text></g><g class="technique T1115" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a493fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Clipboard Data</tspan></text></g><g class="technique T1530" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Data from</tspan><tspan x="4" y="12.826086956521738">Cloud Storage</tspan></text></g><g class="technique T1602" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Data from Configuration</tspan><tspan x="4" y="12.826086956521738">Repository</tspan></text></g><g class="technique T1213" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#9c96fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data from Information</tspan><tspan x="4" y="12.826086956521738">Repositories</tspan></text></g><g class="technique T1005" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#bb87f9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data from</tspan><tspan x="4" y="12.826086956521738">Local System</tspan></text></g><g class="technique T1039" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data from Network</tspan><tspan x="4" y="12.826086956521738">Shared Drive</tspan></text></g><g class="technique T1025" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Data from</tspan><tspan x="4" y="12.826086956521738">Removable Media</tspan></text></g><g class="technique T1074" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Data Staged</tspan></text></g><g class="technique T1114" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Email</tspan><tspan x="4" y="12.826086956521738">Collection</tspan></text></g><g class="technique T1056" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Input Capture</tspan></text></g><g class="technique T1113" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#b38bf9" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Screen Capture</tspan></text></g><g class="technique T1125" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Video Capture</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="10.217391304347826">Collection</tspan></text></g></g><g class="tactic command-and-control" transform="translate(821.8571428571428, 0)"><g class="techniques"><g class="technique T1071" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Application</tspan><tspan x="4" y="12.826086956521738">Layer Protocol</tspan></text></g><g class="technique T1092" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Communication Through</tspan><tspan x="4" y="12.826086956521738">Removable Media</tspan></text></g><g class="technique T1659" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Content</tspan><tspan x="4" y="12.826086956521738">Injection</tspan></text></g><g class="technique T1132" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Data Encoding</tspan></text></g><g class="technique T1001" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Data</tspan><tspan x="4" y="12.826086956521738">Obfuscation</tspan></text></g><g class="technique T1568" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Dynamic</tspan><tspan x="4" y="12.826086956521738">Resolution</tspan></text></g><g class="technique T1573" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Encrypted</tspan><tspan x="4" y="12.826086956521738">Channel</tspan></text></g><g class="technique T1008" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Fallback</tspan><tspan x="4" y="12.826086956521738">Channels</tspan></text></g><g class="technique T1665" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Hide</tspan><tspan x="4" y="12.826086956521738">Infrastructure</tspan></text></g><g class="technique T1105" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Ingress</tspan><tspan x="4" y="12.826086956521738">Tool Transfer</tspan></text></g><g class="technique T1104" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Multi-Stage</tspan><tspan x="4" y="12.826086956521738">Channels</tspan></text></g><g class="technique T1095" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Non-Application</tspan><tspan x="4" y="12.826086956521738">Layer Protocol</tspan></text></g><g class="technique T1571" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#8d9efc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Non-Standard</tspan><tspan x="4" y="12.826086956521738">Port</tspan></text></g><g class="technique T1572" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Protocol</tspan><tspan x="4" y="12.826086956521738">Tunneling</tspan></text></g><g class="technique T1090" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="11.217391304347826">Proxy</tspan></text></g><g class="technique T1219" transform="translate(0, 246.95652173913044)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Remote</tspan><tspan x="4" y="12.826086956521738">Access Tools</tspan></text></g><g class="technique T1205" transform="translate(0, 262.39130434782606)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Traffic</tspan><tspan x="4" y="12.826086956521738">Signaling</tspan></text></g><g class="technique T1102" transform="translate(0, 277.82608695652175)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ca80f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Web Service</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="5.608695652173913">Command</tspan><tspan text-anchor="middle" x="37.357142857142854" y="12.826086956521738">and Control</tspan></text></g></g><g class="tactic exfiltration" transform="translate(896.5714285714284, 0)"><g class="techniques"><g class="technique T1020" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ac8ffa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Automated</tspan><tspan x="4" y="12.826086956521738">Exfiltration</tspan></text></g><g class="technique T1030" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data Transfer</tspan><tspan x="4" y="12.826086956521738">Size Limits</tspan></text></g><g class="technique T1048" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a493fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exfiltration Over</tspan><tspan x="4" y="12.826086956521738">Alternative Protocol</tspan></text></g><g class="technique T1041" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#85a2fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exfiltration</tspan><tspan x="4" y="12.826086956521738">Over C2 Channel</tspan></text></g><g class="technique T1011" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Exfiltration Over</tspan><tspan x="4" y="12.826086956521738">Other Network Medium</tspan></text></g><g class="technique T1052" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Exfiltration Over</tspan><tspan x="4" y="12.826086956521738">Physical Medium</tspan></text></g><g class="technique T1567" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#c384f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Exfiltration</tspan><tspan x="4" y="12.826086956521738">Over Web Service</tspan></text></g><g class="technique T1029" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="5.608695652173913">Scheduled</tspan><tspan x="4" y="12.826086956521738">Transfer</tspan></text></g><g class="technique T1537" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#949afc" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Transfer Data</tspan><tspan x="4" y="12.826086956521738">to Cloud Account</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="10.217391304347826">Exfiltration</tspan></text></g></g><g class="tactic impact" transform="translate(971.2857142857142, 0)"><g class="techniques"><g class="technique T1531" transform="translate(0, 15.434782608695652)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ac8ffa" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Account</tspan><tspan x="4" y="12.826086956521738">Access Removal</tspan></text></g><g class="technique T1485" transform="translate(0, 30.869565217391305)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data</tspan><tspan x="4" y="12.826086956521738">Destruction</tspan></text></g><g class="technique T1486" transform="translate(0, 46.30434782608695)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#da78f7" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data Encrypted</tspan><tspan x="4" y="12.826086956521738">for Impact</tspan></text></g><g class="technique T1565" transform="translate(0, 61.73913043478261)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Data</tspan><tspan x="4" y="12.826086956521738">Manipulation</tspan></text></g><g class="technique T1491" transform="translate(0, 77.17391304347827)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Defacement</tspan></text></g><g class="technique T1561" transform="translate(0, 92.6086956521739)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="11.217391304347826">Disk Wipe</tspan></text></g><g class="technique T1667" transform="translate(0, 108.04347826086958)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="10.217391304347826">Email Bombing</tspan></text></g><g class="technique T1499" transform="translate(0, 123.47826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#75a9fe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Endpoint Denial</tspan><tspan x="4" y="12.826086956521738">of Service</tspan></text></g><g class="technique T1657" transform="translate(0, 138.91304347826087)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ffffff" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="#000000"><tspan x="4" y="9.217391304347826">Financial Theft</tspan></text></g><g class="technique T1495" transform="translate(0, 154.34782608695653)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#6eadfe" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Firmware</tspan><tspan x="4" y="12.826086956521738">Corruption</tspan></text></g><g class="technique T1490" transform="translate(0, 169.7826086956522)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ff66f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Inhibit</tspan><tspan x="4" y="12.826086956521738">System Recovery</tspan></text></g><g class="technique T1498" transform="translate(0, 185.2173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#7da6fd" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Network Denial</tspan><tspan x="4" y="12.826086956521738">of Service</tspan></text></g><g class="technique T1496" transform="translate(0, 200.65217391304347)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#ca80f8" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,12" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">Resource</tspan><tspan x="4" y="12.826086956521738">Hijacking</tspan></text></g><g class="technique T1489" transform="translate(0, 216.08695652173915)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#f969f4" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="10.217391304347826">Service Stop</tspan></text></g><g class="technique T1529" transform="translate(0, 231.52173913043478)"><rect class="cell" height="15.434782608695652" width="74.71428571428571" fill="#a493fb" stroke="#6B7279"/><polygon class="sidebar" transform="translate(0, 15.434782608695652)" points="0,0 12,0 12,0" fill="#6B7279" visibility="hidden"/><text font-size="4.115942028985507" fill="black"><tspan x="4" y="5.608695652173913">System</tspan><tspan x="4" y="12.826086956521738">Shutdown/Reboot</tspan></text></g></g><g class="subtechniques"/><g class="tactic-label"><text font-size="6.173913043478262" fill="black" font-weight="bold"><tspan text-anchor="middle" x="37.357142857142854" y="11.217391304347826">Impact</tspan></text></g></g></g></g></g></svg>
\ No newline at end of file