Technique(value)
MITRE ATT&CK techniques that can be referenced by SCC findings. See: https://attack.mitre.org/techniques/enterprise/ Next ID: 65
Enums |
|
---|---|
Name | Description |
TECHNIQUE_UNSPECIFIED |
Unspecified value. |
MASQUERADING |
T1036 |
MATCH_LEGITIMATE_NAME_OR_LOCATION |
T1036.005 |
BOOT_OR_LOGON_INITIALIZATION_SCRIPTS |
T1037 |
STARTUP_ITEMS |
T1037.005 |
NETWORK_SERVICE_DISCOVERY |
T1046 |
PROCESS_DISCOVERY |
T1057 |
COMMAND_AND_SCRIPTING_INTERPRETER |
T1059 |
UNIX_SHELL |
T1059.004 |
PYTHON |
T1059.006 |
EXPLOITATION_FOR_PRIVILEGE_ESCALATION |
T1068 |
PERMISSION_GROUPS_DISCOVERY |
T1069 |
CLOUD_GROUPS |
T1069.003 |
INDICATOR_REMOVAL_FILE_DELETION |
T1070.004 |
APPLICATION_LAYER_PROTOCOL |
T1071 |
DNS |
T1071.004 |
SOFTWARE_DEPLOYMENT_TOOLS |
T1072 |
VALID_ACCOUNTS |
T1078 |
DEFAULT_ACCOUNTS |
T1078.001 |
LOCAL_ACCOUNTS |
T1078.003 |
CLOUD_ACCOUNTS |
T1078.004 |
PROXY |
T1090 |
EXTERNAL_PROXY |
T1090.002 |
MULTI_HOP_PROXY |
T1090.003 |
ACCOUNT_MANIPULATION |
T1098 |
ADDITIONAL_CLOUD_CREDENTIALS |
T1098.001 |
SSH_AUTHORIZED_KEYS |
T1098.004 |
ADDITIONAL_CONTAINER_CLUSTER_ROLES |
T1098.006 |
INGRESS_TOOL_TRANSFER |
T1105 |
NATIVE_API |
T1106 |
BRUTE_FORCE |
T1110 |
SHARED_MODULES |
T1129 |
ACCESS_TOKEN_MANIPULATION |
T1134 |
TOKEN_IMPERSONATION_OR_THEFT |
T1134.001 |
EXPLOIT_PUBLIC_FACING_APPLICATION |
T1190 |
DOMAIN_POLICY_MODIFICATION |
T1484 |
DATA_DESTRUCTION |
T1485 |
SERVICE_STOP |
T1489 |
INHIBIT_SYSTEM_RECOVERY |
T1490 |
RESOURCE_HIJACKING |
T1496 |
NETWORK_DENIAL_OF_SERVICE |
T1498 |
CLOUD_SERVICE_DISCOVERY |
T1526 |
STEAL_APPLICATION_ACCESS_TOKEN |
T1528 |
ACCOUNT_ACCESS_REMOVAL |
T1531 |
STEAL_WEB_SESSION_COOKIE |
T1539 |
CREATE_OR_MODIFY_SYSTEM_PROCESS |
T1543 |
ABUSE_ELEVATION_CONTROL_MECHANISM |
T1548 |
UNSECURED_CREDENTIALS |
T1552 |
MODIFY_AUTHENTICATION_PROCESS |
T1556 |
IMPAIR_DEFENSES |
T1562 |
DISABLE_OR_MODIFY_TOOLS |
T1562.001 |
EXFILTRATION_OVER_WEB_SERVICE |
T1567 |
EXFILTRATION_TO_CLOUD_STORAGE |
T1567.002 |
DYNAMIC_RESOLUTION |
T1568 |
LATERAL_TOOL_TRANSFER |
T1570 |
MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE |
T1578 |
CREATE_SNAPSHOT |
T1578.001 |
CLOUD_INFRASTRUCTURE_DISCOVERY |
T1580 |
OBTAIN_CAPABILITIES |
T1588 |
ACTIVE_SCANNING |
T1595 |
SCANNING_IP_BLOCKS |
T1595.001 |
CONTAINER_ADMINISTRATION_COMMAND |
T1609 |
ESCAPE_TO_HOST |
T1611 |
CONTAINER_AND_RESOURCE_DISCOVERY |
T1613 |
STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES |
T1649 |