security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 45 Packages Projects Releases Wiki Activity
Files
1aae4b06032a5d0b34e9131b1a9e4b0413b52e64
blue-team-tools/other/sigma_attack_nav_coverage.json
T
github-actions[bot] 1aae4b0603 Merge PR #5889 from @phantinuss - Update ATT&CK Heatmap Coverage 
* chore: update ATT&CK heatmap

---------

Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
2026-03-02 13:38:30 +01:00

5696 lines
119 KiB
JSON
Raw Blame History

{
"name": "Sigma Analytics Coverage",
"versions": {
"attack": "18.1",
"navigator": "4.8.1",
"layer": "4.4"
},
"domain": "enterprise-attack",
"description": "Sigma coverage heatmap generated by Sigma CLI with score function count",
"gradient": {
"colors": [
"#66b1ffff",
"#ff66f4ff"
],
"minValue": 0,
"maxValue": 20
},
"techniques": [
{
"techniqueID": "T1078",
"tactic": "defense-evasion",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "persistence",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "privilege-escalation",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078",
"tactic": "initial-access",
"score": 60,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114.003",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090",
"tactic": "command-and-control",
"score": 22,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1606",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1528",
"tactic": "credential-access",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1140",
"tactic": "defense-evasion",
"score": 18,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098",
"tactic": "persistence",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098",
"tactic": "privilege-escalation",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1589",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110",
"tactic": "credential-access",
"score": 25,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.004",
"tactic": "defense-evasion",
"score": 40,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.004",
"tactic": "persistence",
"score": 40,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.004",
"tactic": "privilege-escalation",
"score": 40,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.004",
"tactic": "initial-access",
"score": 40,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552",
"tactic": "credential-access",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548",
"tactic": "privilege-escalation",
"score": 22,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548",
"tactic": "defense-evasion",
"score": 22,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "credential-access",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "defense-evasion",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.003",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.003",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1098.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1485",
"tactic": "impact",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1496",
"tactic": "impact",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1489",
"tactic": "impact",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"tactic": "execution",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.003",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.007",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.004",
"tactic": "defense-evasion",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.001",
"tactic": "credential-access",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.007",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565.001",
"tactic": "impact",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003",
"tactic": "credential-access",
"score": 34,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059",
"tactic": "execution",
"score": 94,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562",
"tactic": "defense-evasion",
"score": 27,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.001",
"tactic": "defense-evasion",
"score": 127,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1578",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1578.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1531",
"tactic": "impact",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1621",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.006",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.006",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.006",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.004",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1526",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1074",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.002",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1573",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1199",
"tactic": "initial-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1537",
"tactic": "exfiltration",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1486",
"tactic": "impact",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1020",
"tactic": "exfiltration",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136.003",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070",
"tactic": "defense-evasion",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550",
"tactic": "lateral-movement",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.001",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1190",
"tactic": "initial-access",
"score": 146,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.001",
"tactic": "execution",
"score": 217,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.003",
"tactic": "execution",
"score": 44,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.004",
"tactic": "execution",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.009",
"tactic": "execution",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.007",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.008",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1608.003",
"tactic": "resource-development",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1525",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566",
"tactic": "initial-access",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566.002",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1580",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1619",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1005",
"tactic": "collection",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1490",
"tactic": "impact",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.002",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555",
"tactic": "credential-access",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1105",
"tactic": "command-and-control",
"score": 81,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027",
"tactic": "defense-evasion",
"score": 94,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567",
"tactic": "exfiltration",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1568.002",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1572",
"tactic": "command-and-control",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102",
"tactic": "command-and-control",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1571",
"tactic": "command-and-control",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1082",
"tactic": "discovery",
"score": 33,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.001",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.001",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1123",
"tactic": "collection",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.009",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.009",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1201",
"tactic": "discovery",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.001",
"tactic": "discovery",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1007",
"tactic": "discovery",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.012",
"tactic": "execution",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1529",
"tactic": "impact",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1083",
"tactic": "discovery",
"score": 24,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048.003",
"tactic": "exfiltration",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1133",
"tactic": "persistence",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1133",
"tactic": "initial-access",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.004",
"tactic": "defense-evasion",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1033",
"tactic": "discovery",
"score": 30,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1593.003",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1115",
"tactic": "collection",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564",
"tactic": "defense-evasion",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.001",
"tactic": "discovery",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1018",
"tactic": "discovery",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1203",
"tactic": "execution",
"score": 31,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1068",
"tactic": "privilege-escalation",
"score": 29,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1592.004",
"tactic": "reconnaissance",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.012",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.006",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1554",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1046",
"tactic": "discovery",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1587",
"tactic": "resource-development",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.004",
"tactic": "defense-evasion",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1653",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036",
"tactic": "defense-evasion",
"score": 40,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1016",
"tactic": "discovery",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.003",
"tactic": "persistence",
"score": 34,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1219.002",
"tactic": "command-and-control",
"score": 44,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1049",
"tactic": "discovery",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1014",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1518.001",
"tactic": "discovery",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.001",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071.001",
"tactic": "command-and-control",
"score": 40,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.002",
"tactic": "execution",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.002",
"tactic": "persistence",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.002",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.006",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.006",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.006",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136.001",
"tactic": "persistence",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204.001",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.003",
"tactic": "defense-evasion",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.003",
"tactic": "persistence",
"score": 47,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.003",
"tactic": "privilege-escalation",
"score": 47,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1584",
"tactic": "resource-development",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.006",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.006",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1030",
"tactic": "exfiltration",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1057",
"tactic": "discovery",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.006",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499",
"tactic": "impact",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "persistence",
"score": 91,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "privilege-escalation",
"score": 91,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.001",
"tactic": "defense-evasion",
"score": 91,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1106",
"tactic": "execution",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.002",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.004",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.004",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.003",
"tactic": "defense-evasion",
"score": 27,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.003",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.003",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.001",
"tactic": "defense-evasion",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1040",
"tactic": "credential-access",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1040",
"tactic": "discovery",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1113",
"tactic": "collection",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1560.001",
"tactic": "collection",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1212",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588.001",
"tactic": "resource-development",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204",
"tactic": "execution",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1558",
"tactic": "credential-access",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.001",
"tactic": "credential-access",
"score": 78,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.002",
"tactic": "credential-access",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.003",
"tactic": "lateral-movement",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1047",
"tactic": "execution",
"score": 50,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087",
"tactic": "discovery",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "execution",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053",
"tactic": "privilege-escalation",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569.002",
"tactic": "execution",
"score": 43,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1112",
"tactic": "defense-evasion",
"score": 95,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1112",
"tactic": "persistence",
"score": 95,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1213",
"tactic": "collection",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021",
"tactic": "lateral-movement",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1498",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1041",
"tactic": "exfiltration",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1213.003",
"tactic": "collection",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1195.001",
"tactic": "initial-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567.001",
"tactic": "exfiltration",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1609",
"tactic": "execution",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1611",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.005",
"tactic": "defense-evasion",
"score": 18,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.003",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.004",
"tactic": "lateral-movement",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1586",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1591.004",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.004",
"tactic": "credential-access",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.003",
"tactic": "credential-access",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048",
"tactic": "exfiltration",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.002",
"tactic": "lateral-movement",
"score": 37,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.001",
"tactic": "credential-access",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.001",
"tactic": "collection",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1187",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.001",
"tactic": "lateral-movement",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1095",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.004",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.004",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1558.003",
"tactic": "credential-access",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1595.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071.004",
"tactic": "command-and-control",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.002",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1495",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1565.002",
"tactic": "impact",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.004",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1561.001",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1561.002",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1124",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557",
"tactic": "credential-access",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557",
"tactic": "collection",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.014",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.014",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "privilege-escalation",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.003",
"tactic": "initial-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569.001",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.001",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.004",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543.004",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218",
"tactic": "defense-evasion",
"score": 152,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.004",
"tactic": "defense-evasion",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1189",
"tactic": "initial-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.002",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.001",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1497.001",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1497.001",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1566.001",
"tactic": "initial-access",
"score": 23,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.002",
"tactic": "execution",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.002",
"tactic": "collection",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056.002",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1078.001",
"tactic": "initial-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.006",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137.002",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204.002",
"tactic": "execution",
"score": 36,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.007",
"tactic": "execution",
"score": 22,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1071",
"tactic": "command-and-control",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.001",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1586.003",
"tactic": "resource-development",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590",
"tactic": "reconnaissance",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1197",
"tactic": "defense-evasion",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1197",
"tactic": "persistence",
"score": 16,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.001",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1102.003",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1568",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1595",
"tactic": "reconnaissance",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1567.002",
"tactic": "exfiltration",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1056",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1221",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499.004",
"tactic": "impact",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1210",
"tactic": "lateral-movement",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1127",
"tactic": "defense-evasion",
"score": 20,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.001",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.001",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.011",
"tactic": "defense-evasion",
"score": 43,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055",
"tactic": "defense-evasion",
"score": 33,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055",
"tactic": "privilege-escalation",
"score": 33,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.003",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.012",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.012",
"tactic": "privilege-escalation",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.005",
"tactic": "execution",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.005",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.005",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1195.002",
"tactic": "initial-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1482",
"tactic": "discovery",
"score": 17,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.003",
"tactic": "command-and-control",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1559.001",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.010",
"tactic": "defense-evasion",
"score": 19,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.005",
"tactic": "credential-access",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.001",
"tactic": "defense-evasion",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.001",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.003",
"tactic": "privilege-escalation",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.003",
"tactic": "persistence",
"score": 12,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.003",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.003",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.003",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1127.001",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.009",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.006",
"tactic": "lateral-movement",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.002",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.002",
"tactic": "defense-evasion",
"score": 26,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.011",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1055.011",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.002",
"tactic": "privilege-escalation",
"score": 56,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.002",
"tactic": "defense-evasion",
"score": 56,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1543",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1599.001",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.014",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1220",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.007",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.007",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.007",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1202",
"tactic": "defense-evasion",
"score": 39,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1129",
"tactic": "execution",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1518",
"tactic": "discovery",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1588.002",
"tactic": "resource-development",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.001",
"tactic": "defense-evasion",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.001",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.002",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.002",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1587.001",
"tactic": "resource-development",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1074.001",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.004",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "persistence",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "privilege-escalation",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.011",
"tactic": "defense-evasion",
"score": 11,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1012",
"tactic": "discovery",
"score": 14,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.008",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.009",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1087.002",
"tactic": "discovery",
"score": 21,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.001",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1216",
"tactic": "defense-evasion",
"score": 13,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1615",
"tactic": "discovery",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.011",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.011",
"tactic": "persistence",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.002",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1072",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1072",
"tactic": "lateral-movement",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.008",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1048.001",
"tactic": "exfiltration",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1132.001",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.001",
"tactic": "persistence",
"score": 39,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.001",
"tactic": "privilege-escalation",
"score": 39,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1556.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.008",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.008",
"tactic": "persistence",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.007",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.007",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.014",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.014",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.010",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.010",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.002",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.002",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.006",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069.002",
"tactic": "discovery",
"score": 15,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.005",
"tactic": "execution",
"score": 51,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.005",
"tactic": "persistence",
"score": 51,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1053.005",
"tactic": "privilege-escalation",
"score": 51,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.005",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546",
"tactic": "privilege-escalation",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546",
"tactic": "persistence",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1204.004",
"tactic": "execution",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1027.010",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1562.010",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.002",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.002",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1219",
"tactic": "command-and-control",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.013",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.003",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.003",
"tactic": "credential-access",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547",
"tactic": "persistence",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547",
"tactic": "privilege-escalation",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1218.007",
"tactic": "defense-evasion",
"score": 10,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.005",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1491.001",
"tactic": "impact",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.001",
"tactic": "privilege-escalation",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.001",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1608",
"tactic": "resource-development",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1539",
"tactic": "credential-access",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1211",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1563.002",
"tactic": "lateral-movement",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1552.006",
"tactic": "credential-access",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1560",
"tactic": "collection",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1176.001",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1649",
"tactic": "credential-access",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1555.004",
"tactic": "credential-access",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.005",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1569",
"tactic": "execution",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1120",
"tactic": "discovery",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1542.003",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1614.001",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.001",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1484.001",
"tactic": "privilege-escalation",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1021.005",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1119",
"tactic": "collection",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590.001",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.015",
"tactic": "privilege-escalation",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.015",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.003",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.003",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "persistence",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "privilege-escalation",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574",
"tactic": "defense-evasion",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1039",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1570",
"tactic": "lateral-movement",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1216.001",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.004",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110.001",
"tactic": "credential-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.002",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1110.002",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222.001",
"tactic": "defense-evasion",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1217",
"tactic": "discovery",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1622",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1622",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.004",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.004",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1059.006",
"tactic": "execution",
"score": 8,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.007",
"tactic": "defense-evasion",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1620",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1069",
"tactic": "discovery",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.005",
"tactic": "defense-evasion",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.001",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1037.001",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1135",
"tactic": "discovery",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1185",
"tactic": "collection",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1505.004",
"tactic": "persistence",
"score": 5,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1003.006",
"tactic": "credential-access",
"score": 7,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1006",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.013",
"tactic": "privilege-escalation",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.013",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137",
"tactic": "persistence",
"score": 9,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1008",
"tactic": "command-and-control",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137.006",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1136.002",
"tactic": "persistence",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.009",
"tactic": "persistence",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.009",
"tactic": "privilege-escalation",
"score": 4,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1137.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1195",
"tactic": "initial-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.015",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.015",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1001.003",
"tactic": "command-and-control",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1114.001",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1222",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1589.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1574.012",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.010",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.010",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1125",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.009",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.009",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.008",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.008",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.005",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.003",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1547.003",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.012",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1546.012",
"tactic": "persistence",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1559.002",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.002",
"tactic": "defense-evasion",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1550.002",
"tactic": "lateral-movement",
"score": 6,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1553.002",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1207",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1010",
"tactic": "discovery",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.005",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1134.005",
"tactic": "privilege-escalation",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1200",
"tactic": "initial-access",
"score": 3,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.003",
"tactic": "credential-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1557.003",
"tactic": "collection",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1091",
"tactic": "lateral-movement",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1091",
"tactic": "initial-access",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1590.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1499.001",
"tactic": "impact",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1176",
"tactic": "persistence",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1595.001",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.003",
"tactic": "privilege-escalation",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1548.003",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1559",
"tactic": "execution",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1564.008",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1090.004",
"tactic": "command-and-control",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1598.002",
"tactic": "reconnaissance",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1036.008",
"tactic": "defense-evasion",
"score": 1,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
},
{
"techniqueID": "T1070.008",
"tactic": "defense-evasion",
"score": 2,
"color": "",
"comment": "",
"enabled": true,
"metadata": [],
"links": [],
"showSubtechniques": false
}
]
}
Reference in New Issue View Git Blame Copy Permalink