T1537_AWS | Transfer Data to Cloud Account | AWS | Exfiltration | MITRE ATT&CK |
T1619_AWS | Cloud Storage Object Discovery(AWS) | AWS | Discovery | MITRE ATT&CK |
T1098.001_AWS | Account Manipulation: Additional Cloud Credentials | AWS | Persistence | MITRE ATT&CK |
T1204.002_AWS | User Execution: Malicious File (AWS) | AWS | Execution | MITRE ATT&CK |
T1648_AWS | Serverless Execution | AWS | Execution | MITRE ATT&CK |
T1087.004_AWS | Account Discovery: Cloud Account (AWS) | AWS | Discovery | MITRE ATT&CK |
T1530_AWS | Data from Cloud Storage Object (AWS) | AWS | Collection | MITRE ATT&CK |
T1133_AWS | External Remote Services | Windows | Initial Access, Persistence | MITRE ATT&CK |
T1190_Aws | Exploit Public-Facing Application (Aws) | Aws | Initial Access, Persistence | MITRE ATT&CK |
T1528_AWS | Steal Application Access Token (AWS) | AWS | Collection | MITRE ATT&CK |
T1580_AWS | Cloud Infrastructure Discovery(AWS) | AWS | Discovery | MITRE ATT&CK |
T1069.003_AWS | Permission Groups Discovery: Cloud Groups (AWS) | AWS | Discovery | MITRE ATT&CK |
T1133_Azure | Exploit Public-Facing Application (Azure) | Entra ID | Initial Access, Persistence | MITRE ATT&CK |
T0820_ICS | Exploitation for Evasion | OT | Evasion | MITRE ATT&CK |
T0846_ICS | Remote System Discovery | OT | Discovery | MITRE ATT&CK |
T0814_ICS | Denial of Service | OT | Inhibit Response Function | MITRE ATT&CK |
T0891_ICS | Hardcoded Credentials | OT | Lateral Movement, Persistence | MITRE ATT&CK |
T0812_ICS | Default Credentials | OT | Lateral Movement | MITRE ATT&CK |
T0843_ICS | Program Download | OT | Lateral Movement | MITRE ATT&CK |
T0866_ICS | Exploitation of Remote Services | OT | Initial Access, Lateral Movement | MITRE ATT&CK |
T1133_Windows | External Remote Services (Windows) | Windows | Persistence, Initial Access | MITRE ATT&CK |
T1068_Windows | Exploitation for Privilege Escalation (Windows) | Windows | Privilege Escalation | MITRE ATT&CK |
T1114.002_Windows | Remote Email Collection | Windows | Collection | MITRE ATT&CK |
T1207_Windows | Rogue Domain Controller | Windows | Defense Evasion | MITRE ATT&CK |
T1552.005_AWS | Cloud Instance Metadata API | AWS | Credential Access | MITRE ATT&CK |
T1059.004_Linux | Command and Scripting Interpreter: Unix Shell | Linux | Execution | MITRE ATT&CK |
T1555.004_Windows | Credentials from Password Stores: Windows Credential Manager | Windows | Credential Access | MITRE ATT&CK |
T1574.007_Windows | Path Interception by PATH Environment Variable | Windows | Persistence, Privilege Escalation, Defense Evasion | MITRE ATT&CK |
T1003.006_Windows | OS Credential Dumping: DCSync | Windows | Credential Access | MITRE ATT&CK |
T1558.003_Windows | Steal or Forge Kerberos Tickets: Kerberoasting | Windows | Credential Access | MITRE ATT&CK |
T1499.004 | Endpoint Denial of Service: Application or System Exploitation | Azure AD, Google Workspace, IaaS, Linux, Office 365, SaaS, Windows, macOS | Impact | MITRE ATT&CK |
T1021.001_Windows | Remote Services: Remote Desktop Protocol | Windows | Lateral Movement | MITRE ATT&CK |
T1021.006_Windows | Remote Services: Windows Remote Management | Windows | Lateral Movement | MITRE ATT&CK |
T1548_Windows | Abuse Elevation Control Mechanism | Windows | Privilege Escalation, Defense Evasion | MITRE ATT&CK |
T1548.005_Azure | Abuse Elevation Control Mechanism: Temporary Elevated Cloud Access | Entra ID | Defense Evasion, Privilege Escalation | MITRE ATT&CK |
1078.001 | Valid Accounts: Default Accounts | Azure AD, Containers, Google Workspace, IaaS, Linux, Office 365, SaaS, Windows, macOS | Defense Evasion, Persistence, Privilege Escalation, Initial Access | MITRE ATT&CK |
T1069.002_Windows | Permission Groups Discovery: Domain Groups | Windows | Discovery | MITRE ATT&CK |
T1574.010_Windows | Hijack Execution Flow: Services File Permissions Weakness | Windows | Persistence, Privilege Escalation, Defense Evasion | MITRE ATT&CK |
T1592.002_PRE | Gather Victim Host Information: Software | PRE | Reconnaissance | MITRE ATT&CK |
WAS.112684 | Client Side Template Injection | Web Application | Injection | OWASP |
WAS.98117 | Blind SQL Injection (differential analysis) | Web Application | Injection | OWASP |
WAS.98118 | Blind SQL Injection (timing attack) | Web Application | Injection | OWASP |
WAS.98127 | LDAP Injection Authentication Bypass | Web Application | Injection | OWASP |
WAS.113634 | Server-Side Includes (SSI) Injection | Web Application | Injection | OWASP |
T1557.001_Windows | Adversary-in-the-Middle: LLMNR/NBT-NS Poisoning and SMB Relay | Windows | Credential Access, Collection | MITRE ATT&CK |
T1484.002_Azure | Domain Policy Modification: Trust Modification(Azure) | Entra ID | Defense Evasion, Privilege Escalation | MITRE ATT&CK |
T1003.003_Windows | OS Credential Dumping: NTDS | Windows | Credential Access | MITRE ATT&CK |
T1007_Windows | System Service Discovery (Windows) | Windows | Discovery | MITRE ATT&CK |
T1040_Windows | Network Sniffing (Windows) | Windows | Credential Access, Discovery | MITRE ATT&CK |
T1048.001_Windows | Exfiltration Over Alternative Protocol: Exfiltration Over Symmetric Encrypted Non-C2 Protocol (Windows) | Windows | Exfiltration | MITRE ATT&CK |