forked from p34709852/monkey
40 lines
6.2 KiB
Markdown
40 lines
6.2 KiB
Markdown
|
| TACTIC | TECHNIQUES |
|
||
|
|--- |--- |
|
||
|
| [Execution](https://attack.mitre.org/tactics/TA0002/) | [Command-line Interface](https://attack.mitre.org/techniques/T1059/) |
|
||
|
| | [Execution Through Module Load](https://attack.mitre.org/techniques/T1129/) |
|
||
|
| | [Execution Through API](https://attack.mitre.org/techniques/T1106/) |
|
||
|
| | [Powershell](https://attack.mitre.org/techniques/T1086/) |
|
||
|
| | [Scripting](https://attack.mitre.org/techniques/T1064/) |
|
||
|
| | [Service Execution](https://attack.mitre.org/techniques/T1035/) |
|
||
|
| | [Trap](https://attack.mitre.org/techniques/T1154/) |
|
||
|
| [Persistence](https://attack.mitre.org/tactics/TA0003/) | [`.bash_profile` & `.bashrc`](https://attack.mitre.org/techniques/T1156/) |
|
||
|
| | [Create Account](https://attack.mitre.org/techniques/T1136/) |
|
||
|
| | [Hidden Files & Directories](https://attack.mitre.org/techniques/T1158/) |
|
||
|
| | [Local Job Scheduling](https://attack.mitre.org/techniques/T1168/) |
|
||
|
| | [Powershell Profile](https://attack.mitre.org/techniques/T1504/) |
|
||
|
| | [Scheduled Task](https://attack.mitre.org/techniques/T1053/) |
|
||
|
| | [Setuid & Setgid](https://attack.mitre.org/techniques/T1166/) |
|
||
|
| [Defence Evasion](https://attack.mitre.org/tactics/TA0005/) | [BITS Job](https://attack.mitre.org/techniques/T1197/) |
|
||
|
| | [Clear Command History](https://attack.mitre.org/techniques/T1146/) |
|
||
|
| | [File Deletion](https://attack.mitre.org/techniques/T1107/) |
|
||
|
| | [File Permissions Modification](https://attack.mitre.org/techniques/T1222/) |
|
||
|
| | [Timestomping](https://attack.mitre.org/techniques/T1099/) |
|
||
|
| | [Signed Script Proxy Execution](https://attack.mitre.org/techniques/T1216/) |
|
||
|
| [Credential Access](https://attack.mitre.org/tactics/TA0006/) | [Brute Force](https://attack.mitre.org/techniques/T1110/) |
|
||
|
| | [Credential Dumping](https://attack.mitre.org/techniques/T1003/) |
|
||
|
| | [Private Keys](https://attack.mitre.org/techniques/T1145/) |
|
||
|
| [Discovery](https://attack.mitre.org/tactics/TA0007/) | [Account Discovery](https://attack.mitre.org/techniques/T1087/) |
|
||
|
| | [Remote System Discovery](https://attack.mitre.org/techniques/T1018/) |
|
||
|
| | [System Information Discovery](https://attack.mitre.org/techniques/T1082/) |
|
||
|
| | [System Network Configuration Discovery](https://attack.mitre.org/techniques/T1016/) |
|
||
|
| [Lateral Movement](https://attack.mitre.org/tactics/TA0008/) | [Exploitation Of Remote Services](https://attack.mitre.org/techniques/T1210/) |
|
||
|
| | [Pass The Hash](https://attack.mitre.org/techniques/T1075/) |
|
||
|
| | [Remote File Copy](https://attack.mitre.org/techniques/T1105/) |
|
||
|
| | [Remote Services](https://attack.mitre.org/techniques/T1021/) |
|
||
|
| [Collection](https://attack.mitre.org/tactics/TA0009/) | [Data From Local System](https://attack.mitre.org/techniques/T1005) |
|
||
|
| [Command And Control](https://attack.mitre.org/tactics/TA0011/) | [Connection Proxy](https://attack.mitre.org/techniques/T1090/) |
|
||
|
| | [Uncommonly Used Port](https://attack.mitre.org/techniques/T1065/) |
|
||
|
| | [Multi-hop Proxy](https://attack.mitre.org/techniques/T1188/) |
|
||
|
| [Exfiltration](https://attack.mitre.org/tactics/TA0010/) | [Exfiltration Over Command And Control Channel](https://attack.mitre.org/techniques/T1041/)|
|
||
|
| | |
|