security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge PR #5505 from @phantinuss - Update ATT&CK Heatmap Coverage

Browse Source 
chore: update ATT&CK heatmap
chore: add updated ATT&CK coverage image
chore: point heatmap link to master

---------

Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
This commit is contained in:
github-actions[bot]
2025-07-01 10:48:15 +02:00
committed by GitHub
parent 4316ad64da
commit be3f2bc7bd
4 changed files with 5531 additions and 4067 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/update-heatmap.yml
+10 -11
View File
@@ -2,7 +2,6 @@ name: Generate Updated ATT&CK Heatmap
on:
schedule:
- cron: "0 0 1 * *"
workflow_dispatch:
@@ -31,22 +30,22 @@ jobs:
title: 'Update ATT&CK Heatmap Coverage'
body: |
### Summary of the Pull Request
This PR updates sigma_attack_nav_coverage.json to reflect the current rule coverage.
To generate a new SVG file, go to the [MITRE ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https://raw.githubusercontent.com/SigmaHQ/sigma/"${GITHUB_SHA}"/other/sigma_attack_nav_coverage.json) and export a SVG via "Layer Controls" > "Export" (download icon) > "render layer to SVG".
To generate a new SVG file, go to the [MITRE ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https://raw.githubusercontent.com/SigmaHQ/sigma/master/other/sigma_attack_nav_coverage.json) and export a SVG via "Layer Controls" > "Export" (download icon) > "render layer to SVG".
### Changelog
chore: update ATT&CK heatmap
### Example Log Event
N/A
### Fixed Issues
N/A
### SigmaHQ Rule Creation Conventions
- If your PR adds new rules, please consider following and applying these [conventions](https://github.com/SigmaHQ/sigma-specification/blob/main/sigmahq/sigmahq_conventions.md)
other/sigma_attack_nav_coverage.json
+5519 -4056
View File
@@ -1,4057 +1,5520 @@
{
"name": "Sigma 2025-02",
"versions": {
"attack": "16",
"navigator": "5.1.0",
"layer": "4.5"
},
"domain": "enterprise-attack",
"description": "Sigma coverage heatmap generated by Sigma CLI with score function count",
"filters": {
"platforms": [
"Windows",
"Linux",
"macOS",
"Network",
"PRE",
"Containers",
"IaaS",
"SaaS",
"Office Suite",
"Identity Provider"
]
},
"sorting": 0,
"layout": {
"layout": "side",
"aggregateFunction": "average",
"showID": false,
"showName": true,
"showAggregateScores": false,
"countUnscored": false,
"expandedSubtechniques": "none"
},
"hideDisabled": false,
"techniques": [
{
"techniqueID": "T1047",
"tactic": "execution",
"score": 44,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1113",
"tactic": "collection",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557",
"tactic": "collection",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.001",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.001",
"tactic": "collection",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1033",
"tactic": "discovery",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1592.004",
"tactic": "reconnaissance",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003",
"tactic": "credential-access",
"score": 32,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.002",
"tactic": "credential-access",
"score": 25,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.003",
"tactic": "credential-access",
"score": 25,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.005",
"tactic": "credential-access",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1006",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1014",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1123",
"tactic": "collection",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.004",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.004",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.001",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.002",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.003",
"tactic": "persistence",
"score": 45,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.003",
"tactic": "privilege-escalation",
"score": 45,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1133",
"tactic": "persistence",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1133",
"tactic": "initial-access",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1578",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.002",
"tactic": "discovery",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.001",
"tactic": "discovery",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114.001",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1561.002",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1561.001",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1615",
"tactic": "discovery",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.009",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.009",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.006",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.006",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.004",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.004",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.001",
"tactic": "persistence",
"score": 36,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.001",
"tactic": "privilege-escalation",
"score": 36,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.008",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.008",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.014",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.014",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.015",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.015",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.003",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.002",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.002",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.010",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.010",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1489",
"tactic": "impact",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.003",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.006",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.001",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.004",
"tactic": "defense-evasion",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1115",
"tactic": "collection",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1007",
"tactic": "discovery",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1040",
"tactic": "credential-access",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1040",
"tactic": "discovery",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1135",
"tactic": "discovery",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1120",
"tactic": "discovery",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1082",
"tactic": "discovery",
"score": 30,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071.004",
"tactic": "command-and-control",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071.001",
"tactic": "command-and-control",
"score": 39,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "execution",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "privilege-escalation",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1176",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1106",
"tactic": "execution",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1091",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1091",
"tactic": "initial-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1005",
"tactic": "collection",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1140",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.004",
"tactic": "defense-evasion",
"score": 28,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.002",
"tactic": "defense-evasion",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.001",
"tactic": "defense-evasion",
"score": 106,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.006",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.010",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1195",
"tactic": "initial-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1195.001",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1558.003",
"tactic": "credential-access",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.004",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.001",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567.001",
"tactic": "exfiltration",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567.002",
"tactic": "exfiltration",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1219",
"tactic": "command-and-control",
"score": 40,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036",
"tactic": "defense-evasion",
"score": 41,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.008",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.003",
"tactic": "defense-evasion",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.006",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.004",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.002",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.005",
"tactic": "defense-evasion",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.007",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.007",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.001",
"tactic": "credential-access",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.002",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055",
"tactic": "defense-evasion",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055",
"tactic": "privilege-escalation",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.012",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.012",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.009",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.009",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.011",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.011",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.001",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.001",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.003",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218",
"tactic": "defense-evasion",
"score": 140,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.005",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.008",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.013",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.001",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.010",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.009",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.003",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.007",
"tactic": "defense-evasion",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1620",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1611",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1010",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1525",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1572",
"tactic": "command-and-control",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.003",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.003",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.002",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.002",
"tactic": "lateral-movement",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1589",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1560",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1560.001",
"tactic": "collection",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1185",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021",
"tactic": "lateral-movement",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.006",
"tactic": "lateral-movement",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.005",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.002",
"tactic": "lateral-movement",
"score": 36,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.001",
"tactic": "lateral-movement",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.003",
"tactic": "lateral-movement",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.004",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1207",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1112",
"tactic": "defense-evasion",
"score": 85,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1580",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1491.001",
"tactic": "impact",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1563.002",
"tactic": "lateral-movement",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1217",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1595",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1595.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.001",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.002",
"tactic": "privilege-escalation",
"score": 53,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.002",
"tactic": "defense-evasion",
"score": 53,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.003",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1125",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1016",
"tactic": "discovery",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.002",
"tactic": "discovery",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.001",
"tactic": "discovery",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090",
"tactic": "command-and-control",
"score": 22,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.001",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.004",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.002",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.005",
"tactic": "execution",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.002",
"tactic": "execution",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.003",
"tactic": "execution",
"score": 33,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.004",
"tactic": "execution",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.006",
"tactic": "execution",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.001",
"tactic": "execution",
"score": 214,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1482",
"tactic": "discovery",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1020",
"tactic": "exfiltration",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.004",
"tactic": "defense-evasion",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.002",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.001",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.003",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.005",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1609",
"tactic": "execution",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1083",
"tactic": "discovery",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1568",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1074",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1074.001",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1049",
"tactic": "discovery",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1584",
"tactic": "resource-development",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1586",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1497.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1497.001",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.003",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.001",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.002",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1608",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1104",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1057",
"tactic": "discovery",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1041",
"tactic": "exfiltration",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1591.004",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590.001",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1210",
"tactic": "lateral-movement",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1593.003",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048.003",
"tactic": "exfiltration",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048.001",
"tactic": "exfiltration",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566.001",
"tactic": "initial-access",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565.002",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565.001",
"tactic": "impact",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1559.002",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1559.001",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1039",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "persistence",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.007",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.007",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.007",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.002",
"tactic": "persistence",
"score": 79,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.002",
"tactic": "privilege-escalation",
"score": 79,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.002",
"tactic": "defense-evasion",
"score": 79,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.006",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.006",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.006",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "persistence",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "privilege-escalation",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "defense-evasion",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "privilege-escalation",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "initial-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1571",
"tactic": "command-and-control",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1068",
"tactic": "privilege-escalation",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027",
"tactic": "defense-evasion",
"score": 92,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.005",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.009",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.010",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.003",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.002",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.002",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.013",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.013",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.003",
"tactic": "privilege-escalation",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.003",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.011",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.011",
"tactic": "persistence",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.015",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.015",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.004",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.004",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.010",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.010",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.007",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.007",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.012",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.012",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.009",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.009",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.014",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.014",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.008",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.008",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1187",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1599.001",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1486",
"tactic": "impact",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.005",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.004",
"tactic": "defense-evasion",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.001",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1573",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.001",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.001",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.002",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.002",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1203",
"tactic": "execution",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1570",
"tactic": "lateral-movement",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1095",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1012",
"tactic": "discovery",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1030",
"tactic": "exfiltration",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499.001",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1614.001",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1197",
"tactic": "defense-evasion",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1197",
"tactic": "persistence",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1132.001",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588.002",
"tactic": "resource-development",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588.001",
"tactic": "resource-development",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569.002",
"tactic": "execution",
"score": 42,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1200",
"tactic": "initial-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.004",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.003",
"tactic": "persistence",
"score": 28,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1221",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.001",
"tactic": "defense-evasion",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.001",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.004",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.004",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.005",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.002",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.002",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.003",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.003",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136.001",
"tactic": "persistence",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1018",
"tactic": "discovery",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1046",
"tactic": "discovery",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1518",
"tactic": "discovery",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1518.001",
"tactic": "discovery",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1622",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1622",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1105",
"tactic": "command-and-control",
"score": 64,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.001",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1220",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1587",
"tactic": "resource-development",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1587.001",
"tactic": "resource-development",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1008",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1124",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1495",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1216",
"tactic": "defense-evasion",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1216.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1211",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1127",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1127.001",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1529",
"tactic": "impact",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
}
],
"gradient": {
"colors": [
"#66b1ffff",
"#ff66f4ff"
],
"minValue": 0,
"maxValue": 10
},
"legendItems": [],
"metadata": [],
"links": [],
"showTacticRowBackground": false,
"tacticRowBackground": "#dddddd",
"selectTechniquesAcrossTactics": false,
"selectSubtechniquesWithParent": false,
"selectVisibleTechniques": false
}
"name": "Sigma Analytics Coverage",
"versions": {
"attack": "17.0",
"navigator": "4.8.1",
"layer": "4.4"
},
"domain": "enterprise-attack",
"description": "Sigma coverage heatmap generated by Sigma CLI with score function count",
"gradient": {
"colors": [
"#ffffff00",
"#ff0000"
],
"minValue": 0,
"maxValue": 1345
},
"techniques": [
{
"techniqueID": "T1071.001",
"tactic": "command-and-control",
"score": 40,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1197",
"tactic": "defense-evasion",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1197",
"tactic": "persistence",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1105",
"tactic": "command-and-control",
"score": 70,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1568",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1190",
"tactic": "initial-access",
"score": 130,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567.002",
"tactic": "exfiltration",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1189",
"tactic": "initial-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204.002",
"tactic": "execution",
"score": 32,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.005",
"tactic": "defense-evasion",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566",
"tactic": "initial-access",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1203",
"tactic": "execution",
"score": 28,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1584",
"tactic": "resource-development",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.001",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.003",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.002",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110",
"tactic": "credential-access",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.003",
"tactic": "persistence",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1083",
"tactic": "discovery",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1221",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499.004",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1210",
"tactic": "lateral-movement",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566.001",
"tactic": "initial-access",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1560.001",
"tactic": "collection",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027",
"tactic": "defense-evasion",
"score": 92,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1490",
"tactic": "impact",
"score": 25,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.001",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.004",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.004",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059",
"tactic": "execution",
"score": 91,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204",
"tactic": "execution",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1140",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.006",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.002",
"tactic": "execution",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.007",
"tactic": "execution",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569.001",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.006",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"tactic": "execution",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.002",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.002",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1113",
"tactic": "collection",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136.001",
"tactic": "persistence",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566.002",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204.001",
"tactic": "execution",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218",
"tactic": "defense-evasion",
"score": 144,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.004",
"tactic": "defense-evasion",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.001",
"tactic": "credential-access",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1082",
"tactic": "discovery",
"score": 33,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "defense-evasion",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "persistence",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "privilege-escalation",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "initial-access",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "initial-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "privilege-escalation",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "initial-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1219.002",
"tactic": "command-and-control",
"score": 44,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.003",
"tactic": "defense-evasion",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1497.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1497.001",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1049",
"tactic": "discovery",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.003",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1040",
"tactic": "credential-access",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1040",
"tactic": "discovery",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.001",
"tactic": "discovery",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1518.001",
"tactic": "discovery",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.001",
"tactic": "discovery",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1529",
"tactic": "impact",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1030",
"tactic": "exfiltration",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1115",
"tactic": "collection",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.001",
"tactic": "defense-evasion",
"score": 107,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1046",
"tactic": "discovery",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1018",
"tactic": "discovery",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.001",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1133",
"tactic": "persistence",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1133",
"tactic": "initial-access",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.001",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1016",
"tactic": "discovery",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.014",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.014",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1068",
"tactic": "privilege-escalation",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.004",
"tactic": "defense-evasion",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.004",
"tactic": "execution",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1592.004",
"tactic": "reconnaissance",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1496",
"tactic": "impact",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.012",
"tactic": "execution",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1033",
"tactic": "discovery",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1007",
"tactic": "discovery",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1531",
"tactic": "impact",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1485",
"tactic": "impact",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567",
"tactic": "exfiltration",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.002",
"tactic": "execution",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.002",
"tactic": "persistence",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.002",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565.001",
"tactic": "impact",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036",
"tactic": "defense-evasion",
"score": 41,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.004",
"tactic": "defense-evasion",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.004",
"tactic": "defense-evasion",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090",
"tactic": "command-and-control",
"score": 22,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1014",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548",
"tactic": "privilege-escalation",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548",
"tactic": "defense-evasion",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.001",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1593.003",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.003",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.009",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.009",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564",
"tactic": "defense-evasion",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098",
"tactic": "persistence",
"score": 28,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098",
"tactic": "privilege-escalation",
"score": 28,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1587",
"tactic": "resource-development",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1571",
"tactic": "command-and-control",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1568.002",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1572",
"tactic": "command-and-control",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102",
"tactic": "command-and-control",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.006",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.006",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.006",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.003",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.006",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1489",
"tactic": "impact",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499",
"tactic": "impact",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.003",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "persistence",
"score": 87,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "privilege-escalation",
"score": 87,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "defense-evasion",
"score": 87,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.002",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048.003",
"tactic": "exfiltration",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1201",
"tactic": "discovery",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1123",
"tactic": "collection",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.001",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.004",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.004",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.003",
"tactic": "persistence",
"score": 45,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.003",
"tactic": "privilege-escalation",
"score": 45,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1106",
"tactic": "execution",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1057",
"tactic": "discovery",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003",
"tactic": "credential-access",
"score": 32,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.001",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.001",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.006",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.006",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1212",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588.001",
"tactic": "resource-development",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1589",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.008",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.001",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1202",
"tactic": "defense-evasion",
"score": 36,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.005",
"tactic": "execution",
"score": 47,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.005",
"tactic": "persistence",
"score": 47,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.005",
"tactic": "privilege-escalation",
"score": 47,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048",
"tactic": "exfiltration",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1518",
"tactic": "discovery",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1558.003",
"tactic": "credential-access",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.003",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.003",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.011",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.011",
"tactic": "persistence",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.009",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.002",
"tactic": "defense-evasion",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.003",
"tactic": "execution",
"score": 35,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.002",
"tactic": "lateral-movement",
"score": 36,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "persistence",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.002",
"tactic": "privilege-escalation",
"score": 54,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.002",
"tactic": "defense-evasion",
"score": 54,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.004",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.004",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1614.001",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.003",
"tactic": "credential-access",
"score": 25,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1486",
"tactic": "impact",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.003",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.001",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.001",
"tactic": "collection",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.010",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1482",
"tactic": "discovery",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.003",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.004",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.005",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562",
"tactic": "defense-evasion",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1112",
"tactic": "defense-evasion",
"score": 85,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1112",
"tactic": "persistence",
"score": 85,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.001",
"tactic": "execution",
"score": 217,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1127",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.009",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.006",
"tactic": "credential-access",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1220",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.001",
"tactic": "credential-access",
"score": 74,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1216.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.010",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1047",
"tactic": "execution",
"score": 46,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.001",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.007",
"tactic": "defense-evasion",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "persistence",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "privilege-escalation",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "defense-evasion",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1185",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204.004",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1587.001",
"tactic": "resource-development",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.003",
"tactic": "privilege-escalation",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.003",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.003",
"tactic": "lateral-movement",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.006",
"tactic": "lateral-movement",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.005",
"tactic": "execution",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.011",
"tactic": "defense-evasion",
"score": 43,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.004",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1560",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.001",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.001",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.013",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1104",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1176",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1615",
"tactic": "discovery",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087",
"tactic": "discovery",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.002",
"tactic": "discovery",
"score": 18,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.005",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.001",
"tactic": "defense-evasion",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.001",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.003",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.003",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.004",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569.002",
"tactic": "execution",
"score": 42,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021",
"tactic": "lateral-movement",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.003",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.002",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.002",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1216",
"tactic": "defense-evasion",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1620",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048.001",
"tactic": "exfiltration",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071.004",
"tactic": "command-and-control",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1132.001",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.001",
"tactic": "lateral-movement",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.002",
"tactic": "credential-access",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.010",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1124",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.001",
"tactic": "persistence",
"score": 37,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.001",
"tactic": "privilege-escalation",
"score": 37,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1649",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552",
"tactic": "credential-access",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.005",
"tactic": "credential-access",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055",
"tactic": "defense-evasion",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055",
"tactic": "privilege-escalation",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1072",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1072",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1622",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1622",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.006",
"tactic": "execution",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.001",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1135",
"tactic": "discovery",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.007",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1528",
"tactic": "credential-access",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1539",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1005",
"tactic": "collection",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.002",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.004",
"tactic": "credential-access",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.006",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.002",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1119",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.007",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.007",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1608",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1012",
"tactic": "discovery",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1595",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1491.001",
"tactic": "impact",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1563.002",
"tactic": "lateral-movement",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1074.001",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588.002",
"tactic": "resource-development",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1570",
"tactic": "lateral-movement",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.005",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "execution",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "privilege-escalation",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1526",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.003",
"tactic": "credential-access",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.006",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.002",
"tactic": "discovery",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.001",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.005",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.008",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.008",
"tactic": "persistence",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1217",
"tactic": "discovery",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.004",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.002",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.002",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110.002",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1095",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1039",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590.001",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1211",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.007",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.007",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.007",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.014",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.014",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.010",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.010",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.002",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.002",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557",
"tactic": "collection",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.004",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546",
"tactic": "privilege-escalation",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546",
"tactic": "persistence",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110.001",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.015",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.015",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1120",
"tactic": "discovery",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567.001",
"tactic": "exfiltration",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1127.001",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1559.001",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1558",
"tactic": "credential-access",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1041",
"tactic": "exfiltration",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.002",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.012",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.012",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.003",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.005",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1554",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1006",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.011",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.011",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1599.001",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1001.003",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.009",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.009",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1008",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.013",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.013",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1195",
"tactic": "initial-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1195.001",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137.006",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.015",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.015",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.005",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1573",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114.001",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1020",
"tactic": "exfiltration",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.004",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.004",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1589.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.009",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.009",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.010",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.010",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1125",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.008",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.008",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.003",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "credential-access",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "defense-evasion",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "persistence",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.012",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.012",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1559.002",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1200",
"tactic": "initial-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1010",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1187",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1207",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.005",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.002",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.002",
"tactic": "lateral-movement",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1091",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1091",
"tactic": "initial-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550",
"tactic": "lateral-movement",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499.001",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1213",
"tactic": "collection",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1498",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1611",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.007",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1609",
"tactic": "execution",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.003",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.004",
"tactic": "discovery",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1595.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1495",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1561.001",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1561.002",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1074",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565.002",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.003",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.003",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1586.003",
"tactic": "resource-development",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.004",
"tactic": "defense-evasion",
"score": 38,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.004",
"tactic": "persistence",
"score": 38,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.004",
"tactic": "privilege-escalation",
"score": 38,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.004",
"tactic": "initial-access",
"score": 38,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.006",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.006",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.006",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1213.003",
"tactic": "collection",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1537",
"tactic": "exfiltration",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136.003",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1621",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1578.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1578",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.007",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1606",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1591.004",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1586",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1525",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.007",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.001",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1580",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.009",
"tactic": "execution",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1199",
"tactic": "initial-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.004",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1129",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1559",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.004",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.008",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.008",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
}
]
}
other/sigma_attack_nav_coverage.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.7 MiB

other/sigma_attack_nav_coverage.svg
+2
View File
File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 117 KiB