Links

TTPs

  • T1499 - Endpoint Denial of Service
  • T1005 - Data from Local System
  • T1021 - Remote Services
  • T1027 - Obfuscated Files or Information
  • T1036 - Masquerading
  • T1047 - Windows Management Instrumentation
  • T1048 - Exfiltration Over Alternative Protocol
  • T1055 - Process Injection
  • T1074 - Data Staged
  • T1090 - Proxy
  • T1105 - Ingress Tool Transfer
  • T1140 - Deobfuscate/Decode Files or Information
  • T1190 - Exploit Public-Facing Application
  • T1498 - Network Denial of Service
  • T1550 - Use Alternate Authentication Material
  • T1560 - Archive Collected Data