use-mitre-attack
Version:
Simple representation of MITRE ATT&CK data
1,663 lines (1,662 loc) • 200 kB
JSON
{
"tactics": {
"TA0009": {
"id": "TA0009",
"name": "Collection",
"url": "https://attack.mitre.org/tactics/TA0009",
"techniques": [
"T1557",
"T1560",
"T1123",
"T1119",
"T1185",
"T1115",
"T1074",
"T1530",
"T1602",
"T1213",
"T1005",
"T1039",
"T1025",
"T1114",
"T1056",
"T1113",
"T1125"
]
},
"TA0011": {
"id": "TA0011",
"name": "Command and Control",
"url": "https://attack.mitre.org/tactics/TA0011",
"techniques": [
"T1071",
"T1092",
"T1132",
"T1001",
"T1568",
"T1573",
"T1008",
"T1105",
"T1104",
"T1095",
"T1571",
"T1572",
"T1090",
"T1219",
"T1205",
"T1102"
]
},
"TA0006": {
"id": "TA0006",
"name": "Credential Access",
"url": "https://attack.mitre.org/tactics/TA0006",
"techniques": [
"T1557",
"T1110",
"T1555",
"T1212",
"T1187",
"T1606",
"T1056",
"T1556",
"T1040",
"T1003",
"T1528",
"T1539",
"T1558",
"T1111",
"T1552"
]
},
"TA0005": {
"id": "TA0005",
"name": "Defense Evasion",
"url": "https://attack.mitre.org/tactics/TA0005",
"techniques": [
"T1548",
"T1134",
"T1197",
"T1612",
"T1140",
"T1610",
"T1006",
"T1484",
"T1480",
"T1211",
"T1222",
"T1564",
"T1574",
"T1562",
"T1070",
"T1202",
"T1036",
"T1556",
"T1578",
"T1112",
"T1601",
"T1599",
"T1027",
"T1542",
"T1055",
"T1620",
"T1207",
"T1014",
"T1218",
"T1216",
"T1553",
"T1221",
"T1205",
"T1127",
"T1535",
"T1550",
"T1078",
"T1497",
"T1600",
"T1220"
]
},
"TA0007": {
"id": "TA0007",
"name": "Discovery",
"url": "https://attack.mitre.org/tactics/TA0007",
"techniques": [
"T1087",
"T1010",
"T1217",
"T1580",
"T1538",
"T1526",
"T1619",
"T1613",
"T1482",
"T1083",
"T1615",
"T1046",
"T1135",
"T1040",
"T1201",
"T1120",
"T1069",
"T1057",
"T1012",
"T1018",
"T1518",
"T1082",
"T1614",
"T1016",
"T1049",
"T1033",
"T1007",
"T1124",
"T1497"
]
},
"TA0002": {
"id": "TA0002",
"name": "Execution",
"url": "https://attack.mitre.org/tactics/TA0002",
"techniques": [
"T1059",
"T1609",
"T1610",
"T1203",
"T1559",
"T1106",
"T1053",
"T1129",
"T1072",
"T1569",
"T1204",
"T1047"
]
},
"TA0010": {
"id": "TA0010",
"name": "Exfiltration",
"url": "https://attack.mitre.org/tactics/TA0010",
"techniques": [
"T1020",
"T1030",
"T1048",
"T1041",
"T1011",
"T1052",
"T1567",
"T1029",
"T1537"
]
},
"TA0040": {
"id": "TA0040",
"name": "Impact",
"url": "https://attack.mitre.org/tactics/TA0040",
"techniques": [
"T1531",
"T1485",
"T1486",
"T1565",
"T1491",
"T1561",
"T1499",
"T1495",
"T1490",
"T1498",
"T1496",
"T1489",
"T1529"
]
},
"TA0001": {
"id": "TA0001",
"name": "Initial Access",
"url": "https://attack.mitre.org/tactics/TA0001",
"techniques": [
"T1189",
"T1190",
"T1133",
"T1200",
"T1566",
"T1091",
"T1195",
"T1199",
"T1078"
]
},
"TA0008": {
"id": "TA0008",
"name": "Lateral Movement",
"url": "https://attack.mitre.org/tactics/TA0008",
"techniques": [
"T1210",
"T1534",
"T1570",
"T1563",
"T1021",
"T1091",
"T1072",
"T1080",
"T1550"
]
},
"TA0003": {
"id": "TA0003",
"name": "Persistence",
"url": "https://attack.mitre.org/tactics/TA0003",
"techniques": [
"T1098",
"T1197",
"T1547",
"T1037",
"T1176",
"T1554",
"T1136",
"T1543",
"T1546",
"T1133",
"T1574",
"T1525",
"T1556",
"T1137",
"T1542",
"T1053",
"T1505",
"T1205",
"T1078"
]
},
"TA0004": {
"id": "TA0004",
"name": "Privilege Escalation",
"url": "https://attack.mitre.org/tactics/TA0004",
"techniques": [
"T1548",
"T1134",
"T1547",
"T1037",
"T1543",
"T1484",
"T1611",
"T1546",
"T1068",
"T1574",
"T1055",
"T1053",
"T1078"
]
},
"TA0043": {
"id": "TA0043",
"name": "Reconnaissance",
"url": "https://attack.mitre.org/tactics/TA0043",
"techniques": [
"T1595",
"T1592",
"T1589",
"T1590",
"T1591",
"T1598",
"T1597",
"T1596",
"T1593",
"T1594"
]
},
"TA0042": {
"id": "TA0042",
"name": "Resource Development",
"url": "https://attack.mitre.org/tactics/TA0042",
"techniques": [
"T1583",
"T1586",
"T1584",
"T1587",
"T1585",
"T1588",
"T1608"
]
}
},
"techniques": {
"T1003.008": {
"id": "T1003.008",
"name": "/etc/passwd and /etc/shadow",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1003/008",
"relation": {
"technique": "T1003"
}
},
"T1557.002": {
"id": "T1557.002",
"name": "ARP Cache Poisoning",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1557/002",
"relation": {
"technique": "T1557"
}
},
"T1558.004": {
"id": "T1558.004",
"name": "AS-REP Roasting",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1558/004",
"relation": {
"technique": "T1558"
}
},
"T1548": {
"id": "T1548",
"name": "Abuse Elevation Control Mechanism",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1548",
"relation": {
"subTechniques": [
"T1548.002",
"T1548.004",
"T1548.001",
"T1548.003"
],
"tactics": [
"TA0004",
"TA0005"
]
}
},
"T1134": {
"id": "T1134",
"name": "Access Token Manipulation",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1134",
"relation": {
"subTechniques": [
"T1134.002",
"T1134.003",
"T1134.004",
"T1134.005",
"T1134.001"
],
"tactics": [
"TA0005",
"TA0004"
]
}
},
"T1546.008": {
"id": "T1546.008",
"name": "Accessibility Features",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1546/008",
"relation": {
"technique": "T1546"
}
},
"T1531": {
"id": "T1531",
"name": "Account Access Removal",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1531",
"relation": {
"subTechniques": [],
"tactics": [
"TA0040"
]
}
},
"T1087": {
"id": "T1087",
"name": "Account Discovery",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1087",
"relation": {
"subTechniques": [
"T1087.004",
"T1087.002",
"T1087.003",
"T1087.001"
],
"tactics": [
"TA0007"
]
}
},
"T1098": {
"id": "T1098",
"name": "Account Manipulation",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1098",
"relation": {
"subTechniques": [
"T1098.003",
"T1098.001",
"T1098.002",
"T1098.004"
],
"tactics": [
"TA0003"
]
}
},
"T1583": {
"id": "T1583",
"name": "Acquire Infrastructure",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1583",
"relation": {
"subTechniques": [
"T1583.005",
"T1583.002",
"T1583.001",
"T1583.004",
"T1583.003",
"T1583.006"
],
"tactics": [
"TA0042"
]
}
},
"T1595": {
"id": "T1595",
"name": "Active Scanning",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1595",
"relation": {
"subTechniques": [
"T1595.001",
"T1595.002"
],
"tactics": [
"TA0043"
]
}
},
"T1547.014": {
"id": "T1547.014",
"name": "Active Setup",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1547/014",
"relation": {
"technique": "T1547"
}
},
"T1098.003": {
"id": "T1098.003",
"name": "Add Office 365 Global Administrator Role",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1098/003",
"relation": {
"technique": "T1098"
}
},
"T1137.006": {
"id": "T1137.006",
"name": "Add-ins",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1137/006",
"relation": {
"technique": "T1137"
}
},
"T1098.001": {
"id": "T1098.001",
"name": "Additional Cloud Credentials",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1098/001",
"relation": {
"technique": "T1098"
}
},
"T1557": {
"id": "T1557",
"name": "Adversary-in-the-Middle",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1557",
"relation": {
"subTechniques": [
"T1557.002",
"T1557.001"
],
"tactics": [
"TA0006",
"TA0009"
]
}
},
"T1546.009": {
"id": "T1546.009",
"name": "AppCert DLLs",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1546/009",
"relation": {
"technique": "T1546"
}
},
"T1546.010": {
"id": "T1546.010",
"name": "AppInit DLLs",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1546/010",
"relation": {
"technique": "T1546"
}
},
"T1059.002": {
"id": "T1059.002",
"name": "AppleScript",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1059/002",
"relation": {
"technique": "T1059"
}
},
"T1550.001": {
"id": "T1550.001",
"name": "Application Access Token",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1550/001",
"relation": {
"technique": "T1550"
}
},
"T1499.003": {
"id": "T1499.003",
"name": "Application Exhaustion Flood",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1499/003",
"relation": {
"technique": "T1499"
}
},
"T1071": {
"id": "T1071",
"name": "Application Layer Protocol",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1071",
"relation": {
"subTechniques": [
"T1071.004",
"T1071.002",
"T1071.003",
"T1071.001"
],
"tactics": [
"TA0011"
]
}
},
"T1546.011": {
"id": "T1546.011",
"name": "Application Shimming",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1546/011",
"relation": {
"technique": "T1546"
}
},
"T1010": {
"id": "T1010",
"name": "Application Window Discovery",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1010",
"relation": {
"subTechniques": [],
"tactics": [
"TA0007"
]
}
},
"T1499.004": {
"id": "T1499.004",
"name": "Application or System Exploitation",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1499/004",
"relation": {
"technique": "T1499"
}
},
"T1560": {
"id": "T1560",
"name": "Archive Collected Data",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1560",
"relation": {
"subTechniques": [
"T1560.003",
"T1560.002",
"T1560.001"
],
"tactics": [
"TA0009"
]
}
},
"T1560.003": {
"id": "T1560.003",
"name": "Archive via Custom Method",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1560/003",
"relation": {
"technique": "T1560"
}
},
"T1560.002": {
"id": "T1560.002",
"name": "Archive via Library",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1560/002",
"relation": {
"technique": "T1560"
}
},
"T1560.001": {
"id": "T1560.001",
"name": "Archive via Utility",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1560/001",
"relation": {
"technique": "T1560"
}
},
"T1573.002": {
"id": "T1573.002",
"name": "Asymmetric Cryptography",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1573/002",
"relation": {
"technique": "T1573"
}
},
"T1055.004": {
"id": "T1055.004",
"name": "Asynchronous Procedure Call",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1055/004",
"relation": {
"technique": "T1055"
}
},
"T1053.001": {
"id": "T1053.001",
"name": "At (Linux)",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1053/001",
"relation": {
"technique": "T1053"
}
},
"T1053.002": {
"id": "T1053.002",
"name": "At (Windows)",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1053/002",
"relation": {
"technique": "T1053"
}
},
"T1123": {
"id": "T1123",
"name": "Audio Capture",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1123",
"relation": {
"subTechniques": [],
"tactics": [
"TA0009"
]
}
},
"T1547.002": {
"id": "T1547.002",
"name": "Authentication Package",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1547/002",
"relation": {
"technique": "T1547"
}
},
"T1119": {
"id": "T1119",
"name": "Automated Collection",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1119",
"relation": {
"subTechniques": [],
"tactics": [
"TA0009"
]
}
},
"T1020": {
"id": "T1020",
"name": "Automated Exfiltration",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1020",
"relation": {
"subTechniques": [
"T1020.001"
],
"tactics": [
"TA0010"
]
}
},
"T1197": {
"id": "T1197",
"name": "BITS Jobs",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1197",
"relation": {
"subTechniques": [],
"tactics": [
"TA0005",
"TA0003"
]
}
},
"T1552.003": {
"id": "T1552.003",
"name": "Bash History",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1552/003",
"relation": {
"technique": "T1552"
}
},
"T1102.002": {
"id": "T1102.002",
"name": "Bidirectional Communication",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1102/002",
"relation": {
"technique": "T1102"
}
},
"T1027.001": {
"id": "T1027.001",
"name": "Binary Padding",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1027/001",
"relation": {
"technique": "T1027"
}
},
"T1547": {
"id": "T1547",
"name": "Boot or Logon Autostart Execution",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1547",
"relation": {
"subTechniques": [
"T1547.014",
"T1547.002",
"T1547.006",
"T1547.008",
"T1547.015",
"T1547.011",
"T1547.010",
"T1547.012",
"T1547.007",
"T1547.001",
"T1547.005",
"T1547.009",
"T1547.003",
"T1547.004",
"T1547.013"
],
"tactics": [
"TA0003",
"TA0004"
]
}
},
"T1037": {
"id": "T1037",
"name": "Boot or Logon Initialization Scripts",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1037",
"relation": {
"subTechniques": [
"T1037.002",
"T1037.001",
"T1037.003",
"T1037.004",
"T1037.005"
],
"tactics": [
"TA0003",
"TA0004"
]
}
},
"T1542.003": {
"id": "T1542.003",
"name": "Bootkit",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1542/003",
"relation": {
"technique": "T1542"
}
},
"T1583.005": {
"id": "T1583.005",
"name": "Botnet",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1583/005",
"relation": {
"technique": "T1583"
}
},
"T1584.005": {
"id": "T1584.005",
"name": "Botnet",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1584/005",
"relation": {
"technique": "T1584"
}
},
"T1217": {
"id": "T1217",
"name": "Browser Bookmark Discovery",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1217",
"relation": {
"subTechniques": [],
"tactics": [
"TA0007"
]
}
},
"T1176": {
"id": "T1176",
"name": "Browser Extensions",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1176",
"relation": {
"subTechniques": [],
"tactics": [
"TA0003"
]
}
},
"T1185": {
"id": "T1185",
"name": "Browser Session Hijacking",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1185",
"relation": {
"subTechniques": [],
"tactics": [
"TA0009"
]
}
},
"T1110": {
"id": "T1110",
"name": "Brute Force",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1110",
"relation": {
"subTechniques": [
"T1110.004",
"T1110.002",
"T1110.001",
"T1110.003"
],
"tactics": [
"TA0006"
]
}
},
"T1612": {
"id": "T1612",
"name": "Build Image on Host",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1612",
"relation": {
"subTechniques": [],
"tactics": [
"TA0005"
]
}
},
"T1591.002": {
"id": "T1591.002",
"name": "Business Relationships",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1591/002",
"relation": {
"technique": "T1591"
}
},
"T1548.002": {
"id": "T1548.002",
"name": "Bypass User Account Control",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1548/002",
"relation": {
"technique": "T1548"
}
},
"T1596.004": {
"id": "T1596.004",
"name": "CDNs",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1596/004",
"relation": {
"technique": "T1596"
}
},
"T1218.003": {
"id": "T1218.003",
"name": "CMSTP",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1218/003",
"relation": {
"technique": "T1218"
}
},
"T1574.012": {
"id": "T1574.012",
"name": "COR_PROFILER",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1574/012",
"relation": {
"technique": "T1574"
}
},
"T1003.005": {
"id": "T1003.005",
"name": "Cached Domain Credentials",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1003/005",
"relation": {
"technique": "T1003"
}
},
"T1546.001": {
"id": "T1546.001",
"name": "Change Default File Association",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1546/001",
"relation": {
"technique": "T1546"
}
},
"T1070.003": {
"id": "T1070.003",
"name": "Clear Command History",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1070/003",
"relation": {
"technique": "T1070"
}
},
"T1070.002": {
"id": "T1070.002",
"name": "Clear Linux or Mac System Logs",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1070/002",
"relation": {
"technique": "T1070"
}
},
"T1070.001": {
"id": "T1070.001",
"name": "Clear Windows Event Logs",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1070/001",
"relation": {
"technique": "T1070"
}
},
"T1592.004": {
"id": "T1592.004",
"name": "Client Configurations",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1592/004",
"relation": {
"technique": "T1592"
}
},
"T1115": {
"id": "T1115",
"name": "Clipboard Data",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1115",
"relation": {
"subTechniques": [],
"tactics": [
"TA0009"
]
}
},
"T1136.003": {
"id": "T1136.003",
"name": "Cloud Account",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1136/003",
"relation": {
"technique": "T1136"
}
},
"T1087.004": {
"id": "T1087.004",
"name": "Cloud Account",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1087/004",
"relation": {
"technique": "T1087"
}
},
"T1078.004": {
"id": "T1078.004",
"name": "Cloud Accounts",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1078/004",
"relation": {
"technique": "T1078"
}
},
"T1069.003": {
"id": "T1069.003",
"name": "Cloud Groups",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1069/003",
"relation": {
"technique": "T1069"
}
},
"T1580": {
"id": "T1580",
"name": "Cloud Infrastructure Discovery",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1580",
"relation": {
"subTechniques": [],
"tactics": [
"TA0007"
]
}
},
"T1552.005": {
"id": "T1552.005",
"name": "Cloud Instance Metadata API",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1552/005",
"relation": {
"technique": "T1552"
}
},
"T1538": {
"id": "T1538",
"name": "Cloud Service Dashboard",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1538",
"relation": {
"subTechniques": [],
"tactics": [
"TA0007"
]
}
},
"T1526": {
"id": "T1526",
"name": "Cloud Service Discovery",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1526",
"relation": {
"subTechniques": [],
"tactics": [
"TA0007"
]
}
},
"T1619": {
"id": "T1619",
"name": "Cloud Storage Object Discovery",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1619",
"relation": {
"subTechniques": [],
"tactics": [
"TA0007"
]
}
},
"T1213.003": {
"id": "T1213.003",
"name": "Code Repositories",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1213/003",
"relation": {
"technique": "T1213"
}
},
"T1553.002": {
"id": "T1553.002",
"name": "Code Signing",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1553/002",
"relation": {
"technique": "T1553"
}
},
"T1587.002": {
"id": "T1587.002",
"name": "Code Signing Certificates",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1587/002",
"relation": {
"technique": "T1587"
}
},
"T1588.003": {
"id": "T1588.003",
"name": "Code Signing Certificates",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1588/003",
"relation": {
"technique": "T1588"
}
},
"T1553.006": {
"id": "T1553.006",
"name": "Code Signing Policy Modification",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1553/006",
"relation": {
"technique": "T1553"
}
},
"T1059": {
"id": "T1059",
"name": "Command and Scripting Interpreter",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1059",
"relation": {
"subTechniques": [
"T1059.002",
"T1059.007",
"T1059.008",
"T1059.001",
"T1059.006",
"T1059.004",
"T1059.005",
"T1059.003"
],
"tactics": [
"TA0002"
]
}
},
"T1092": {
"id": "T1092",
"name": "Communication Through Removable Media",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1092",
"relation": {
"subTechniques": [],
"tactics": [
"TA0011"
]
}
},
"T1027.004": {
"id": "T1027.004",
"name": "Compile After Delivery",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1027/004",
"relation": {
"technique": "T1027"
}
},
"T1218.001": {
"id": "T1218.001",
"name": "Compiled HTML File",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1218/001",
"relation": {
"technique": "T1218"
}
},
"T1542.002": {
"id": "T1542.002",
"name": "Component Firmware",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1542/002",
"relation": {
"technique": "T1542"
}
},
"T1559.001": {
"id": "T1559.001",
"name": "Component Object Model",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1559/001",
"relation": {
"technique": "T1559"
}
},
"T1546.015": {
"id": "T1546.015",
"name": "Component Object Model Hijacking",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1546/015",
"relation": {
"technique": "T1546"
}
},
"T1586": {
"id": "T1586",
"name": "Compromise Accounts",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1586",
"relation": {
"subTechniques": [
"T1586.002",
"T1586.001"
],
"tactics": [
"TA0042"
]
}
},
"T1554": {
"id": "T1554",
"name": "Compromise Client Software Binary",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1554",
"relation": {
"subTechniques": [],
"tactics": [
"TA0003"
]
}
},
"T1195.003": {
"id": "T1195.003",
"name": "Compromise Hardware Supply Chain",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1195/003",
"relation": {
"technique": "T1195"
}
},
"T1584": {
"id": "T1584",
"name": "Compromise Infrastructure",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1584",
"relation": {
"subTechniques": [
"T1584.005",
"T1584.002",
"T1584.001",
"T1584.004",
"T1584.003",
"T1584.006"
],
"tactics": [
"TA0042"
]
}
},
"T1195.001": {
"id": "T1195.001",
"name": "Compromise Software Dependencies and Development Tools",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1195/001",
"relation": {
"technique": "T1195"
}
},
"T1195.002": {
"id": "T1195.002",
"name": "Compromise Software Supply Chain",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1195/002",
"relation": {
"technique": "T1195"
}
},
"T1213.001": {
"id": "T1213.001",
"name": "Confluence",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1213/001",
"relation": {
"technique": "T1213"
}
},
"T1552.007": {
"id": "T1552.007",
"name": "Container API",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1552/007",
"relation": {
"technique": "T1552"
}
},
"T1609": {
"id": "T1609",
"name": "Container Administration Command",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1609",
"relation": {
"subTechniques": [],
"tactics": [
"TA0002"
]
}
},
"T1053.007": {
"id": "T1053.007",
"name": "Container Orchestration Job",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1053/007",
"relation": {
"technique": "T1053"
}
},
"T1613": {
"id": "T1613",
"name": "Container and Resource Discovery",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1613",
"relation": {
"subTechniques": [],
"tactics": [
"TA0007"
]
}
},
"T1218.002": {
"id": "T1218.002",
"name": "Control Panel",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1218/002",
"relation": {
"technique": "T1218"
}
},
"T1136": {
"id": "T1136",
"name": "Create Account",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1136",
"relation": {
"subTechniques": [
"T1136.003",
"T1136.002",
"T1136.001"
],
"tactics": [
"TA0003"
]
}
},
"T1578.002": {
"id": "T1578.002",
"name": "Create Cloud Instance",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1578/002",
"relation": {
"technique": "T1578"
}
},
"T1134.002": {
"id": "T1134.002",
"name": "Create Process with Token",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1134/002",
"relation": {
"technique": "T1134"
}
},
"T1578.001": {
"id": "T1578.001",
"name": "Create Snapshot",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1578/001",
"relation": {
"technique": "T1578"
}
},
"T1543": {
"id": "T1543",
"name": "Create or Modify System Process",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1543",
"relation": {
"subTechniques": [
"T1543.001",
"T1543.004",
"T1543.002",
"T1543.003"
],
"tactics": [
"TA0003",
"TA0004"
]
}
},
"T1056.004": {
"id": "T1056.004",
"name": "Credential API Hooking",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1056/004",
"relation": {
"technique": "T1056"
}
},
"T1110.004": {
"id": "T1110.004",
"name": "Credential Stuffing",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1110/004",
"relation": {
"technique": "T1110"
}
},
"T1589.001": {
"id": "T1589.001",
"name": "Credentials",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1589/001",
"relation": {
"technique": "T1589"
}
},
"T1552.001": {
"id": "T1552.001",
"name": "Credentials In Files",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1552/001",
"relation": {
"technique": "T1552"
}
},
"T1555": {
"id": "T1555",
"name": "Credentials from Password Stores",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1555",
"relation": {
"subTechniques": [
"T1555.003",
"T1555.001",
"T1555.005",
"T1555.002",
"T1555.004"
],
"tactics": [
"TA0006"
]
}
},
"T1555.003": {
"id": "T1555.003",
"name": "Credentials from Web Browsers",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1555/003",
"relation": {
"technique": "T1555"
}
},
"T1552.002": {
"id": "T1552.002",
"name": "Credentials in Registry",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1552/002",
"relation": {
"technique": "T1552"
}
},
"T1053.003": {
"id": "T1053.003",
"name": "Cron",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1053/003",
"relation": {
"technique": "T1053"
}
},
"T1003.006": {
"id": "T1003.006",
"name": "DCSync",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1003/006",
"relation": {
"technique": "T1003"
}
},
"T1574.001": {
"id": "T1574.001",
"name": "DLL Search Order Hijacking",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1574/001",
"relation": {
"technique": "T1574"
}
},
"T1574.002": {
"id": "T1574.002",
"name": "DLL Side-Loading",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1574/002",
"relation": {
"technique": "T1574"
}
},
"T1071.004": {
"id": "T1071.004",
"name": "DNS",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1071/004",
"relation": {
"technique": "T1071"
}
},
"T1590.002": {
"id": "T1590.002",
"name": "DNS",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1590/002",
"relation": {
"technique": "T1590"
}
},
"T1568.003": {
"id": "T1568.003",
"name": "DNS Calculation",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1568/003",
"relation": {
"technique": "T1568"
}
},
"T1583.002": {
"id": "T1583.002",
"name": "DNS Server",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1583/002",
"relation": {
"technique": "T1583"
}
},
"T1584.002": {
"id": "T1584.002",
"name": "DNS Server",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1584/002",
"relation": {
"technique": "T1584"
}
},
"T1596.001": {
"id": "T1596.001",
"name": "DNS/Passive DNS",
"isSubTechnique": true,
"url": "https://attack.mitre.org/techniques/T1596/001",
"relation": {
"technique": "T1596"
}
},
"T1485": {
"id": "T1485",
"name": "Data Destruction",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1485",
"relation": {
"subTechniques": [],
"tactics": [
"TA0040"
]
}
},
"T1132": {
"id": "T1132",
"name": "Data Encoding",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1132",
"relation": {
"subTechniques": [
"T1132.002",
"T1132.001"
],
"tactics": [
"TA0011"
]
}
},
"T1486": {
"id": "T1486",
"name": "Data Encrypted for Impact",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1486",
"relation": {
"subTechniques": [],
"tactics": [
"TA0040"
]
}
},
"T1565": {
"id": "T1565",
"name": "Data Manipulation",
"isSubTechnique": false,
"url": "https://attack.mitre.org/techniques/T1565",
"relation": {
"subTechniques": [
"T1565.003",
"T1565.001",
"T1565.002"
],
"tactics": [
"TA0040"
]
}
},
"T1001": {