├── README.md └── teaching ├── All.json ├── Blue.json ├── Green.json ├── Orange.json ├── Red.json └── Yellow.json /README.md: -------------------------------------------------------------------------------- 1 | # mitre_attack 2 | 3 | ## Teaching 4 | A listing of JSON files which can be used with the ATT&CK Navigator (July 2020 Release - v7.0) to view the five different categories of techniques within the framework. 5 | 6 | - **Blue** These are techniques which are not really exploitable, rather they use other techniques to be viable. 7 | - **Green** These are the easiest techniques to exploit, there is no need for POC malware, scripts, or other tools. 8 | - **Yellow** These techniques usually need some sort of tool, such as Metasploit. 9 | - **Orange** These techniques require some level of infrastructure to setup. Once setup, some are easy and some are more advanced. 10 | - **Red** These are the most advanced techniques which require an in-depth understanding of the OS or custom DLL/EXE files for exploitation. 11 | -**Purple**These are high level techniques which include sub-techniques of varying levels. 12 | -------------------------------------------------------------------------------- /teaching/Blue.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Blue", 3 | "version": "3.0", 4 | "domain": "mitre-enterprise", 5 | "description": "", 6 | "filters": { 7 | "stages": [ 8 | "act" 9 | ], 10 | "platforms": [ 11 | "Windows", 12 | "Linux", 13 | "macOS" 14 | ] 15 | }, 16 | "sorting": 0, 17 | "layout": { 18 | "layout": "side", 19 | "showID": false, 20 | "showName": true 21 | }, 22 | "hideDisabled": false, 23 | "techniques": [ 24 | { 25 | "techniqueID": "T1548", 26 | "tactic": "privilege-escalation", 27 | "color": "", 28 | "comment": "", 29 | "enabled": true, 30 | "metadata": [], 31 | "showSubtechniques": true 32 | }, 33 | { 34 | "techniqueID": "T1548", 35 | "tactic": "defense-evasion", 36 | "color": "", 37 | "comment": "", 38 | "enabled": true, 39 | "metadata": [], 40 | "showSubtechniques": true 41 | }, 42 | { 43 | "techniqueID": "T1134", 44 | "tactic": "defense-evasion", 45 | "color": "", 46 | "comment": "", 47 | "enabled": true, 48 | "metadata": [], 49 | "showSubtechniques": true 50 | }, 51 | { 52 | "techniqueID": "T1134", 53 | "tactic": "privilege-escalation", 54 | "color": "", 55 | "comment": "", 56 | "enabled": true, 57 | "metadata": [], 58 | "showSubtechniques": true 59 | }, 60 | { 61 | "techniqueID": "T1087", 62 | "tactic": "discovery", 63 | "color": "#3182bd", 64 | "comment": "", 65 | "enabled": true, 66 | "metadata": [], 67 | "showSubtechniques": true 68 | }, 69 | { 70 | "techniqueID": "T1087.001", 71 | "tactic": "discovery", 72 | "color": "#3182bd", 73 | "comment": "", 74 | "enabled": true, 75 | "metadata": [], 76 | "showSubtechniques": false 77 | }, 78 | { 79 | "techniqueID": "T1087.002", 80 | "tactic": "discovery", 81 | "color": "#3182bd", 82 | "comment": "", 83 | "enabled": true, 84 | "metadata": [], 85 | "showSubtechniques": false 86 | }, 87 | { 88 | "techniqueID": "T1087.003", 89 | "tactic": "discovery", 90 | "color": "#3182bd", 91 | "comment": "", 92 | "enabled": true, 93 | "metadata": [], 94 | "showSubtechniques": false 95 | }, 96 | { 97 | "techniqueID": "T1098", 98 | "tactic": "persistence", 99 | "color": "", 100 | "comment": "", 101 | "enabled": true, 102 | "metadata": [], 103 | "showSubtechniques": true 104 | }, 105 | { 106 | "techniqueID": "T1071", 107 | "tactic": "command-and-control", 108 | "color": "", 109 | "comment": "", 110 | "enabled": true, 111 | "metadata": [], 112 | "showSubtechniques": true 113 | }, 114 | { 115 | "techniqueID": "T1010", 116 | "tactic": "discovery", 117 | "color": "#3182bd", 118 | "comment": "", 119 | "enabled": true, 120 | "metadata": [], 121 | "showSubtechniques": false 122 | }, 123 | { 124 | "techniqueID": "T1560", 125 | "tactic": "collection", 126 | "color": "", 127 | "comment": "", 128 | "enabled": true, 129 | "metadata": [], 130 | "showSubtechniques": true 131 | }, 132 | { 133 | "techniqueID": "T1119", 134 | "tactic": "collection", 135 | "color": "#3182bd", 136 | "comment": "", 137 | "enabled": true, 138 | "metadata": [], 139 | "showSubtechniques": false 140 | }, 141 | { 142 | "techniqueID": "T1020", 143 | "tactic": "exfiltration", 144 | "color": "#3182bd", 145 | "comment": "", 146 | "enabled": true, 147 | "metadata": [], 148 | "showSubtechniques": false 149 | }, 150 | { 151 | "techniqueID": "T1547", 152 | "tactic": "persistence", 153 | "color": "", 154 | "comment": "", 155 | "enabled": true, 156 | "metadata": [], 157 | "showSubtechniques": true 158 | }, 159 | { 160 | "techniqueID": "T1547", 161 | "tactic": "privilege-escalation", 162 | "color": "", 163 | "comment": "", 164 | "enabled": true, 165 | "metadata": [], 166 | "showSubtechniques": true 167 | }, 168 | { 169 | "techniqueID": "T1037", 170 | "tactic": "persistence", 171 | "color": "", 172 | "comment": "", 173 | "enabled": true, 174 | "metadata": [], 175 | "showSubtechniques": true 176 | }, 177 | { 178 | "techniqueID": "T1037", 179 | "tactic": "privilege-escalation", 180 | "color": "", 181 | "comment": "", 182 | "enabled": true, 183 | "metadata": [], 184 | "showSubtechniques": true 185 | }, 186 | { 187 | "techniqueID": "T1217", 188 | "tactic": "discovery", 189 | "color": "#3182bd", 190 | "comment": "", 191 | "enabled": true, 192 | "metadata": [], 193 | "showSubtechniques": false 194 | }, 195 | { 196 | "techniqueID": "T1110", 197 | "tactic": "credential-access", 198 | "color": "", 199 | "comment": "", 200 | "enabled": true, 201 | "metadata": [], 202 | "showSubtechniques": true 203 | }, 204 | { 205 | "techniqueID": "T1059", 206 | "tactic": "execution", 207 | "color": "", 208 | "comment": "", 209 | "enabled": true, 210 | "metadata": [], 211 | "showSubtechniques": true 212 | }, 213 | { 214 | "techniqueID": "T1136", 215 | "tactic": "persistence", 216 | "color": "", 217 | "comment": "", 218 | "enabled": true, 219 | "metadata": [], 220 | "showSubtechniques": true 221 | }, 222 | { 223 | "techniqueID": "T1543", 224 | "tactic": "persistence", 225 | "color": "", 226 | "comment": "", 227 | "enabled": true, 228 | "metadata": [], 229 | "showSubtechniques": true 230 | }, 231 | { 232 | "techniqueID": "T1543", 233 | "tactic": "privilege-escalation", 234 | "color": "", 235 | "comment": "", 236 | "enabled": true, 237 | "metadata": [], 238 | "showSubtechniques": true 239 | }, 240 | { 241 | "techniqueID": "T1555", 242 | "tactic": "credential-access", 243 | "color": "", 244 | "comment": "", 245 | "enabled": true, 246 | "metadata": [], 247 | "showSubtechniques": true 248 | }, 249 | { 250 | "techniqueID": "T1132", 251 | "tactic": "command-and-control", 252 | "color": "", 253 | "comment": "", 254 | "enabled": true, 255 | "metadata": [], 256 | "showSubtechniques": true 257 | }, 258 | { 259 | "techniqueID": "T1565", 260 | "tactic": "impact", 261 | "color": "", 262 | "comment": "", 263 | "enabled": true, 264 | "metadata": [], 265 | "showSubtechniques": true 266 | }, 267 | { 268 | "techniqueID": "T1001", 269 | "tactic": "command-and-control", 270 | "color": "", 271 | "comment": "", 272 | "enabled": true, 273 | "metadata": [], 274 | "showSubtechniques": true 275 | }, 276 | { 277 | "techniqueID": "T1074", 278 | "tactic": "collection", 279 | "color": "", 280 | "comment": "", 281 | "enabled": true, 282 | "metadata": [], 283 | "showSubtechniques": true 284 | }, 285 | { 286 | "techniqueID": "T1213", 287 | "tactic": "collection", 288 | "color": "", 289 | "comment": "", 290 | "enabled": true, 291 | "metadata": [], 292 | "showSubtechniques": true 293 | }, 294 | { 295 | "techniqueID": "T1005", 296 | "tactic": "collection", 297 | "color": "#3182bd", 298 | "comment": "", 299 | "enabled": true, 300 | "metadata": [], 301 | "showSubtechniques": false 302 | }, 303 | { 304 | "techniqueID": "T1039", 305 | "tactic": "collection", 306 | "color": "#3182bd", 307 | "comment": "", 308 | "enabled": true, 309 | "metadata": [], 310 | "showSubtechniques": false 311 | }, 312 | { 313 | "techniqueID": "T1025", 314 | "tactic": "collection", 315 | "color": "#3182bd", 316 | "comment": "", 317 | "enabled": true, 318 | "metadata": [], 319 | "showSubtechniques": false 320 | }, 321 | { 322 | "techniqueID": "T1491", 323 | "tactic": "impact", 324 | "color": "", 325 | "comment": "", 326 | "enabled": true, 327 | "metadata": [], 328 | "showSubtechniques": true 329 | }, 330 | { 331 | "techniqueID": "T1561", 332 | "tactic": "impact", 333 | "color": "", 334 | "comment": "", 335 | "enabled": true, 336 | "metadata": [], 337 | "showSubtechniques": true 338 | }, 339 | { 340 | "techniqueID": "T1482", 341 | "tactic": "discovery", 342 | "color": "#3182bd", 343 | "comment": "", 344 | "enabled": true, 345 | "metadata": [], 346 | "showSubtechniques": false 347 | }, 348 | { 349 | "techniqueID": "T1568", 350 | "tactic": "command-and-control", 351 | "color": "", 352 | "comment": "", 353 | "enabled": true, 354 | "metadata": [], 355 | "showSubtechniques": true 356 | }, 357 | { 358 | "techniqueID": "T1114", 359 | "tactic": "collection", 360 | "color": "", 361 | "comment": "", 362 | "enabled": true, 363 | "metadata": [], 364 | "showSubtechniques": true 365 | }, 366 | { 367 | "techniqueID": "T1573", 368 | "tactic": "command-and-control", 369 | "color": "", 370 | "comment": "", 371 | "enabled": true, 372 | "metadata": [], 373 | "showSubtechniques": true 374 | }, 375 | { 376 | "techniqueID": "T1499", 377 | "tactic": "impact", 378 | "color": "", 379 | "comment": "", 380 | "enabled": true, 381 | "metadata": [], 382 | "showSubtechniques": true 383 | }, 384 | { 385 | "techniqueID": "T1546", 386 | "tactic": "privilege-escalation", 387 | "color": "", 388 | "comment": "", 389 | "enabled": true, 390 | "metadata": [], 391 | "showSubtechniques": true 392 | }, 393 | { 394 | "techniqueID": "T1546", 395 | "tactic": "persistence", 396 | "color": "", 397 | "comment": "", 398 | "enabled": true, 399 | "metadata": [], 400 | "showSubtechniques": true 401 | }, 402 | { 403 | "techniqueID": "T1480", 404 | "tactic": "defense-evasion", 405 | "color": "", 406 | "comment": "", 407 | "enabled": true, 408 | "metadata": [], 409 | "showSubtechniques": true 410 | }, 411 | { 412 | "techniqueID": "T1048", 413 | "tactic": "exfiltration", 414 | "color": "", 415 | "comment": "", 416 | "enabled": true, 417 | "metadata": [], 418 | "showSubtechniques": true 419 | }, 420 | { 421 | "techniqueID": "T1011", 422 | "tactic": "exfiltration", 423 | "color": "", 424 | "comment": "", 425 | "enabled": true, 426 | "metadata": [], 427 | "showSubtechniques": true 428 | }, 429 | { 430 | "techniqueID": "T1052", 431 | "tactic": "exfiltration", 432 | "color": "", 433 | "comment": "", 434 | "enabled": true, 435 | "metadata": [], 436 | "showSubtechniques": true 437 | }, 438 | { 439 | "techniqueID": "T1567", 440 | "tactic": "exfiltration", 441 | "color": "", 442 | "comment": "", 443 | "enabled": true, 444 | "metadata": [], 445 | "showSubtechniques": true 446 | }, 447 | { 448 | "techniqueID": "T1008", 449 | "tactic": "command-and-control", 450 | "color": "#3182bd", 451 | "comment": "", 452 | "enabled": true, 453 | "metadata": [], 454 | "showSubtechniques": false 455 | }, 456 | { 457 | "techniqueID": "T1083", 458 | "tactic": "discovery", 459 | "color": "#3182bd", 460 | "comment": "", 461 | "enabled": true, 462 | "metadata": [], 463 | "showSubtechniques": false 464 | }, 465 | { 466 | "techniqueID": "T1222", 467 | "tactic": "defense-evasion", 468 | "color": "", 469 | "comment": "", 470 | "enabled": true, 471 | "metadata": [], 472 | "showSubtechniques": true 473 | }, 474 | { 475 | "techniqueID": "T1564", 476 | "tactic": "defense-evasion", 477 | "color": "", 478 | "comment": "", 479 | "enabled": true, 480 | "metadata": [], 481 | "showSubtechniques": true 482 | }, 483 | { 484 | "techniqueID": "T1574", 485 | "tactic": "persistence", 486 | "color": "", 487 | "comment": "", 488 | "enabled": true, 489 | "metadata": [], 490 | "showSubtechniques": true 491 | }, 492 | { 493 | "techniqueID": "T1574", 494 | "tactic": "privilege-escalation", 495 | "color": "", 496 | "comment": "", 497 | "enabled": true, 498 | "metadata": [], 499 | "showSubtechniques": true 500 | }, 501 | { 502 | "techniqueID": "T1574", 503 | "tactic": "defense-evasion", 504 | "color": "", 505 | "comment": "", 506 | "enabled": true, 507 | "metadata": [], 508 | "showSubtechniques": true 509 | }, 510 | { 511 | "techniqueID": "T1562", 512 | "tactic": "defense-evasion", 513 | "color": "", 514 | "comment": "", 515 | "enabled": true, 516 | "metadata": [], 517 | "showSubtechniques": true 518 | }, 519 | { 520 | "techniqueID": "T1070", 521 | "tactic": "defense-evasion", 522 | "color": "", 523 | "comment": "", 524 | "enabled": true, 525 | "metadata": [], 526 | "showSubtechniques": true 527 | }, 528 | { 529 | "techniqueID": "T1056", 530 | "tactic": "collection", 531 | "color": "", 532 | "comment": "", 533 | "enabled": true, 534 | "metadata": [], 535 | "showSubtechniques": true 536 | }, 537 | { 538 | "techniqueID": "T1056", 539 | "tactic": "credential-access", 540 | "color": "", 541 | "comment": "", 542 | "enabled": true, 543 | "metadata": [], 544 | "showSubtechniques": true 545 | }, 546 | { 547 | "techniqueID": "T1559", 548 | "tactic": "execution", 549 | "color": "", 550 | "comment": "", 551 | "enabled": true, 552 | "metadata": [], 553 | "showSubtechniques": true 554 | }, 555 | { 556 | "techniqueID": "T1534", 557 | "tactic": "lateral-movement", 558 | "color": "#3182bd", 559 | "comment": "", 560 | "enabled": true, 561 | "metadata": [], 562 | "showSubtechniques": false 563 | }, 564 | { 565 | "techniqueID": "T1557", 566 | "tactic": "credential-access", 567 | "color": "", 568 | "comment": "", 569 | "enabled": true, 570 | "metadata": [], 571 | "showSubtechniques": true 572 | }, 573 | { 574 | "techniqueID": "T1557", 575 | "tactic": "collection", 576 | "color": "", 577 | "comment": "", 578 | "enabled": true, 579 | "metadata": [], 580 | "showSubtechniques": true 581 | }, 582 | { 583 | "techniqueID": "T1036", 584 | "tactic": "defense-evasion", 585 | "color": "", 586 | "comment": "", 587 | "enabled": true, 588 | "metadata": [], 589 | "showSubtechniques": true 590 | }, 591 | { 592 | "techniqueID": "T1556", 593 | "tactic": "credential-access", 594 | "color": "", 595 | "comment": "", 596 | "enabled": true, 597 | "metadata": [], 598 | "showSubtechniques": true 599 | }, 600 | { 601 | "techniqueID": "T1556", 602 | "tactic": "defense-evasion", 603 | "color": "", 604 | "comment": "", 605 | "enabled": true, 606 | "metadata": [], 607 | "showSubtechniques": true 608 | }, 609 | { 610 | "techniqueID": "T1578", 611 | "tactic": "defense-evasion", 612 | "color": "", 613 | "comment": "", 614 | "enabled": true, 615 | "metadata": [], 616 | "showSubtechniques": true 617 | }, 618 | { 619 | "techniqueID": "T1104", 620 | "tactic": "command-and-control", 621 | "color": "#3182bd", 622 | "comment": "", 623 | "enabled": true, 624 | "metadata": [], 625 | "showSubtechniques": false 626 | }, 627 | { 628 | "techniqueID": "T1498", 629 | "tactic": "impact", 630 | "color": "", 631 | "comment": "", 632 | "enabled": true, 633 | "metadata": [], 634 | "showSubtechniques": true 635 | }, 636 | { 637 | "techniqueID": "T1046", 638 | "tactic": "discovery", 639 | "color": "#3182bd", 640 | "comment": "", 641 | "enabled": true, 642 | "metadata": [], 643 | "showSubtechniques": false 644 | }, 645 | { 646 | "techniqueID": "T1135", 647 | "tactic": "discovery", 648 | "color": "#3182bd", 649 | "comment": "", 650 | "enabled": true, 651 | "metadata": [], 652 | "showSubtechniques": false 653 | }, 654 | { 655 | "techniqueID": "T1003", 656 | "tactic": "credential-access", 657 | "color": "", 658 | "comment": "", 659 | "enabled": true, 660 | "metadata": [], 661 | "showSubtechniques": true 662 | }, 663 | { 664 | "techniqueID": "T1027", 665 | "tactic": "defense-evasion", 666 | "color": "", 667 | "comment": "", 668 | "enabled": true, 669 | "metadata": [], 670 | "showSubtechniques": true 671 | }, 672 | { 673 | "techniqueID": "T1137", 674 | "tactic": "persistence", 675 | "color": "", 676 | "comment": "", 677 | "enabled": true, 678 | "metadata": [], 679 | "showSubtechniques": true 680 | }, 681 | { 682 | "techniqueID": "T1201", 683 | "tactic": "discovery", 684 | "color": "#3182bd", 685 | "comment": "", 686 | "enabled": true, 687 | "metadata": [], 688 | "showSubtechniques": false 689 | }, 690 | { 691 | "techniqueID": "T1120", 692 | "tactic": "discovery", 693 | "color": "#3182bd", 694 | "comment": "", 695 | "enabled": true, 696 | "metadata": [], 697 | "showSubtechniques": false 698 | }, 699 | { 700 | "techniqueID": "T1069", 701 | "tactic": "discovery", 702 | "color": "#3182bd", 703 | "comment": "", 704 | "enabled": true, 705 | "metadata": [], 706 | "showSubtechniques": true 707 | }, 708 | { 709 | "techniqueID": "T1069.002", 710 | "tactic": "discovery", 711 | "color": "#3182bd", 712 | "comment": "", 713 | "enabled": true, 714 | "metadata": [], 715 | "showSubtechniques": false 716 | }, 717 | { 718 | "techniqueID": "T1069.001", 719 | "tactic": "discovery", 720 | "color": "#3182bd", 721 | "comment": "", 722 | "enabled": true, 723 | "metadata": [], 724 | "showSubtechniques": false 725 | }, 726 | { 727 | "techniqueID": "T1566", 728 | "tactic": "initial-access", 729 | "color": "#3182bd", 730 | "comment": "", 731 | "enabled": true, 732 | "metadata": [], 733 | "showSubtechniques": true 734 | }, 735 | { 736 | "techniqueID": "T1566.001", 737 | "tactic": "initial-access", 738 | "color": "#3182bd", 739 | "comment": "", 740 | "enabled": true, 741 | "metadata": [], 742 | "showSubtechniques": false 743 | }, 744 | { 745 | "techniqueID": "T1566.002", 746 | "tactic": "initial-access", 747 | "color": "#3182bd", 748 | "comment": "", 749 | "enabled": true, 750 | "metadata": [], 751 | "showSubtechniques": false 752 | }, 753 | { 754 | "techniqueID": "T1566.003", 755 | "tactic": "initial-access", 756 | "color": "#3182bd", 757 | "comment": "", 758 | "enabled": true, 759 | "metadata": [], 760 | "showSubtechniques": false 761 | }, 762 | { 763 | "techniqueID": "T1542", 764 | "tactic": "defense-evasion", 765 | "color": "", 766 | "comment": "", 767 | "enabled": true, 768 | "metadata": [], 769 | "showSubtechniques": true 770 | }, 771 | { 772 | "techniqueID": "T1542", 773 | "tactic": "persistence", 774 | "color": "", 775 | "comment": "", 776 | "enabled": true, 777 | "metadata": [], 778 | "showSubtechniques": true 779 | }, 780 | { 781 | "techniqueID": "T1057", 782 | "tactic": "discovery", 783 | "color": "#3182bd", 784 | "comment": "", 785 | "enabled": true, 786 | "metadata": [], 787 | "showSubtechniques": false 788 | }, 789 | { 790 | "techniqueID": "T1055", 791 | "tactic": "defense-evasion", 792 | "color": "", 793 | "comment": "", 794 | "enabled": true, 795 | "metadata": [], 796 | "showSubtechniques": true 797 | }, 798 | { 799 | "techniqueID": "T1055", 800 | "tactic": "privilege-escalation", 801 | "color": "", 802 | "comment": "", 803 | "enabled": true, 804 | "metadata": [], 805 | "showSubtechniques": true 806 | }, 807 | { 808 | "techniqueID": "T1090", 809 | "tactic": "command-and-control", 810 | "color": "", 811 | "comment": "", 812 | "enabled": true, 813 | "metadata": [], 814 | "showSubtechniques": true 815 | }, 816 | { 817 | "techniqueID": "T1012", 818 | "tactic": "discovery", 819 | "color": "#3182bd", 820 | "comment": "", 821 | "enabled": true, 822 | "metadata": [], 823 | "showSubtechniques": false 824 | }, 825 | { 826 | "techniqueID": "T1563", 827 | "tactic": "lateral-movement", 828 | "color": "", 829 | "comment": "", 830 | "enabled": true, 831 | "metadata": [], 832 | "showSubtechniques": true 833 | }, 834 | { 835 | "techniqueID": "T1021", 836 | "tactic": "lateral-movement", 837 | "color": "", 838 | "comment": "", 839 | "enabled": true, 840 | "metadata": [], 841 | "showSubtechniques": true 842 | }, 843 | { 844 | "techniqueID": "T1018", 845 | "tactic": "discovery", 846 | "color": "#3182bd", 847 | "comment": "", 848 | "enabled": true, 849 | "metadata": [], 850 | "showSubtechniques": false 851 | }, 852 | { 853 | "techniqueID": "T1053", 854 | "tactic": "execution", 855 | "color": "", 856 | "comment": "", 857 | "enabled": true, 858 | "metadata": [], 859 | "showSubtechniques": true 860 | }, 861 | { 862 | "techniqueID": "T1053", 863 | "tactic": "persistence", 864 | "color": "", 865 | "comment": "", 866 | "enabled": true, 867 | "metadata": [], 868 | "showSubtechniques": true 869 | }, 870 | { 871 | "techniqueID": "T1053", 872 | "tactic": "privilege-escalation", 873 | "color": "", 874 | "comment": "", 875 | "enabled": true, 876 | "metadata": [], 877 | "showSubtechniques": true 878 | }, 879 | { 880 | "techniqueID": "T1505", 881 | "tactic": "persistence", 882 | "color": "", 883 | "comment": "", 884 | "enabled": true, 885 | "metadata": [], 886 | "showSubtechniques": true 887 | }, 888 | { 889 | "techniqueID": "T1218", 890 | "tactic": "defense-evasion", 891 | "color": "", 892 | "comment": "", 893 | "enabled": true, 894 | "metadata": [], 895 | "showSubtechniques": true 896 | }, 897 | { 898 | "techniqueID": "T1216", 899 | "tactic": "defense-evasion", 900 | "color": "", 901 | "comment": "", 902 | "enabled": true, 903 | "metadata": [], 904 | "showSubtechniques": true 905 | }, 906 | { 907 | "techniqueID": "T1072", 908 | "tactic": "execution", 909 | "color": "#3182bd", 910 | "comment": "", 911 | "enabled": true, 912 | "metadata": [], 913 | "showSubtechniques": false 914 | }, 915 | { 916 | "techniqueID": "T1072", 917 | "tactic": "lateral-movement", 918 | "color": "#3182bd", 919 | "comment": "", 920 | "enabled": true, 921 | "metadata": [], 922 | "showSubtechniques": false 923 | }, 924 | { 925 | "techniqueID": "T1518", 926 | "tactic": "discovery", 927 | "color": "#3182bd", 928 | "comment": "", 929 | "enabled": true, 930 | "metadata": [], 931 | "showSubtechniques": true 932 | }, 933 | { 934 | "techniqueID": "T1518.001", 935 | "tactic": "discovery", 936 | "color": "#3182bd", 937 | "comment": "", 938 | "enabled": true, 939 | "metadata": [], 940 | "showSubtechniques": false 941 | }, 942 | { 943 | "techniqueID": "T1558", 944 | "tactic": "credential-access", 945 | "color": "", 946 | "comment": "", 947 | "enabled": true, 948 | "metadata": [], 949 | "showSubtechniques": true 950 | }, 951 | { 952 | "techniqueID": "T1553", 953 | "tactic": "defense-evasion", 954 | "color": "", 955 | "comment": "", 956 | "enabled": true, 957 | "metadata": [], 958 | "showSubtechniques": true 959 | }, 960 | { 961 | "techniqueID": "T1195", 962 | "tactic": "initial-access", 963 | "color": "#3182bd", 964 | "comment": "", 965 | "enabled": true, 966 | "metadata": [], 967 | "showSubtechniques": true 968 | }, 969 | { 970 | "techniqueID": "T1195.001", 971 | "tactic": "initial-access", 972 | "color": "#3182bd", 973 | "comment": "", 974 | "enabled": true, 975 | "metadata": [], 976 | "showSubtechniques": false 977 | }, 978 | { 979 | "techniqueID": "T1195.002", 980 | "tactic": "initial-access", 981 | "color": "#3182bd", 982 | "comment": "", 983 | "enabled": true, 984 | "metadata": [], 985 | "showSubtechniques": false 986 | }, 987 | { 988 | "techniqueID": "T1195.003", 989 | "tactic": "initial-access", 990 | "color": "#3182bd", 991 | "comment": "", 992 | "enabled": true, 993 | "metadata": [], 994 | "showSubtechniques": false 995 | }, 996 | { 997 | "techniqueID": "T1082", 998 | "tactic": "discovery", 999 | "color": "#3182bd", 1000 | "comment": "", 1001 | "enabled": true, 1002 | "metadata": [], 1003 | "showSubtechniques": false 1004 | }, 1005 | { 1006 | "techniqueID": "T1016", 1007 | "tactic": "discovery", 1008 | "color": "#3182bd", 1009 | "comment": "", 1010 | "enabled": true, 1011 | "metadata": [], 1012 | "showSubtechniques": false 1013 | }, 1014 | { 1015 | "techniqueID": "T1049", 1016 | "tactic": "discovery", 1017 | "color": "#3182bd", 1018 | "comment": "", 1019 | "enabled": true, 1020 | "metadata": [], 1021 | "showSubtechniques": false 1022 | }, 1023 | { 1024 | "techniqueID": "T1033", 1025 | "tactic": "discovery", 1026 | "color": "#3182bd", 1027 | "comment": "", 1028 | "enabled": true, 1029 | "metadata": [], 1030 | "showSubtechniques": false 1031 | }, 1032 | { 1033 | "techniqueID": "T1007", 1034 | "tactic": "discovery", 1035 | "color": "#3182bd", 1036 | "comment": "", 1037 | "enabled": true, 1038 | "metadata": [], 1039 | "showSubtechniques": false 1040 | }, 1041 | { 1042 | "techniqueID": "T1569", 1043 | "tactic": "execution", 1044 | "color": "", 1045 | "comment": "", 1046 | "enabled": true, 1047 | "metadata": [], 1048 | "showSubtechniques": true 1049 | }, 1050 | { 1051 | "techniqueID": "T1124", 1052 | "tactic": "discovery", 1053 | "color": "#3182bd", 1054 | "comment": "", 1055 | "enabled": true, 1056 | "metadata": [], 1057 | "showSubtechniques": false 1058 | }, 1059 | { 1060 | "techniqueID": "T1205", 1061 | "tactic": "defense-evasion", 1062 | "color": "", 1063 | "comment": "", 1064 | "enabled": true, 1065 | "metadata": [], 1066 | "showSubtechniques": true 1067 | }, 1068 | { 1069 | "techniqueID": "T1205", 1070 | "tactic": "persistence", 1071 | "color": "", 1072 | "comment": "", 1073 | "enabled": true, 1074 | "metadata": [], 1075 | "showSubtechniques": true 1076 | }, 1077 | { 1078 | "techniqueID": "T1205", 1079 | "tactic": "command-and-control", 1080 | "color": "", 1081 | "comment": "", 1082 | "enabled": true, 1083 | "metadata": [], 1084 | "showSubtechniques": true 1085 | }, 1086 | { 1087 | "techniqueID": "T1127", 1088 | "tactic": "defense-evasion", 1089 | "color": "", 1090 | "comment": "", 1091 | "enabled": true, 1092 | "metadata": [], 1093 | "showSubtechniques": true 1094 | }, 1095 | { 1096 | "techniqueID": "T1199", 1097 | "tactic": "initial-access", 1098 | "color": "#3182bd", 1099 | "comment": "", 1100 | "enabled": true, 1101 | "metadata": [], 1102 | "showSubtechniques": false 1103 | }, 1104 | { 1105 | "techniqueID": "T1552", 1106 | "tactic": "credential-access", 1107 | "color": "", 1108 | "comment": "", 1109 | "enabled": true, 1110 | "metadata": [], 1111 | "showSubtechniques": true 1112 | }, 1113 | { 1114 | "techniqueID": "T1550", 1115 | "tactic": "defense-evasion", 1116 | "color": "", 1117 | "comment": "", 1118 | "enabled": true, 1119 | "metadata": [], 1120 | "showSubtechniques": true 1121 | }, 1122 | { 1123 | "techniqueID": "T1550", 1124 | "tactic": "lateral-movement", 1125 | "color": "", 1126 | "comment": "", 1127 | "enabled": true, 1128 | "metadata": [], 1129 | "showSubtechniques": true 1130 | }, 1131 | { 1132 | "techniqueID": "T1204", 1133 | "tactic": "execution", 1134 | "color": "#3182bd", 1135 | "comment": "", 1136 | "enabled": true, 1137 | "metadata": [], 1138 | "showSubtechniques": true 1139 | }, 1140 | { 1141 | "techniqueID": "T1204.001", 1142 | "tactic": "execution", 1143 | "color": "#3182bd", 1144 | "comment": "", 1145 | "enabled": true, 1146 | "metadata": [], 1147 | "showSubtechniques": false 1148 | }, 1149 | { 1150 | "techniqueID": "T1204.002", 1151 | "tactic": "execution", 1152 | "color": "#3182bd", 1153 | "comment": "", 1154 | "enabled": true, 1155 | "metadata": [], 1156 | "showSubtechniques": false 1157 | }, 1158 | { 1159 | "techniqueID": "T1078", 1160 | "tactic": "defense-evasion", 1161 | "color": "", 1162 | "comment": "", 1163 | "enabled": true, 1164 | "metadata": [], 1165 | "showSubtechniques": true 1166 | }, 1167 | { 1168 | "techniqueID": "T1078", 1169 | "tactic": "persistence", 1170 | "color": "", 1171 | "comment": "", 1172 | "enabled": true, 1173 | "metadata": [], 1174 | "showSubtechniques": true 1175 | }, 1176 | { 1177 | "techniqueID": "T1078", 1178 | "tactic": "privilege-escalation", 1179 | "color": "", 1180 | "comment": "", 1181 | "enabled": true, 1182 | "metadata": [], 1183 | "showSubtechniques": true 1184 | }, 1185 | { 1186 | "techniqueID": "T1078", 1187 | "tactic": "initial-access", 1188 | "color": "", 1189 | "comment": "", 1190 | "enabled": true, 1191 | "metadata": [], 1192 | "showSubtechniques": true 1193 | }, 1194 | { 1195 | "techniqueID": "T1497", 1196 | "tactic": "defense-evasion", 1197 | "color": "", 1198 | "comment": "", 1199 | "enabled": true, 1200 | "metadata": [], 1201 | "showSubtechniques": true 1202 | }, 1203 | { 1204 | "techniqueID": "T1497", 1205 | "tactic": "discovery", 1206 | "color": "", 1207 | "comment": "", 1208 | "enabled": true, 1209 | "metadata": [], 1210 | "showSubtechniques": true 1211 | }, 1212 | { 1213 | "techniqueID": "T1102", 1214 | "tactic": "command-and-control", 1215 | "color": "", 1216 | "comment": "", 1217 | "enabled": true, 1218 | "metadata": [], 1219 | "showSubtechniques": true 1220 | } 1221 | ], 1222 | "gradient": { 1223 | "colors": [ 1224 | "#ff6666", 1225 | "#ffe766", 1226 | "#8ec843" 1227 | ], 1228 | "minValue": 0, 1229 | "maxValue": 100 1230 | }, 1231 | "legendItems": [], 1232 | "metadata": [], 1233 | "showTacticRowBackground": false, 1234 | "tacticRowBackground": "#dddddd", 1235 | "selectTechniquesAcrossTactics": true, 1236 | "selectSubtechniquesWithParent": false 1237 | } -------------------------------------------------------------------------------- /teaching/Green.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Green", 3 | "version": "3.0", 4 | "domain": "mitre-enterprise", 5 | "description": "", 6 | "filters": { 7 | "stages": [ 8 | "act" 9 | ], 10 | "platforms": [ 11 | "Windows", 12 | "Linux", 13 | "macOS" 14 | ] 15 | }, 16 | "sorting": 0, 17 | "layout": { 18 | "layout": "side", 19 | "showID": false, 20 | "showName": true 21 | }, 22 | "hideDisabled": false, 23 | "techniques": [ 24 | { 25 | "techniqueID": "T1548", 26 | "tactic": "privilege-escalation", 27 | "color": "#31a354", 28 | "comment": "", 29 | "enabled": true, 30 | "metadata": [], 31 | "showSubtechniques": true 32 | }, 33 | { 34 | "techniqueID": "T1548", 35 | "tactic": "defense-evasion", 36 | "color": "#31a354", 37 | "comment": "", 38 | "enabled": true, 39 | "metadata": [], 40 | "showSubtechniques": true 41 | }, 42 | { 43 | "techniqueID": "T1548.001", 44 | "tactic": "privilege-escalation", 45 | "color": "#31a354", 46 | "comment": "", 47 | "enabled": true, 48 | "metadata": [], 49 | "showSubtechniques": false 50 | }, 51 | { 52 | "techniqueID": "T1548.001", 53 | "tactic": "defense-evasion", 54 | "color": "#31a354", 55 | "comment": "", 56 | "enabled": true, 57 | "metadata": [], 58 | "showSubtechniques": false 59 | }, 60 | { 61 | "techniqueID": "T1548.002", 62 | "tactic": "privilege-escalation", 63 | "color": "#31a354", 64 | "comment": "", 65 | "enabled": true, 66 | "metadata": [], 67 | "showSubtechniques": false 68 | }, 69 | { 70 | "techniqueID": "T1548.002", 71 | "tactic": "defense-evasion", 72 | "color": "#31a354", 73 | "comment": "", 74 | "enabled": true, 75 | "metadata": [], 76 | "showSubtechniques": false 77 | }, 78 | { 79 | "techniqueID": "T1548.003", 80 | "tactic": "privilege-escalation", 81 | "color": "#31a354", 82 | "comment": "", 83 | "enabled": true, 84 | "metadata": [], 85 | "showSubtechniques": false 86 | }, 87 | { 88 | "techniqueID": "T1548.003", 89 | "tactic": "defense-evasion", 90 | "color": "#31a354", 91 | "comment": "", 92 | "enabled": true, 93 | "metadata": [], 94 | "showSubtechniques": false 95 | }, 96 | { 97 | "techniqueID": "T1548.004", 98 | "tactic": "privilege-escalation", 99 | "color": "#31a354", 100 | "comment": "", 101 | "enabled": true, 102 | "metadata": [], 103 | "showSubtechniques": false 104 | }, 105 | { 106 | "techniqueID": "T1548.004", 107 | "tactic": "defense-evasion", 108 | "color": "#31a354", 109 | "comment": "", 110 | "enabled": true, 111 | "metadata": [], 112 | "showSubtechniques": false 113 | }, 114 | { 115 | "techniqueID": "T1134", 116 | "tactic": "defense-evasion", 117 | "color": "", 118 | "comment": "", 119 | "enabled": true, 120 | "metadata": [], 121 | "showSubtechniques": true 122 | }, 123 | { 124 | "techniqueID": "T1134", 125 | "tactic": "privilege-escalation", 126 | "color": "", 127 | "comment": "", 128 | "enabled": true, 129 | "metadata": [], 130 | "showSubtechniques": true 131 | }, 132 | { 133 | "techniqueID": "T1531", 134 | "tactic": "impact", 135 | "color": "#31a354", 136 | "comment": "", 137 | "enabled": true, 138 | "metadata": [], 139 | "showSubtechniques": false 140 | }, 141 | { 142 | "techniqueID": "T1087", 143 | "tactic": "discovery", 144 | "color": "", 145 | "comment": "", 146 | "enabled": true, 147 | "metadata": [], 148 | "showSubtechniques": true 149 | }, 150 | { 151 | "techniqueID": "T1098", 152 | "tactic": "persistence", 153 | "color": "#31a354", 154 | "comment": "", 155 | "enabled": true, 156 | "metadata": [], 157 | "showSubtechniques": true 158 | }, 159 | { 160 | "techniqueID": "T1098.002", 161 | "tactic": "persistence", 162 | "color": "#31a354", 163 | "comment": "", 164 | "enabled": true, 165 | "metadata": [], 166 | "showSubtechniques": false 167 | }, 168 | { 169 | "techniqueID": "T1098.004", 170 | "tactic": "persistence", 171 | "color": "#31a354", 172 | "comment": "", 173 | "enabled": true, 174 | "metadata": [], 175 | "showSubtechniques": false 176 | }, 177 | { 178 | "techniqueID": "T1071", 179 | "tactic": "command-and-control", 180 | "color": "", 181 | "comment": "", 182 | "enabled": true, 183 | "metadata": [], 184 | "showSubtechniques": true 185 | }, 186 | { 187 | "techniqueID": "T1560", 188 | "tactic": "collection", 189 | "color": "#31a354", 190 | "comment": "", 191 | "enabled": true, 192 | "metadata": [], 193 | "showSubtechniques": true 194 | }, 195 | { 196 | "techniqueID": "T1560.001", 197 | "tactic": "collection", 198 | "color": "#31a354", 199 | "comment": "", 200 | "enabled": true, 201 | "metadata": [], 202 | "showSubtechniques": false 203 | }, 204 | { 205 | "techniqueID": "T1560.002", 206 | "tactic": "collection", 207 | "color": "#31a354", 208 | "comment": "", 209 | "enabled": true, 210 | "metadata": [], 211 | "showSubtechniques": false 212 | }, 213 | { 214 | "techniqueID": "T1560.003", 215 | "tactic": "collection", 216 | "color": "#31a354", 217 | "comment": "", 218 | "enabled": true, 219 | "metadata": [], 220 | "showSubtechniques": false 221 | }, 222 | { 223 | "techniqueID": "T1547", 224 | "tactic": "persistence", 225 | "color": "", 226 | "comment": "", 227 | "enabled": true, 228 | "metadata": [], 229 | "showSubtechniques": true 230 | }, 231 | { 232 | "techniqueID": "T1547", 233 | "tactic": "privilege-escalation", 234 | "color": "", 235 | "comment": "", 236 | "enabled": true, 237 | "metadata": [], 238 | "showSubtechniques": true 239 | }, 240 | { 241 | "techniqueID": "T1547.001", 242 | "tactic": "persistence", 243 | "color": "#31a354", 244 | "comment": "", 245 | "enabled": true, 246 | "metadata": [], 247 | "showSubtechniques": false 248 | }, 249 | { 250 | "techniqueID": "T1547.001", 251 | "tactic": "privilege-escalation", 252 | "color": "#31a354", 253 | "comment": "", 254 | "enabled": true, 255 | "metadata": [], 256 | "showSubtechniques": false 257 | }, 258 | { 259 | "techniqueID": "T1547.007", 260 | "tactic": "persistence", 261 | "color": "#31a354", 262 | "comment": "", 263 | "enabled": true, 264 | "metadata": [], 265 | "showSubtechniques": false 266 | }, 267 | { 268 | "techniqueID": "T1547.007", 269 | "tactic": "privilege-escalation", 270 | "color": "#31a354", 271 | "comment": "", 272 | "enabled": true, 273 | "metadata": [], 274 | "showSubtechniques": false 275 | }, 276 | { 277 | "techniqueID": "T1547.009", 278 | "tactic": "persistence", 279 | "color": "#31a354", 280 | "comment": "", 281 | "enabled": true, 282 | "metadata": [], 283 | "showSubtechniques": false 284 | }, 285 | { 286 | "techniqueID": "T1547.009", 287 | "tactic": "privilege-escalation", 288 | "color": "#31a354", 289 | "comment": "", 290 | "enabled": true, 291 | "metadata": [], 292 | "showSubtechniques": false 293 | }, 294 | { 295 | "techniqueID": "T1547.011", 296 | "tactic": "persistence", 297 | "color": "#31a354", 298 | "comment": "", 299 | "enabled": true, 300 | "metadata": [], 301 | "showSubtechniques": false 302 | }, 303 | { 304 | "techniqueID": "T1547.011", 305 | "tactic": "privilege-escalation", 306 | "color": "#31a354", 307 | "comment": "", 308 | "enabled": true, 309 | "metadata": [], 310 | "showSubtechniques": false 311 | }, 312 | { 313 | "techniqueID": "T1037", 314 | "tactic": "persistence", 315 | "color": "#31a354", 316 | "comment": "", 317 | "enabled": true, 318 | "metadata": [], 319 | "showSubtechniques": true 320 | }, 321 | { 322 | "techniqueID": "T1037", 323 | "tactic": "privilege-escalation", 324 | "color": "#31a354", 325 | "comment": "", 326 | "enabled": true, 327 | "metadata": [], 328 | "showSubtechniques": true 329 | }, 330 | { 331 | "techniqueID": "T1037.001", 332 | "tactic": "persistence", 333 | "color": "#31a354", 334 | "comment": "", 335 | "enabled": true, 336 | "metadata": [], 337 | "showSubtechniques": false 338 | }, 339 | { 340 | "techniqueID": "T1037.001", 341 | "tactic": "privilege-escalation", 342 | "color": "#31a354", 343 | "comment": "", 344 | "enabled": true, 345 | "metadata": [], 346 | "showSubtechniques": false 347 | }, 348 | { 349 | "techniqueID": "T1037.002", 350 | "tactic": "persistence", 351 | "color": "#31a354", 352 | "comment": "", 353 | "enabled": true, 354 | "metadata": [], 355 | "showSubtechniques": false 356 | }, 357 | { 358 | "techniqueID": "T1037.002", 359 | "tactic": "privilege-escalation", 360 | "color": "#31a354", 361 | "comment": "", 362 | "enabled": true, 363 | "metadata": [], 364 | "showSubtechniques": false 365 | }, 366 | { 367 | "techniqueID": "T1037.003", 368 | "tactic": "persistence", 369 | "color": "#31a354", 370 | "comment": "", 371 | "enabled": true, 372 | "metadata": [], 373 | "showSubtechniques": false 374 | }, 375 | { 376 | "techniqueID": "T1037.003", 377 | "tactic": "privilege-escalation", 378 | "color": "#31a354", 379 | "comment": "", 380 | "enabled": true, 381 | "metadata": [], 382 | "showSubtechniques": false 383 | }, 384 | { 385 | "techniqueID": "T1037.004", 386 | "tactic": "persistence", 387 | "color": "#31a354", 388 | "comment": "", 389 | "enabled": true, 390 | "metadata": [], 391 | "showSubtechniques": false 392 | }, 393 | { 394 | "techniqueID": "T1037.004", 395 | "tactic": "privilege-escalation", 396 | "color": "#31a354", 397 | "comment": "", 398 | "enabled": true, 399 | "metadata": [], 400 | "showSubtechniques": false 401 | }, 402 | { 403 | "techniqueID": "T1037.005", 404 | "tactic": "persistence", 405 | "color": "#31a354", 406 | "comment": "", 407 | "enabled": true, 408 | "metadata": [], 409 | "showSubtechniques": false 410 | }, 411 | { 412 | "techniqueID": "T1037.005", 413 | "tactic": "privilege-escalation", 414 | "color": "#31a354", 415 | "comment": "", 416 | "enabled": true, 417 | "metadata": [], 418 | "showSubtechniques": false 419 | }, 420 | { 421 | "techniqueID": "T1110", 422 | "tactic": "credential-access", 423 | "color": "", 424 | "comment": "", 425 | "enabled": true, 426 | "metadata": [], 427 | "showSubtechniques": true 428 | }, 429 | { 430 | "techniqueID": "T1110.001", 431 | "tactic": "credential-access", 432 | "color": "#31a354", 433 | "comment": "", 434 | "enabled": true, 435 | "metadata": [], 436 | "showSubtechniques": false 437 | }, 438 | { 439 | "techniqueID": "T1115", 440 | "tactic": "collection", 441 | "color": "#31a354", 442 | "comment": "", 443 | "enabled": true, 444 | "metadata": [], 445 | "showSubtechniques": false 446 | }, 447 | { 448 | "techniqueID": "T1059", 449 | "tactic": "execution", 450 | "color": "#31a354", 451 | "comment": "", 452 | "enabled": true, 453 | "metadata": [], 454 | "showSubtechniques": true 455 | }, 456 | { 457 | "techniqueID": "T1059.001", 458 | "tactic": "execution", 459 | "color": "#31a354", 460 | "comment": "", 461 | "enabled": true, 462 | "metadata": [], 463 | "showSubtechniques": false 464 | }, 465 | { 466 | "techniqueID": "T1059.002", 467 | "tactic": "execution", 468 | "color": "#31a354", 469 | "comment": "", 470 | "enabled": true, 471 | "metadata": [], 472 | "showSubtechniques": false 473 | }, 474 | { 475 | "techniqueID": "T1059.003", 476 | "tactic": "execution", 477 | "color": "#31a354", 478 | "comment": "", 479 | "enabled": true, 480 | "metadata": [], 481 | "showSubtechniques": false 482 | }, 483 | { 484 | "techniqueID": "T1059.004", 485 | "tactic": "execution", 486 | "color": "#31a354", 487 | "comment": "", 488 | "enabled": true, 489 | "metadata": [], 490 | "showSubtechniques": false 491 | }, 492 | { 493 | "techniqueID": "T1059.005", 494 | "tactic": "execution", 495 | "color": "#31a354", 496 | "comment": "", 497 | "enabled": true, 498 | "metadata": [], 499 | "showSubtechniques": false 500 | }, 501 | { 502 | "techniqueID": "T1059.006", 503 | "tactic": "execution", 504 | "color": "#31a354", 505 | "comment": "", 506 | "enabled": true, 507 | "metadata": [], 508 | "showSubtechniques": false 509 | }, 510 | { 511 | "techniqueID": "T1059.007", 512 | "tactic": "execution", 513 | "color": "#31a354", 514 | "comment": "", 515 | "enabled": true, 516 | "metadata": [], 517 | "showSubtechniques": false 518 | }, 519 | { 520 | "techniqueID": "T1092", 521 | "tactic": "command-and-control", 522 | "color": "#31a354", 523 | "comment": "", 524 | "enabled": true, 525 | "metadata": [], 526 | "showSubtechniques": false 527 | }, 528 | { 529 | "techniqueID": "T1554", 530 | "tactic": "persistence", 531 | "color": "#31a354", 532 | "comment": "", 533 | "enabled": true, 534 | "metadata": [], 535 | "showSubtechniques": false 536 | }, 537 | { 538 | "techniqueID": "T1136", 539 | "tactic": "persistence", 540 | "color": "#31a354", 541 | "comment": "", 542 | "enabled": true, 543 | "metadata": [], 544 | "showSubtechniques": true 545 | }, 546 | { 547 | "techniqueID": "T1136.001", 548 | "tactic": "persistence", 549 | "color": "#31a354", 550 | "comment": "", 551 | "enabled": true, 552 | "metadata": [], 553 | "showSubtechniques": false 554 | }, 555 | { 556 | "techniqueID": "T1136.002", 557 | "tactic": "persistence", 558 | "color": "#31a354", 559 | "comment": "", 560 | "enabled": true, 561 | "metadata": [], 562 | "showSubtechniques": false 563 | }, 564 | { 565 | "techniqueID": "T1543", 566 | "tactic": "persistence", 567 | "color": "#31a354", 568 | "comment": "", 569 | "enabled": true, 570 | "metadata": [], 571 | "showSubtechniques": true 572 | }, 573 | { 574 | "techniqueID": "T1543", 575 | "tactic": "privilege-escalation", 576 | "color": "#31a354", 577 | "comment": "", 578 | "enabled": true, 579 | "metadata": [], 580 | "showSubtechniques": true 581 | }, 582 | { 583 | "techniqueID": "T1543.001", 584 | "tactic": "persistence", 585 | "color": "#31a354", 586 | "comment": "", 587 | "enabled": true, 588 | "metadata": [], 589 | "showSubtechniques": false 590 | }, 591 | { 592 | "techniqueID": "T1543.001", 593 | "tactic": "privilege-escalation", 594 | "color": "#31a354", 595 | "comment": "", 596 | "enabled": true, 597 | "metadata": [], 598 | "showSubtechniques": false 599 | }, 600 | { 601 | "techniqueID": "T1543.002", 602 | "tactic": "persistence", 603 | "color": "#31a354", 604 | "comment": "", 605 | "enabled": true, 606 | "metadata": [], 607 | "showSubtechniques": false 608 | }, 609 | { 610 | "techniqueID": "T1543.002", 611 | "tactic": "privilege-escalation", 612 | "color": "#31a354", 613 | "comment": "", 614 | "enabled": true, 615 | "metadata": [], 616 | "showSubtechniques": false 617 | }, 618 | { 619 | "techniqueID": "T1543.003", 620 | "tactic": "persistence", 621 | "color": "#31a354", 622 | "comment": "", 623 | "enabled": true, 624 | "metadata": [], 625 | "showSubtechniques": false 626 | }, 627 | { 628 | "techniqueID": "T1543.003", 629 | "tactic": "privilege-escalation", 630 | "color": "#31a354", 631 | "comment": "", 632 | "enabled": true, 633 | "metadata": [], 634 | "showSubtechniques": false 635 | }, 636 | { 637 | "techniqueID": "T1543.004", 638 | "tactic": "persistence", 639 | "color": "#31a354", 640 | "comment": "", 641 | "enabled": true, 642 | "metadata": [], 643 | "showSubtechniques": false 644 | }, 645 | { 646 | "techniqueID": "T1543.004", 647 | "tactic": "privilege-escalation", 648 | "color": "#31a354", 649 | "comment": "", 650 | "enabled": true, 651 | "metadata": [], 652 | "showSubtechniques": false 653 | }, 654 | { 655 | "techniqueID": "T1555", 656 | "tactic": "credential-access", 657 | "color": "", 658 | "comment": "", 659 | "enabled": true, 660 | "metadata": [], 661 | "showSubtechniques": true 662 | }, 663 | { 664 | "techniqueID": "T1485", 665 | "tactic": "impact", 666 | "color": "#31a354", 667 | "comment": "", 668 | "enabled": true, 669 | "metadata": [], 670 | "showSubtechniques": false 671 | }, 672 | { 673 | "techniqueID": "T1132", 674 | "tactic": "command-and-control", 675 | "color": "#31a354", 676 | "comment": "", 677 | "enabled": true, 678 | "metadata": [], 679 | "showSubtechniques": true 680 | }, 681 | { 682 | "techniqueID": "T1132.001", 683 | "tactic": "command-and-control", 684 | "color": "#31a354", 685 | "comment": "", 686 | "enabled": true, 687 | "metadata": [], 688 | "showSubtechniques": false 689 | }, 690 | { 691 | "techniqueID": "T1132.002", 692 | "tactic": "command-and-control", 693 | "color": "#31a354", 694 | "comment": "", 695 | "enabled": true, 696 | "metadata": [], 697 | "showSubtechniques": false 698 | }, 699 | { 700 | "techniqueID": "T1486", 701 | "tactic": "impact", 702 | "color": "#31a354", 703 | "comment": "", 704 | "enabled": true, 705 | "metadata": [], 706 | "showSubtechniques": false 707 | }, 708 | { 709 | "techniqueID": "T1565", 710 | "tactic": "impact", 711 | "color": "", 712 | "comment": "", 713 | "enabled": true, 714 | "metadata": [], 715 | "showSubtechniques": true 716 | }, 717 | { 718 | "techniqueID": "T1565.001", 719 | "tactic": "impact", 720 | "color": "#31a354", 721 | "comment": "", 722 | "enabled": true, 723 | "metadata": [], 724 | "showSubtechniques": false 725 | }, 726 | { 727 | "techniqueID": "T1001", 728 | "tactic": "command-and-control", 729 | "color": "", 730 | "comment": "", 731 | "enabled": true, 732 | "metadata": [], 733 | "showSubtechniques": true 734 | }, 735 | { 736 | "techniqueID": "T1074", 737 | "tactic": "collection", 738 | "color": "", 739 | "comment": "", 740 | "enabled": true, 741 | "metadata": [], 742 | "showSubtechniques": true 743 | }, 744 | { 745 | "techniqueID": "T1074.001", 746 | "tactic": "collection", 747 | "color": "#31a354", 748 | "comment": "", 749 | "enabled": true, 750 | "metadata": [], 751 | "showSubtechniques": false 752 | }, 753 | { 754 | "techniqueID": "T1030", 755 | "tactic": "exfiltration", 756 | "color": "#31a354", 757 | "comment": "", 758 | "enabled": true, 759 | "metadata": [], 760 | "showSubtechniques": false 761 | }, 762 | { 763 | "techniqueID": "T1213", 764 | "tactic": "collection", 765 | "color": "", 766 | "comment": "", 767 | "enabled": true, 768 | "metadata": [], 769 | "showSubtechniques": true 770 | }, 771 | { 772 | "techniqueID": "T1491", 773 | "tactic": "impact", 774 | "color": "", 775 | "comment": "", 776 | "enabled": true, 777 | "metadata": [], 778 | "showSubtechniques": true 779 | }, 780 | { 781 | "techniqueID": "T1561", 782 | "tactic": "impact", 783 | "color": "#31a354", 784 | "comment": "", 785 | "enabled": true, 786 | "metadata": [], 787 | "showSubtechniques": true 788 | }, 789 | { 790 | "techniqueID": "T1561.001", 791 | "tactic": "impact", 792 | "color": "#31a354", 793 | "comment": "", 794 | "enabled": true, 795 | "metadata": [], 796 | "showSubtechniques": false 797 | }, 798 | { 799 | "techniqueID": "T1561.002", 800 | "tactic": "impact", 801 | "color": "#31a354", 802 | "comment": "", 803 | "enabled": true, 804 | "metadata": [], 805 | "showSubtechniques": false 806 | }, 807 | { 808 | "techniqueID": "T1568", 809 | "tactic": "command-and-control", 810 | "color": "", 811 | "comment": "", 812 | "enabled": true, 813 | "metadata": [], 814 | "showSubtechniques": true 815 | }, 816 | { 817 | "techniqueID": "T1114", 818 | "tactic": "collection", 819 | "color": "", 820 | "comment": "", 821 | "enabled": true, 822 | "metadata": [], 823 | "showSubtechniques": true 824 | }, 825 | { 826 | "techniqueID": "T1573", 827 | "tactic": "command-and-control", 828 | "color": "", 829 | "comment": "", 830 | "enabled": true, 831 | "metadata": [], 832 | "showSubtechniques": true 833 | }, 834 | { 835 | "techniqueID": "T1499", 836 | "tactic": "impact", 837 | "color": "", 838 | "comment": "", 839 | "enabled": true, 840 | "metadata": [], 841 | "showSubtechniques": true 842 | }, 843 | { 844 | "techniqueID": "T1546", 845 | "tactic": "privilege-escalation", 846 | "color": "", 847 | "comment": "", 848 | "enabled": true, 849 | "metadata": [], 850 | "showSubtechniques": true 851 | }, 852 | { 853 | "techniqueID": "T1546", 854 | "tactic": "persistence", 855 | "color": "", 856 | "comment": "", 857 | "enabled": true, 858 | "metadata": [], 859 | "showSubtechniques": true 860 | }, 861 | { 862 | "techniqueID": "T1546.001", 863 | "tactic": "privilege-escalation", 864 | "color": "#31a354", 865 | "comment": "", 866 | "enabled": true, 867 | "metadata": [], 868 | "showSubtechniques": false 869 | }, 870 | { 871 | "techniqueID": "T1546.001", 872 | "tactic": "persistence", 873 | "color": "#31a354", 874 | "comment": "", 875 | "enabled": true, 876 | "metadata": [], 877 | "showSubtechniques": false 878 | }, 879 | { 880 | "techniqueID": "T1546.002", 881 | "tactic": "privilege-escalation", 882 | "color": "#31a354", 883 | "comment": "", 884 | "enabled": true, 885 | "metadata": [], 886 | "showSubtechniques": false 887 | }, 888 | { 889 | "techniqueID": "T1546.002", 890 | "tactic": "persistence", 891 | "color": "#31a354", 892 | "comment": "", 893 | "enabled": true, 894 | "metadata": [], 895 | "showSubtechniques": false 896 | }, 897 | { 898 | "techniqueID": "T1546.004", 899 | "tactic": "privilege-escalation", 900 | "color": "#31a354", 901 | "comment": "", 902 | "enabled": true, 903 | "metadata": [], 904 | "showSubtechniques": false 905 | }, 906 | { 907 | "techniqueID": "T1546.004", 908 | "tactic": "persistence", 909 | "color": "#31a354", 910 | "comment": "", 911 | "enabled": true, 912 | "metadata": [], 913 | "showSubtechniques": false 914 | }, 915 | { 916 | "techniqueID": "T1546.008", 917 | "tactic": "privilege-escalation", 918 | "color": "#31a354", 919 | "comment": "", 920 | "enabled": true, 921 | "metadata": [], 922 | "showSubtechniques": false 923 | }, 924 | { 925 | "techniqueID": "T1546.008", 926 | "tactic": "persistence", 927 | "color": "#31a354", 928 | "comment": "", 929 | "enabled": true, 930 | "metadata": [], 931 | "showSubtechniques": false 932 | }, 933 | { 934 | "techniqueID": "T1546.012", 935 | "tactic": "privilege-escalation", 936 | "color": "#31a354", 937 | "comment": "", 938 | "enabled": true, 939 | "metadata": [], 940 | "showSubtechniques": false 941 | }, 942 | { 943 | "techniqueID": "T1546.012", 944 | "tactic": "persistence", 945 | "color": "#31a354", 946 | "comment": "", 947 | "enabled": true, 948 | "metadata": [], 949 | "showSubtechniques": false 950 | }, 951 | { 952 | "techniqueID": "T1546.013", 953 | "tactic": "privilege-escalation", 954 | "color": "#31a354", 955 | "comment": "", 956 | "enabled": true, 957 | "metadata": [], 958 | "showSubtechniques": false 959 | }, 960 | { 961 | "techniqueID": "T1546.013", 962 | "tactic": "persistence", 963 | "color": "#31a354", 964 | "comment": "", 965 | "enabled": true, 966 | "metadata": [], 967 | "showSubtechniques": false 968 | }, 969 | { 970 | "techniqueID": "T1480", 971 | "tactic": "defense-evasion", 972 | "color": "", 973 | "comment": "", 974 | "enabled": true, 975 | "metadata": [], 976 | "showSubtechniques": true 977 | }, 978 | { 979 | "techniqueID": "T1048", 980 | "tactic": "exfiltration", 981 | "color": "", 982 | "comment": "", 983 | "enabled": true, 984 | "metadata": [], 985 | "showSubtechniques": true 986 | }, 987 | { 988 | "techniqueID": "T1011", 989 | "tactic": "exfiltration", 990 | "color": "", 991 | "comment": "", 992 | "enabled": true, 993 | "metadata": [], 994 | "showSubtechniques": true 995 | }, 996 | { 997 | "techniqueID": "T1052", 998 | "tactic": "exfiltration", 999 | "color": "#31a354", 1000 | "comment": "", 1001 | "enabled": true, 1002 | "metadata": [], 1003 | "showSubtechniques": true 1004 | }, 1005 | { 1006 | "techniqueID": "T1052.001", 1007 | "tactic": "exfiltration", 1008 | "color": "#31a354", 1009 | "comment": "", 1010 | "enabled": true, 1011 | "metadata": [], 1012 | "showSubtechniques": false 1013 | }, 1014 | { 1015 | "techniqueID": "T1567", 1016 | "tactic": "exfiltration", 1017 | "color": "", 1018 | "comment": "", 1019 | "enabled": true, 1020 | "metadata": [], 1021 | "showSubtechniques": true 1022 | }, 1023 | { 1024 | "techniqueID": "T1222", 1025 | "tactic": "defense-evasion", 1026 | "color": "#31a354", 1027 | "comment": "", 1028 | "enabled": true, 1029 | "metadata": [], 1030 | "showSubtechniques": true 1031 | }, 1032 | { 1033 | "techniqueID": "T1222.001", 1034 | "tactic": "defense-evasion", 1035 | "color": "#31a354", 1036 | "comment": "", 1037 | "enabled": true, 1038 | "metadata": [], 1039 | "showSubtechniques": false 1040 | }, 1041 | { 1042 | "techniqueID": "T1222.002", 1043 | "tactic": "defense-evasion", 1044 | "color": "#31a354", 1045 | "comment": "", 1046 | "enabled": true, 1047 | "metadata": [], 1048 | "showSubtechniques": false 1049 | }, 1050 | { 1051 | "techniqueID": "T1484", 1052 | "tactic": "defense-evasion", 1053 | "color": "#31a354", 1054 | "comment": "", 1055 | "enabled": true, 1056 | "metadata": [], 1057 | "showSubtechniques": false 1058 | }, 1059 | { 1060 | "techniqueID": "T1484", 1061 | "tactic": "privilege-escalation", 1062 | "color": "#31a354", 1063 | "comment": "", 1064 | "enabled": true, 1065 | "metadata": [], 1066 | "showSubtechniques": false 1067 | }, 1068 | { 1069 | "techniqueID": "T1564", 1070 | "tactic": "defense-evasion", 1071 | "color": "", 1072 | "comment": "", 1073 | "enabled": true, 1074 | "metadata": [], 1075 | "showSubtechniques": true 1076 | }, 1077 | { 1078 | "techniqueID": "T1564.001", 1079 | "tactic": "defense-evasion", 1080 | "color": "#31a354", 1081 | "comment": "", 1082 | "enabled": true, 1083 | "metadata": [], 1084 | "showSubtechniques": false 1085 | }, 1086 | { 1087 | "techniqueID": "T1564.002", 1088 | "tactic": "defense-evasion", 1089 | "color": "#31a354", 1090 | "comment": "", 1091 | "enabled": true, 1092 | "metadata": [], 1093 | "showSubtechniques": false 1094 | }, 1095 | { 1096 | "techniqueID": "T1564.003", 1097 | "tactic": "defense-evasion", 1098 | "color": "#31a354", 1099 | "comment": "", 1100 | "enabled": true, 1101 | "metadata": [], 1102 | "showSubtechniques": false 1103 | }, 1104 | { 1105 | "techniqueID": "T1564.004", 1106 | "tactic": "defense-evasion", 1107 | "color": "#31a354", 1108 | "comment": "", 1109 | "enabled": true, 1110 | "metadata": [], 1111 | "showSubtechniques": false 1112 | }, 1113 | { 1114 | "techniqueID": "T1574", 1115 | "tactic": "persistence", 1116 | "color": "", 1117 | "comment": "", 1118 | "enabled": true, 1119 | "metadata": [], 1120 | "showSubtechniques": true 1121 | }, 1122 | { 1123 | "techniqueID": "T1574", 1124 | "tactic": "privilege-escalation", 1125 | "color": "", 1126 | "comment": "", 1127 | "enabled": true, 1128 | "metadata": [], 1129 | "showSubtechniques": true 1130 | }, 1131 | { 1132 | "techniqueID": "T1574", 1133 | "tactic": "defense-evasion", 1134 | "color": "", 1135 | "comment": "", 1136 | "enabled": true, 1137 | "metadata": [], 1138 | "showSubtechniques": true 1139 | }, 1140 | { 1141 | "techniqueID": "T1574.010", 1142 | "tactic": "persistence", 1143 | "color": "#31a354", 1144 | "comment": "", 1145 | "enabled": true, 1146 | "metadata": [], 1147 | "showSubtechniques": false 1148 | }, 1149 | { 1150 | "techniqueID": "T1574.010", 1151 | "tactic": "privilege-escalation", 1152 | "color": "#31a354", 1153 | "comment": "", 1154 | "enabled": true, 1155 | "metadata": [], 1156 | "showSubtechniques": false 1157 | }, 1158 | { 1159 | "techniqueID": "T1574.010", 1160 | "tactic": "defense-evasion", 1161 | "color": "#31a354", 1162 | "comment": "", 1163 | "enabled": true, 1164 | "metadata": [], 1165 | "showSubtechniques": false 1166 | }, 1167 | { 1168 | "techniqueID": "T1574.011", 1169 | "tactic": "persistence", 1170 | "color": "#31a354", 1171 | "comment": "", 1172 | "enabled": true, 1173 | "metadata": [], 1174 | "showSubtechniques": false 1175 | }, 1176 | { 1177 | "techniqueID": "T1574.011", 1178 | "tactic": "privilege-escalation", 1179 | "color": "#31a354", 1180 | "comment": "", 1181 | "enabled": true, 1182 | "metadata": [], 1183 | "showSubtechniques": false 1184 | }, 1185 | { 1186 | "techniqueID": "T1574.011", 1187 | "tactic": "defense-evasion", 1188 | "color": "#31a354", 1189 | "comment": "", 1190 | "enabled": true, 1191 | "metadata": [], 1192 | "showSubtechniques": false 1193 | }, 1194 | { 1195 | "techniqueID": "T1574.009", 1196 | "tactic": "persistence", 1197 | "color": "#31a354", 1198 | "comment": "", 1199 | "enabled": true, 1200 | "metadata": [], 1201 | "showSubtechniques": false 1202 | }, 1203 | { 1204 | "techniqueID": "T1574.009", 1205 | "tactic": "privilege-escalation", 1206 | "color": "#31a354", 1207 | "comment": "", 1208 | "enabled": true, 1209 | "metadata": [], 1210 | "showSubtechniques": false 1211 | }, 1212 | { 1213 | "techniqueID": "T1574.009", 1214 | "tactic": "defense-evasion", 1215 | "color": "#31a354", 1216 | "comment": "", 1217 | "enabled": true, 1218 | "metadata": [], 1219 | "showSubtechniques": false 1220 | }, 1221 | { 1222 | "techniqueID": "T1574.007", 1223 | "tactic": "persistence", 1224 | "color": "#31a354", 1225 | "comment": "", 1226 | "enabled": true, 1227 | "metadata": [], 1228 | "showSubtechniques": false 1229 | }, 1230 | { 1231 | "techniqueID": "T1574.007", 1232 | "tactic": "privilege-escalation", 1233 | "color": "#31a354", 1234 | "comment": "", 1235 | "enabled": true, 1236 | "metadata": [], 1237 | "showSubtechniques": false 1238 | }, 1239 | { 1240 | "techniqueID": "T1574.007", 1241 | "tactic": "defense-evasion", 1242 | "color": "#31a354", 1243 | "comment": "", 1244 | "enabled": true, 1245 | "metadata": [], 1246 | "showSubtechniques": false 1247 | }, 1248 | { 1249 | "techniqueID": "T1574.008", 1250 | "tactic": "persistence", 1251 | "color": "#31a354", 1252 | "comment": "", 1253 | "enabled": true, 1254 | "metadata": [], 1255 | "showSubtechniques": false 1256 | }, 1257 | { 1258 | "techniqueID": "T1574.008", 1259 | "tactic": "privilege-escalation", 1260 | "color": "#31a354", 1261 | "comment": "", 1262 | "enabled": true, 1263 | "metadata": [], 1264 | "showSubtechniques": false 1265 | }, 1266 | { 1267 | "techniqueID": "T1574.008", 1268 | "tactic": "defense-evasion", 1269 | "color": "#31a354", 1270 | "comment": "", 1271 | "enabled": true, 1272 | "metadata": [], 1273 | "showSubtechniques": false 1274 | }, 1275 | { 1276 | "techniqueID": "T1574.006", 1277 | "tactic": "persistence", 1278 | "color": "#31a354", 1279 | "comment": "", 1280 | "enabled": true, 1281 | "metadata": [], 1282 | "showSubtechniques": false 1283 | }, 1284 | { 1285 | "techniqueID": "T1574.006", 1286 | "tactic": "privilege-escalation", 1287 | "color": "#31a354", 1288 | "comment": "", 1289 | "enabled": true, 1290 | "metadata": [], 1291 | "showSubtechniques": false 1292 | }, 1293 | { 1294 | "techniqueID": "T1574.006", 1295 | "tactic": "defense-evasion", 1296 | "color": "#31a354", 1297 | "comment": "", 1298 | "enabled": true, 1299 | "metadata": [], 1300 | "showSubtechniques": false 1301 | }, 1302 | { 1303 | "techniqueID": "T1574.004", 1304 | "tactic": "persistence", 1305 | "color": "#31a354", 1306 | "comment": "", 1307 | "enabled": true, 1308 | "metadata": [], 1309 | "showSubtechniques": false 1310 | }, 1311 | { 1312 | "techniqueID": "T1574.004", 1313 | "tactic": "privilege-escalation", 1314 | "color": "#31a354", 1315 | "comment": "", 1316 | "enabled": true, 1317 | "metadata": [], 1318 | "showSubtechniques": false 1319 | }, 1320 | { 1321 | "techniqueID": "T1574.004", 1322 | "tactic": "defense-evasion", 1323 | "color": "#31a354", 1324 | "comment": "", 1325 | "enabled": true, 1326 | "metadata": [], 1327 | "showSubtechniques": false 1328 | }, 1329 | { 1330 | "techniqueID": "T1562", 1331 | "tactic": "defense-evasion", 1332 | "color": "#31a354", 1333 | "comment": "", 1334 | "enabled": true, 1335 | "metadata": [], 1336 | "showSubtechniques": true 1337 | }, 1338 | { 1339 | "techniqueID": "T1562.001", 1340 | "tactic": "defense-evasion", 1341 | "color": "#31a354", 1342 | "comment": "", 1343 | "enabled": true, 1344 | "metadata": [], 1345 | "showSubtechniques": false 1346 | }, 1347 | { 1348 | "techniqueID": "T1562.002", 1349 | "tactic": "defense-evasion", 1350 | "color": "#31a354", 1351 | "comment": "", 1352 | "enabled": true, 1353 | "metadata": [], 1354 | "showSubtechniques": false 1355 | }, 1356 | { 1357 | "techniqueID": "T1562.003", 1358 | "tactic": "defense-evasion", 1359 | "color": "#31a354", 1360 | "comment": "", 1361 | "enabled": true, 1362 | "metadata": [], 1363 | "showSubtechniques": false 1364 | }, 1365 | { 1366 | "techniqueID": "T1562.004", 1367 | "tactic": "defense-evasion", 1368 | "color": "#31a354", 1369 | "comment": "", 1370 | "enabled": true, 1371 | "metadata": [], 1372 | "showSubtechniques": false 1373 | }, 1374 | { 1375 | "techniqueID": "T1562.006", 1376 | "tactic": "defense-evasion", 1377 | "color": "#31a354", 1378 | "comment": "", 1379 | "enabled": true, 1380 | "metadata": [], 1381 | "showSubtechniques": false 1382 | }, 1383 | { 1384 | "techniqueID": "T1070", 1385 | "tactic": "defense-evasion", 1386 | "color": "#31a354", 1387 | "comment": "", 1388 | "enabled": true, 1389 | "metadata": [], 1390 | "showSubtechniques": true 1391 | }, 1392 | { 1393 | "techniqueID": "T1070.001", 1394 | "tactic": "defense-evasion", 1395 | "color": "#31a354", 1396 | "comment": "", 1397 | "enabled": true, 1398 | "metadata": [], 1399 | "showSubtechniques": false 1400 | }, 1401 | { 1402 | "techniqueID": "T1070.002", 1403 | "tactic": "defense-evasion", 1404 | "color": "#31a354", 1405 | "comment": "", 1406 | "enabled": true, 1407 | "metadata": [], 1408 | "showSubtechniques": false 1409 | }, 1410 | { 1411 | "techniqueID": "T1070.003", 1412 | "tactic": "defense-evasion", 1413 | "color": "#31a354", 1414 | "comment": "", 1415 | "enabled": true, 1416 | "metadata": [], 1417 | "showSubtechniques": false 1418 | }, 1419 | { 1420 | "techniqueID": "T1070.004", 1421 | "tactic": "defense-evasion", 1422 | "color": "#31a354", 1423 | "comment": "", 1424 | "enabled": true, 1425 | "metadata": [], 1426 | "showSubtechniques": false 1427 | }, 1428 | { 1429 | "techniqueID": "T1070.005", 1430 | "tactic": "defense-evasion", 1431 | "color": "#31a354", 1432 | "comment": "", 1433 | "enabled": true, 1434 | "metadata": [], 1435 | "showSubtechniques": false 1436 | }, 1437 | { 1438 | "techniqueID": "T1070.006", 1439 | "tactic": "defense-evasion", 1440 | "color": "#31a354", 1441 | "comment": "", 1442 | "enabled": true, 1443 | "metadata": [], 1444 | "showSubtechniques": false 1445 | }, 1446 | { 1447 | "techniqueID": "T1105", 1448 | "tactic": "command-and-control", 1449 | "color": "#31a354", 1450 | "comment": "", 1451 | "enabled": true, 1452 | "metadata": [], 1453 | "showSubtechniques": false 1454 | }, 1455 | { 1456 | "techniqueID": "T1490", 1457 | "tactic": "impact", 1458 | "color": "#31a354", 1459 | "comment": "", 1460 | "enabled": true, 1461 | "metadata": [], 1462 | "showSubtechniques": false 1463 | }, 1464 | { 1465 | "techniqueID": "T1056", 1466 | "tactic": "collection", 1467 | "color": "", 1468 | "comment": "", 1469 | "enabled": true, 1470 | "metadata": [], 1471 | "showSubtechniques": true 1472 | }, 1473 | { 1474 | "techniqueID": "T1056", 1475 | "tactic": "credential-access", 1476 | "color": "", 1477 | "comment": "", 1478 | "enabled": true, 1479 | "metadata": [], 1480 | "showSubtechniques": true 1481 | }, 1482 | { 1483 | "techniqueID": "T1559", 1484 | "tactic": "execution", 1485 | "color": "", 1486 | "comment": "", 1487 | "enabled": true, 1488 | "metadata": [], 1489 | "showSubtechniques": true 1490 | }, 1491 | { 1492 | "techniqueID": "T1557", 1493 | "tactic": "credential-access", 1494 | "color": "", 1495 | "comment": "", 1496 | "enabled": true, 1497 | "metadata": [], 1498 | "showSubtechniques": true 1499 | }, 1500 | { 1501 | "techniqueID": "T1557", 1502 | "tactic": "collection", 1503 | "color": "", 1504 | "comment": "", 1505 | "enabled": true, 1506 | "metadata": [], 1507 | "showSubtechniques": true 1508 | }, 1509 | { 1510 | "techniqueID": "T1036", 1511 | "tactic": "defense-evasion", 1512 | "color": "", 1513 | "comment": "", 1514 | "enabled": true, 1515 | "metadata": [], 1516 | "showSubtechniques": true 1517 | }, 1518 | { 1519 | "techniqueID": "T1036.002", 1520 | "tactic": "defense-evasion", 1521 | "color": "#31a354", 1522 | "comment": "", 1523 | "enabled": true, 1524 | "metadata": [], 1525 | "showSubtechniques": false 1526 | }, 1527 | { 1528 | "techniqueID": "T1036.003", 1529 | "tactic": "defense-evasion", 1530 | "color": "#31a354", 1531 | "comment": "", 1532 | "enabled": true, 1533 | "metadata": [], 1534 | "showSubtechniques": false 1535 | }, 1536 | { 1537 | "techniqueID": "T1036.004", 1538 | "tactic": "defense-evasion", 1539 | "color": "#31a354", 1540 | "comment": "", 1541 | "enabled": true, 1542 | "metadata": [], 1543 | "showSubtechniques": false 1544 | }, 1545 | { 1546 | "techniqueID": "T1036.005", 1547 | "tactic": "defense-evasion", 1548 | "color": "#31a354", 1549 | "comment": "", 1550 | "enabled": true, 1551 | "metadata": [], 1552 | "showSubtechniques": false 1553 | }, 1554 | { 1555 | "techniqueID": "T1036.006", 1556 | "tactic": "defense-evasion", 1557 | "color": "#31a354", 1558 | "comment": "", 1559 | "enabled": true, 1560 | "metadata": [], 1561 | "showSubtechniques": false 1562 | }, 1563 | { 1564 | "techniqueID": "T1556", 1565 | "tactic": "credential-access", 1566 | "color": "", 1567 | "comment": "", 1568 | "enabled": true, 1569 | "metadata": [], 1570 | "showSubtechniques": true 1571 | }, 1572 | { 1573 | "techniqueID": "T1556", 1574 | "tactic": "defense-evasion", 1575 | "color": "", 1576 | "comment": "", 1577 | "enabled": true, 1578 | "metadata": [], 1579 | "showSubtechniques": true 1580 | }, 1581 | { 1582 | "techniqueID": "T1578", 1583 | "tactic": "defense-evasion", 1584 | "color": "", 1585 | "comment": "", 1586 | "enabled": true, 1587 | "metadata": [], 1588 | "showSubtechniques": true 1589 | }, 1590 | { 1591 | "techniqueID": "T1112", 1592 | "tactic": "defense-evasion", 1593 | "color": "#31a354", 1594 | "comment": "", 1595 | "enabled": true, 1596 | "metadata": [], 1597 | "showSubtechniques": false 1598 | }, 1599 | { 1600 | "techniqueID": "T1498", 1601 | "tactic": "impact", 1602 | "color": "", 1603 | "comment": "", 1604 | "enabled": true, 1605 | "metadata": [], 1606 | "showSubtechniques": true 1607 | }, 1608 | { 1609 | "techniqueID": "T1003", 1610 | "tactic": "credential-access", 1611 | "color": "", 1612 | "comment": "", 1613 | "enabled": true, 1614 | "metadata": [], 1615 | "showSubtechniques": true 1616 | }, 1617 | { 1618 | "techniqueID": "T1027", 1619 | "tactic": "defense-evasion", 1620 | "color": "", 1621 | "comment": "", 1622 | "enabled": true, 1623 | "metadata": [], 1624 | "showSubtechniques": true 1625 | }, 1626 | { 1627 | "techniqueID": "T1027.005", 1628 | "tactic": "defense-evasion", 1629 | "color": "#31a354", 1630 | "comment": "", 1631 | "enabled": true, 1632 | "metadata": [], 1633 | "showSubtechniques": false 1634 | }, 1635 | { 1636 | "techniqueID": "T1137", 1637 | "tactic": "persistence", 1638 | "color": "", 1639 | "comment": "", 1640 | "enabled": true, 1641 | "metadata": [], 1642 | "showSubtechniques": true 1643 | }, 1644 | { 1645 | "techniqueID": "T1069", 1646 | "tactic": "discovery", 1647 | "color": "", 1648 | "comment": "", 1649 | "enabled": true, 1650 | "metadata": [], 1651 | "showSubtechniques": true 1652 | }, 1653 | { 1654 | "techniqueID": "T1566", 1655 | "tactic": "initial-access", 1656 | "color": "", 1657 | "comment": "", 1658 | "enabled": true, 1659 | "metadata": [], 1660 | "showSubtechniques": true 1661 | }, 1662 | { 1663 | "techniqueID": "T1542", 1664 | "tactic": "defense-evasion", 1665 | "color": "", 1666 | "comment": "", 1667 | "enabled": true, 1668 | "metadata": [], 1669 | "showSubtechniques": true 1670 | }, 1671 | { 1672 | "techniqueID": "T1542", 1673 | "tactic": "persistence", 1674 | "color": "", 1675 | "comment": "", 1676 | "enabled": true, 1677 | "metadata": [], 1678 | "showSubtechniques": true 1679 | }, 1680 | { 1681 | "techniqueID": "T1055", 1682 | "tactic": "defense-evasion", 1683 | "color": "", 1684 | "comment": "", 1685 | "enabled": true, 1686 | "metadata": [], 1687 | "showSubtechniques": true 1688 | }, 1689 | { 1690 | "techniqueID": "T1055", 1691 | "tactic": "privilege-escalation", 1692 | "color": "", 1693 | "comment": "", 1694 | "enabled": true, 1695 | "metadata": [], 1696 | "showSubtechniques": true 1697 | }, 1698 | { 1699 | "techniqueID": "T1055.013", 1700 | "tactic": "defense-evasion", 1701 | "color": "#31a354", 1702 | "comment": "", 1703 | "enabled": true, 1704 | "metadata": [], 1705 | "showSubtechniques": false 1706 | }, 1707 | { 1708 | "techniqueID": "T1055.013", 1709 | "tactic": "privilege-escalation", 1710 | "color": "#31a354", 1711 | "comment": "", 1712 | "enabled": true, 1713 | "metadata": [], 1714 | "showSubtechniques": false 1715 | }, 1716 | { 1717 | "techniqueID": "T1090", 1718 | "tactic": "command-and-control", 1719 | "color": "", 1720 | "comment": "", 1721 | "enabled": true, 1722 | "metadata": [], 1723 | "showSubtechniques": true 1724 | }, 1725 | { 1726 | "techniqueID": "T1563", 1727 | "tactic": "lateral-movement", 1728 | "color": "", 1729 | "comment": "", 1730 | "enabled": true, 1731 | "metadata": [], 1732 | "showSubtechniques": true 1733 | }, 1734 | { 1735 | "techniqueID": "T1563.002", 1736 | "tactic": "lateral-movement", 1737 | "color": "#31a354", 1738 | "comment": "", 1739 | "enabled": true, 1740 | "metadata": [], 1741 | "showSubtechniques": false 1742 | }, 1743 | { 1744 | "techniqueID": "T1021", 1745 | "tactic": "lateral-movement", 1746 | "color": "#31a354", 1747 | "comment": "", 1748 | "enabled": true, 1749 | "metadata": [], 1750 | "showSubtechniques": true 1751 | }, 1752 | { 1753 | "techniqueID": "T1021.001", 1754 | "tactic": "lateral-movement", 1755 | "color": "#31a354", 1756 | "comment": "", 1757 | "enabled": true, 1758 | "metadata": [], 1759 | "showSubtechniques": false 1760 | }, 1761 | { 1762 | "techniqueID": "T1021.002", 1763 | "tactic": "lateral-movement", 1764 | "color": "#31a354", 1765 | "comment": "", 1766 | "enabled": true, 1767 | "metadata": [], 1768 | "showSubtechniques": false 1769 | }, 1770 | { 1771 | "techniqueID": "T1021.003", 1772 | "tactic": "lateral-movement", 1773 | "color": "#31a354", 1774 | "comment": "", 1775 | "enabled": true, 1776 | "metadata": [], 1777 | "showSubtechniques": false 1778 | }, 1779 | { 1780 | "techniqueID": "T1021.004", 1781 | "tactic": "lateral-movement", 1782 | "color": "#31a354", 1783 | "comment": "", 1784 | "enabled": true, 1785 | "metadata": [], 1786 | "showSubtechniques": false 1787 | }, 1788 | { 1789 | "techniqueID": "T1021.005", 1790 | "tactic": "lateral-movement", 1791 | "color": "#31a354", 1792 | "comment": "", 1793 | "enabled": true, 1794 | "metadata": [], 1795 | "showSubtechniques": false 1796 | }, 1797 | { 1798 | "techniqueID": "T1021.006", 1799 | "tactic": "lateral-movement", 1800 | "color": "#31a354", 1801 | "comment": "", 1802 | "enabled": true, 1803 | "metadata": [], 1804 | "showSubtechniques": false 1805 | }, 1806 | { 1807 | "techniqueID": "T1091", 1808 | "tactic": "lateral-movement", 1809 | "color": "#31a354", 1810 | "comment": "", 1811 | "enabled": true, 1812 | "metadata": [], 1813 | "showSubtechniques": false 1814 | }, 1815 | { 1816 | "techniqueID": "T1091", 1817 | "tactic": "initial-access", 1818 | "color": "#31a354", 1819 | "comment": "", 1820 | "enabled": true, 1821 | "metadata": [], 1822 | "showSubtechniques": false 1823 | }, 1824 | { 1825 | "techniqueID": "T1496", 1826 | "tactic": "impact", 1827 | "color": "#31a354", 1828 | "comment": "", 1829 | "enabled": true, 1830 | "metadata": [], 1831 | "showSubtechniques": false 1832 | }, 1833 | { 1834 | "techniqueID": "T1053", 1835 | "tactic": "execution", 1836 | "color": "#31a354", 1837 | "comment": "", 1838 | "enabled": true, 1839 | "metadata": [], 1840 | "showSubtechniques": true 1841 | }, 1842 | { 1843 | "techniqueID": "T1053", 1844 | "tactic": "persistence", 1845 | "color": "#31a354", 1846 | "comment": "", 1847 | "enabled": true, 1848 | "metadata": [], 1849 | "showSubtechniques": true 1850 | }, 1851 | { 1852 | "techniqueID": "T1053", 1853 | "tactic": "privilege-escalation", 1854 | "color": "#31a354", 1855 | "comment": "", 1856 | "enabled": true, 1857 | "metadata": [], 1858 | "showSubtechniques": true 1859 | }, 1860 | { 1861 | "techniqueID": "T1053.002", 1862 | "tactic": "execution", 1863 | "color": "#31a354", 1864 | "comment": "", 1865 | "enabled": true, 1866 | "metadata": [], 1867 | "showSubtechniques": false 1868 | }, 1869 | { 1870 | "techniqueID": "T1053.002", 1871 | "tactic": "persistence", 1872 | "color": "#31a354", 1873 | "comment": "", 1874 | "enabled": true, 1875 | "metadata": [], 1876 | "showSubtechniques": false 1877 | }, 1878 | { 1879 | "techniqueID": "T1053.002", 1880 | "tactic": "privilege-escalation", 1881 | "color": "#31a354", 1882 | "comment": "", 1883 | "enabled": true, 1884 | "metadata": [], 1885 | "showSubtechniques": false 1886 | }, 1887 | { 1888 | "techniqueID": "T1053.005", 1889 | "tactic": "execution", 1890 | "color": "#31a354", 1891 | "comment": "", 1892 | "enabled": true, 1893 | "metadata": [], 1894 | "showSubtechniques": false 1895 | }, 1896 | { 1897 | "techniqueID": "T1053.005", 1898 | "tactic": "persistence", 1899 | "color": "#31a354", 1900 | "comment": "", 1901 | "enabled": true, 1902 | "metadata": [], 1903 | "showSubtechniques": false 1904 | }, 1905 | { 1906 | "techniqueID": "T1053.005", 1907 | "tactic": "privilege-escalation", 1908 | "color": "#31a354", 1909 | "comment": "", 1910 | "enabled": true, 1911 | "metadata": [], 1912 | "showSubtechniques": false 1913 | }, 1914 | { 1915 | "techniqueID": "T1053.001", 1916 | "tactic": "execution", 1917 | "color": "#31a354", 1918 | "comment": "", 1919 | "enabled": true, 1920 | "metadata": [], 1921 | "showSubtechniques": false 1922 | }, 1923 | { 1924 | "techniqueID": "T1053.001", 1925 | "tactic": "persistence", 1926 | "color": "#31a354", 1927 | "comment": "", 1928 | "enabled": true, 1929 | "metadata": [], 1930 | "showSubtechniques": false 1931 | }, 1932 | { 1933 | "techniqueID": "T1053.001", 1934 | "tactic": "privilege-escalation", 1935 | "color": "#31a354", 1936 | "comment": "", 1937 | "enabled": true, 1938 | "metadata": [], 1939 | "showSubtechniques": false 1940 | }, 1941 | { 1942 | "techniqueID": "T1053.004", 1943 | "tactic": "execution", 1944 | "color": "#31a354", 1945 | "comment": "", 1946 | "enabled": true, 1947 | "metadata": [], 1948 | "showSubtechniques": false 1949 | }, 1950 | { 1951 | "techniqueID": "T1053.004", 1952 | "tactic": "persistence", 1953 | "color": "#31a354", 1954 | "comment": "", 1955 | "enabled": true, 1956 | "metadata": [], 1957 | "showSubtechniques": false 1958 | }, 1959 | { 1960 | "techniqueID": "T1053.004", 1961 | "tactic": "privilege-escalation", 1962 | "color": "#31a354", 1963 | "comment": "", 1964 | "enabled": true, 1965 | "metadata": [], 1966 | "showSubtechniques": false 1967 | }, 1968 | { 1969 | "techniqueID": "T1053.003", 1970 | "tactic": "execution", 1971 | "color": "#31a354", 1972 | "comment": "", 1973 | "enabled": true, 1974 | "metadata": [], 1975 | "showSubtechniques": false 1976 | }, 1977 | { 1978 | "techniqueID": "T1053.003", 1979 | "tactic": "persistence", 1980 | "color": "#31a354", 1981 | "comment": "", 1982 | "enabled": true, 1983 | "metadata": [], 1984 | "showSubtechniques": false 1985 | }, 1986 | { 1987 | "techniqueID": "T1053.003", 1988 | "tactic": "privilege-escalation", 1989 | "color": "#31a354", 1990 | "comment": "", 1991 | "enabled": true, 1992 | "metadata": [], 1993 | "showSubtechniques": false 1994 | }, 1995 | { 1996 | "techniqueID": "T1029", 1997 | "tactic": "exfiltration", 1998 | "color": "#31a354", 1999 | "comment": "", 2000 | "enabled": true, 2001 | "metadata": [], 2002 | "showSubtechniques": false 2003 | }, 2004 | { 2005 | "techniqueID": "T1113", 2006 | "tactic": "collection", 2007 | "color": "#31a354", 2008 | "comment": "", 2009 | "enabled": true, 2010 | "metadata": [], 2011 | "showSubtechniques": false 2012 | }, 2013 | { 2014 | "techniqueID": "T1505", 2015 | "tactic": "persistence", 2016 | "color": "", 2017 | "comment": "", 2018 | "enabled": true, 2019 | "metadata": [], 2020 | "showSubtechniques": true 2021 | }, 2022 | { 2023 | "techniqueID": "T1489", 2024 | "tactic": "impact", 2025 | "color": "#31a354", 2026 | "comment": "", 2027 | "enabled": true, 2028 | "metadata": [], 2029 | "showSubtechniques": false 2030 | }, 2031 | { 2032 | "techniqueID": "T1218", 2033 | "tactic": "defense-evasion", 2034 | "color": "", 2035 | "comment": "", 2036 | "enabled": true, 2037 | "metadata": [], 2038 | "showSubtechniques": true 2039 | }, 2040 | { 2041 | "techniqueID": "T1216", 2042 | "tactic": "defense-evasion", 2043 | "color": "", 2044 | "comment": "", 2045 | "enabled": true, 2046 | "metadata": [], 2047 | "showSubtechniques": true 2048 | }, 2049 | { 2050 | "techniqueID": "T1518", 2051 | "tactic": "discovery", 2052 | "color": "", 2053 | "comment": "", 2054 | "enabled": true, 2055 | "metadata": [], 2056 | "showSubtechniques": true 2057 | }, 2058 | { 2059 | "techniqueID": "T1558", 2060 | "tactic": "credential-access", 2061 | "color": "", 2062 | "comment": "", 2063 | "enabled": true, 2064 | "metadata": [], 2065 | "showSubtechniques": true 2066 | }, 2067 | { 2068 | "techniqueID": "T1553", 2069 | "tactic": "defense-evasion", 2070 | "color": "", 2071 | "comment": "", 2072 | "enabled": true, 2073 | "metadata": [], 2074 | "showSubtechniques": true 2075 | }, 2076 | { 2077 | "techniqueID": "T1553.001", 2078 | "tactic": "defense-evasion", 2079 | "color": "#31a354", 2080 | "comment": "", 2081 | "enabled": true, 2082 | "metadata": [], 2083 | "showSubtechniques": false 2084 | }, 2085 | { 2086 | "techniqueID": "T1195", 2087 | "tactic": "initial-access", 2088 | "color": "", 2089 | "comment": "", 2090 | "enabled": true, 2091 | "metadata": [], 2092 | "showSubtechniques": true 2093 | }, 2094 | { 2095 | "techniqueID": "T1569", 2096 | "tactic": "execution", 2097 | "color": "#31a354", 2098 | "comment": "", 2099 | "enabled": true, 2100 | "metadata": [], 2101 | "showSubtechniques": true 2102 | }, 2103 | { 2104 | "techniqueID": "T1569.001", 2105 | "tactic": "execution", 2106 | "color": "#31a354", 2107 | "comment": "", 2108 | "enabled": true, 2109 | "metadata": [], 2110 | "showSubtechniques": false 2111 | }, 2112 | { 2113 | "techniqueID": "T1569.002", 2114 | "tactic": "execution", 2115 | "color": "#31a354", 2116 | "comment": "", 2117 | "enabled": true, 2118 | "metadata": [], 2119 | "showSubtechniques": false 2120 | }, 2121 | { 2122 | "techniqueID": "T1529", 2123 | "tactic": "impact", 2124 | "color": "#31a354", 2125 | "comment": "", 2126 | "enabled": true, 2127 | "metadata": [], 2128 | "showSubtechniques": false 2129 | }, 2130 | { 2131 | "techniqueID": "T1221", 2132 | "tactic": "defense-evasion", 2133 | "color": "#31a354", 2134 | "comment": "", 2135 | "enabled": true, 2136 | "metadata": [], 2137 | "showSubtechniques": false 2138 | }, 2139 | { 2140 | "techniqueID": "T1205", 2141 | "tactic": "defense-evasion", 2142 | "color": "", 2143 | "comment": "", 2144 | "enabled": true, 2145 | "metadata": [], 2146 | "showSubtechniques": true 2147 | }, 2148 | { 2149 | "techniqueID": "T1205", 2150 | "tactic": "persistence", 2151 | "color": "", 2152 | "comment": "", 2153 | "enabled": true, 2154 | "metadata": [], 2155 | "showSubtechniques": true 2156 | }, 2157 | { 2158 | "techniqueID": "T1205", 2159 | "tactic": "command-and-control", 2160 | "color": "", 2161 | "comment": "", 2162 | "enabled": true, 2163 | "metadata": [], 2164 | "showSubtechniques": true 2165 | }, 2166 | { 2167 | "techniqueID": "T1127", 2168 | "tactic": "defense-evasion", 2169 | "color": "", 2170 | "comment": "", 2171 | "enabled": true, 2172 | "metadata": [], 2173 | "showSubtechniques": true 2174 | }, 2175 | { 2176 | "techniqueID": "T1552", 2177 | "tactic": "credential-access", 2178 | "color": "#31a354", 2179 | "comment": "", 2180 | "enabled": true, 2181 | "metadata": [], 2182 | "showSubtechniques": true 2183 | }, 2184 | { 2185 | "techniqueID": "T1552.001", 2186 | "tactic": "credential-access", 2187 | "color": "#31a354", 2188 | "comment": "", 2189 | "enabled": true, 2190 | "metadata": [], 2191 | "showSubtechniques": false 2192 | }, 2193 | { 2194 | "techniqueID": "T1552.002", 2195 | "tactic": "credential-access", 2196 | "color": "#31a354", 2197 | "comment": "", 2198 | "enabled": true, 2199 | "metadata": [], 2200 | "showSubtechniques": false 2201 | }, 2202 | { 2203 | "techniqueID": "T1552.003", 2204 | "tactic": "credential-access", 2205 | "color": "#31a354", 2206 | "comment": "", 2207 | "enabled": true, 2208 | "metadata": [], 2209 | "showSubtechniques": false 2210 | }, 2211 | { 2212 | "techniqueID": "T1552.004", 2213 | "tactic": "credential-access", 2214 | "color": "#31a354", 2215 | "comment": "", 2216 | "enabled": true, 2217 | "metadata": [], 2218 | "showSubtechniques": false 2219 | }, 2220 | { 2221 | "techniqueID": "T1552.006", 2222 | "tactic": "credential-access", 2223 | "color": "#31a354", 2224 | "comment": "", 2225 | "enabled": true, 2226 | "metadata": [], 2227 | "showSubtechniques": false 2228 | }, 2229 | { 2230 | "techniqueID": "T1550", 2231 | "tactic": "defense-evasion", 2232 | "color": "", 2233 | "comment": "", 2234 | "enabled": true, 2235 | "metadata": [], 2236 | "showSubtechniques": true 2237 | }, 2238 | { 2239 | "techniqueID": "T1550", 2240 | "tactic": "lateral-movement", 2241 | "color": "", 2242 | "comment": "", 2243 | "enabled": true, 2244 | "metadata": [], 2245 | "showSubtechniques": true 2246 | }, 2247 | { 2248 | "techniqueID": "T1204", 2249 | "tactic": "execution", 2250 | "color": "", 2251 | "comment": "", 2252 | "enabled": true, 2253 | "metadata": [], 2254 | "showSubtechniques": true 2255 | }, 2256 | { 2257 | "techniqueID": "T1078", 2258 | "tactic": "defense-evasion", 2259 | "color": "#31a354", 2260 | "comment": "", 2261 | "enabled": true, 2262 | "metadata": [], 2263 | "showSubtechniques": true 2264 | }, 2265 | { 2266 | "techniqueID": "T1078", 2267 | "tactic": "persistence", 2268 | "color": "#31a354", 2269 | "comment": "", 2270 | "enabled": true, 2271 | "metadata": [], 2272 | "showSubtechniques": true 2273 | }, 2274 | { 2275 | "techniqueID": "T1078", 2276 | "tactic": "privilege-escalation", 2277 | "color": "#31a354", 2278 | "comment": "", 2279 | "enabled": true, 2280 | "metadata": [], 2281 | "showSubtechniques": true 2282 | }, 2283 | { 2284 | "techniqueID": "T1078", 2285 | "tactic": "initial-access", 2286 | "color": "#31a354", 2287 | "comment": "", 2288 | "enabled": true, 2289 | "metadata": [], 2290 | "showSubtechniques": true 2291 | }, 2292 | { 2293 | "techniqueID": "T1078.001", 2294 | "tactic": "defense-evasion", 2295 | "color": "#31a354", 2296 | "comment": "", 2297 | "enabled": true, 2298 | "metadata": [], 2299 | "showSubtechniques": false 2300 | }, 2301 | { 2302 | "techniqueID": "T1078.001", 2303 | "tactic": "persistence", 2304 | "color": "#31a354", 2305 | "comment": "", 2306 | "enabled": true, 2307 | "metadata": [], 2308 | "showSubtechniques": false 2309 | }, 2310 | { 2311 | "techniqueID": "T1078.001", 2312 | "tactic": "privilege-escalation", 2313 | "color": "#31a354", 2314 | "comment": "", 2315 | "enabled": true, 2316 | "metadata": [], 2317 | "showSubtechniques": false 2318 | }, 2319 | { 2320 | "techniqueID": "T1078.001", 2321 | "tactic": "initial-access", 2322 | "color": "#31a354", 2323 | "comment": "", 2324 | "enabled": true, 2325 | "metadata": [], 2326 | "showSubtechniques": false 2327 | }, 2328 | { 2329 | "techniqueID": "T1078.002", 2330 | "tactic": "defense-evasion", 2331 | "color": "#31a354", 2332 | "comment": "", 2333 | "enabled": true, 2334 | "metadata": [], 2335 | "showSubtechniques": false 2336 | }, 2337 | { 2338 | "techniqueID": "T1078.002", 2339 | "tactic": "persistence", 2340 | "color": "#31a354", 2341 | "comment": "", 2342 | "enabled": true, 2343 | "metadata": [], 2344 | "showSubtechniques": false 2345 | }, 2346 | { 2347 | "techniqueID": "T1078.002", 2348 | "tactic": "privilege-escalation", 2349 | "color": "#31a354", 2350 | "comment": "", 2351 | "enabled": true, 2352 | "metadata": [], 2353 | "showSubtechniques": false 2354 | }, 2355 | { 2356 | "techniqueID": "T1078.002", 2357 | "tactic": "initial-access", 2358 | "color": "#31a354", 2359 | "comment": "", 2360 | "enabled": true, 2361 | "metadata": [], 2362 | "showSubtechniques": false 2363 | }, 2364 | { 2365 | "techniqueID": "T1078.003", 2366 | "tactic": "defense-evasion", 2367 | "color": "#31a354", 2368 | "comment": "", 2369 | "enabled": true, 2370 | "metadata": [], 2371 | "showSubtechniques": false 2372 | }, 2373 | { 2374 | "techniqueID": "T1078.003", 2375 | "tactic": "persistence", 2376 | "color": "#31a354", 2377 | "comment": "", 2378 | "enabled": true, 2379 | "metadata": [], 2380 | "showSubtechniques": false 2381 | }, 2382 | { 2383 | "techniqueID": "T1078.003", 2384 | "tactic": "privilege-escalation", 2385 | "color": "#31a354", 2386 | "comment": "", 2387 | "enabled": true, 2388 | "metadata": [], 2389 | "showSubtechniques": false 2390 | }, 2391 | { 2392 | "techniqueID": "T1078.003", 2393 | "tactic": "initial-access", 2394 | "color": "#31a354", 2395 | "comment": "", 2396 | "enabled": true, 2397 | "metadata": [], 2398 | "showSubtechniques": false 2399 | }, 2400 | { 2401 | "techniqueID": "T1497", 2402 | "tactic": "defense-evasion", 2403 | "color": "", 2404 | "comment": "", 2405 | "enabled": true, 2406 | "metadata": [], 2407 | "showSubtechniques": true 2408 | }, 2409 | { 2410 | "techniqueID": "T1497", 2411 | "tactic": "discovery", 2412 | "color": "", 2413 | "comment": "", 2414 | "enabled": true, 2415 | "metadata": [], 2416 | "showSubtechniques": true 2417 | }, 2418 | { 2419 | "techniqueID": "T1102", 2420 | "tactic": "command-and-control", 2421 | "color": "", 2422 | "comment": "", 2423 | "enabled": true, 2424 | "metadata": [], 2425 | "showSubtechniques": true 2426 | } 2427 | ], 2428 | "gradient": { 2429 | "colors": [ 2430 | "#ff6666", 2431 | "#ffe766", 2432 | "#8ec843" 2433 | ], 2434 | "minValue": 0, 2435 | "maxValue": 100 2436 | }, 2437 | "legendItems": [], 2438 | "metadata": [], 2439 | "showTacticRowBackground": false, 2440 | "tacticRowBackground": "#dddddd", 2441 | "selectTechniquesAcrossTactics": true, 2442 | "selectSubtechniquesWithParent": false 2443 | } -------------------------------------------------------------------------------- /teaching/Orange.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Orange", 3 | "version": "3.0", 4 | "domain": "mitre-enterprise", 5 | "description": "", 6 | "filters": { 7 | "stages": [ 8 | "act" 9 | ], 10 | "platforms": [ 11 | "Windows", 12 | "Linux", 13 | "macOS" 14 | ] 15 | }, 16 | "sorting": 0, 17 | "layout": { 18 | "layout": "side", 19 | "showID": false, 20 | "showName": true 21 | }, 22 | "hideDisabled": false, 23 | "techniques": [ 24 | { 25 | "techniqueID": "T1548", 26 | "tactic": "privilege-escalation", 27 | "color": "", 28 | "comment": "", 29 | "enabled": true, 30 | "metadata": [], 31 | "showSubtechniques": true 32 | }, 33 | { 34 | "techniqueID": "T1548", 35 | "tactic": "defense-evasion", 36 | "color": "", 37 | "comment": "", 38 | "enabled": true, 39 | "metadata": [], 40 | "showSubtechniques": true 41 | }, 42 | { 43 | "techniqueID": "T1134", 44 | "tactic": "defense-evasion", 45 | "color": "", 46 | "comment": "", 47 | "enabled": true, 48 | "metadata": [], 49 | "showSubtechniques": true 50 | }, 51 | { 52 | "techniqueID": "T1134", 53 | "tactic": "privilege-escalation", 54 | "color": "", 55 | "comment": "", 56 | "enabled": true, 57 | "metadata": [], 58 | "showSubtechniques": true 59 | }, 60 | { 61 | "techniqueID": "T1087", 62 | "tactic": "discovery", 63 | "color": "", 64 | "comment": "", 65 | "enabled": true, 66 | "metadata": [], 67 | "showSubtechniques": true 68 | }, 69 | { 70 | "techniqueID": "T1098", 71 | "tactic": "persistence", 72 | "color": "", 73 | "comment": "", 74 | "enabled": true, 75 | "metadata": [], 76 | "showSubtechniques": true 77 | }, 78 | { 79 | "techniqueID": "T1071", 80 | "tactic": "command-and-control", 81 | "color": "#fd8d3c", 82 | "comment": "", 83 | "enabled": true, 84 | "metadata": [], 85 | "showSubtechniques": true 86 | }, 87 | { 88 | "techniqueID": "T1071.001", 89 | "tactic": "command-and-control", 90 | "color": "#fd8d3c", 91 | "comment": "", 92 | "enabled": true, 93 | "metadata": [], 94 | "showSubtechniques": false 95 | }, 96 | { 97 | "techniqueID": "T1071.002", 98 | "tactic": "command-and-control", 99 | "color": "#fd8d3c", 100 | "comment": "", 101 | "enabled": true, 102 | "metadata": [], 103 | "showSubtechniques": false 104 | }, 105 | { 106 | "techniqueID": "T1071.003", 107 | "tactic": "command-and-control", 108 | "color": "#fd8d3c", 109 | "comment": "", 110 | "enabled": true, 111 | "metadata": [], 112 | "showSubtechniques": false 113 | }, 114 | { 115 | "techniqueID": "T1071.004", 116 | "tactic": "command-and-control", 117 | "color": "#fd8d3c", 118 | "comment": "", 119 | "enabled": true, 120 | "metadata": [], 121 | "showSubtechniques": false 122 | }, 123 | { 124 | "techniqueID": "T1560", 125 | "tactic": "collection", 126 | "color": "", 127 | "comment": "", 128 | "enabled": true, 129 | "metadata": [], 130 | "showSubtechniques": true 131 | }, 132 | { 133 | "techniqueID": "T1197", 134 | "tactic": "defense-evasion", 135 | "color": "#fd8d3c", 136 | "comment": "", 137 | "enabled": true, 138 | "metadata": [], 139 | "showSubtechniques": false 140 | }, 141 | { 142 | "techniqueID": "T1197", 143 | "tactic": "persistence", 144 | "color": "#fd8d3c", 145 | "comment": "", 146 | "enabled": true, 147 | "metadata": [], 148 | "showSubtechniques": false 149 | }, 150 | { 151 | "techniqueID": "T1547", 152 | "tactic": "persistence", 153 | "color": "", 154 | "comment": "", 155 | "enabled": true, 156 | "metadata": [], 157 | "showSubtechniques": true 158 | }, 159 | { 160 | "techniqueID": "T1547", 161 | "tactic": "privilege-escalation", 162 | "color": "", 163 | "comment": "", 164 | "enabled": true, 165 | "metadata": [], 166 | "showSubtechniques": true 167 | }, 168 | { 169 | "techniqueID": "T1037", 170 | "tactic": "persistence", 171 | "color": "", 172 | "comment": "", 173 | "enabled": true, 174 | "metadata": [], 175 | "showSubtechniques": true 176 | }, 177 | { 178 | "techniqueID": "T1037", 179 | "tactic": "privilege-escalation", 180 | "color": "", 181 | "comment": "", 182 | "enabled": true, 183 | "metadata": [], 184 | "showSubtechniques": true 185 | }, 186 | { 187 | "techniqueID": "T1176", 188 | "tactic": "persistence", 189 | "color": "#fd8d3c", 190 | "comment": "", 191 | "enabled": true, 192 | "metadata": [], 193 | "showSubtechniques": false 194 | }, 195 | { 196 | "techniqueID": "T1110", 197 | "tactic": "credential-access", 198 | "color": "", 199 | "comment": "", 200 | "enabled": true, 201 | "metadata": [], 202 | "showSubtechniques": true 203 | }, 204 | { 205 | "techniqueID": "T1059", 206 | "tactic": "execution", 207 | "color": "", 208 | "comment": "", 209 | "enabled": true, 210 | "metadata": [], 211 | "showSubtechniques": true 212 | }, 213 | { 214 | "techniqueID": "T1136", 215 | "tactic": "persistence", 216 | "color": "", 217 | "comment": "", 218 | "enabled": true, 219 | "metadata": [], 220 | "showSubtechniques": true 221 | }, 222 | { 223 | "techniqueID": "T1543", 224 | "tactic": "persistence", 225 | "color": "", 226 | "comment": "", 227 | "enabled": true, 228 | "metadata": [], 229 | "showSubtechniques": true 230 | }, 231 | { 232 | "techniqueID": "T1543", 233 | "tactic": "privilege-escalation", 234 | "color": "", 235 | "comment": "", 236 | "enabled": true, 237 | "metadata": [], 238 | "showSubtechniques": true 239 | }, 240 | { 241 | "techniqueID": "T1555", 242 | "tactic": "credential-access", 243 | "color": "", 244 | "comment": "", 245 | "enabled": true, 246 | "metadata": [], 247 | "showSubtechniques": true 248 | }, 249 | { 250 | "techniqueID": "T1132", 251 | "tactic": "command-and-control", 252 | "color": "", 253 | "comment": "", 254 | "enabled": true, 255 | "metadata": [], 256 | "showSubtechniques": true 257 | }, 258 | { 259 | "techniqueID": "T1565", 260 | "tactic": "impact", 261 | "color": "", 262 | "comment": "", 263 | "enabled": true, 264 | "metadata": [], 265 | "showSubtechniques": true 266 | }, 267 | { 268 | "techniqueID": "T1565.002", 269 | "tactic": "impact", 270 | "color": "#fd8d3c", 271 | "comment": "", 272 | "enabled": true, 273 | "metadata": [], 274 | "showSubtechniques": false 275 | }, 276 | { 277 | "techniqueID": "T1001", 278 | "tactic": "command-and-control", 279 | "color": "", 280 | "comment": "", 281 | "enabled": true, 282 | "metadata": [], 283 | "showSubtechniques": true 284 | }, 285 | { 286 | "techniqueID": "T1074", 287 | "tactic": "collection", 288 | "color": "", 289 | "comment": "", 290 | "enabled": true, 291 | "metadata": [], 292 | "showSubtechniques": true 293 | }, 294 | { 295 | "techniqueID": "T1074.002", 296 | "tactic": "collection", 297 | "color": "#fd8d3c", 298 | "comment": "", 299 | "enabled": true, 300 | "metadata": [], 301 | "showSubtechniques": false 302 | }, 303 | { 304 | "techniqueID": "T1213", 305 | "tactic": "collection", 306 | "color": "#fd8d3c", 307 | "comment": "", 308 | "enabled": true, 309 | "metadata": [], 310 | "showSubtechniques": true 311 | }, 312 | { 313 | "techniqueID": "T1213.002", 314 | "tactic": "collection", 315 | "color": "#fd8d3c", 316 | "comment": "", 317 | "enabled": true, 318 | "metadata": [], 319 | "showSubtechniques": false 320 | }, 321 | { 322 | "techniqueID": "T1491", 323 | "tactic": "impact", 324 | "color": "#fd8d3c", 325 | "comment": "", 326 | "enabled": true, 327 | "metadata": [], 328 | "showSubtechniques": true 329 | }, 330 | { 331 | "techniqueID": "T1491.001", 332 | "tactic": "impact", 333 | "color": "#fd8d3c", 334 | "comment": "", 335 | "enabled": true, 336 | "metadata": [], 337 | "showSubtechniques": false 338 | }, 339 | { 340 | "techniqueID": "T1491.002", 341 | "tactic": "impact", 342 | "color": "#fd8d3c", 343 | "comment": "", 344 | "enabled": true, 345 | "metadata": [], 346 | "showSubtechniques": false 347 | }, 348 | { 349 | "techniqueID": "T1561", 350 | "tactic": "impact", 351 | "color": "", 352 | "comment": "", 353 | "enabled": true, 354 | "metadata": [], 355 | "showSubtechniques": true 356 | }, 357 | { 358 | "techniqueID": "T1189", 359 | "tactic": "initial-access", 360 | "color": "#fd8d3c", 361 | "comment": "", 362 | "enabled": true, 363 | "metadata": [], 364 | "showSubtechniques": false 365 | }, 366 | { 367 | "techniqueID": "T1568", 368 | "tactic": "command-and-control", 369 | "color": "#fd8d3c", 370 | "comment": "", 371 | "enabled": true, 372 | "metadata": [], 373 | "showSubtechniques": true 374 | }, 375 | { 376 | "techniqueID": "T1568.002", 377 | "tactic": "command-and-control", 378 | "color": "#fd8d3c", 379 | "comment": "", 380 | "enabled": true, 381 | "metadata": [], 382 | "showSubtechniques": false 383 | }, 384 | { 385 | "techniqueID": "T1568.001", 386 | "tactic": "command-and-control", 387 | "color": "#fd8d3c", 388 | "comment": "", 389 | "enabled": true, 390 | "metadata": [], 391 | "showSubtechniques": false 392 | }, 393 | { 394 | "techniqueID": "T1568.003", 395 | "tactic": "command-and-control", 396 | "color": "#fd8d3c", 397 | "comment": "", 398 | "enabled": true, 399 | "metadata": [], 400 | "showSubtechniques": false 401 | }, 402 | { 403 | "techniqueID": "T1114", 404 | "tactic": "collection", 405 | "color": "#fd8d3c", 406 | "comment": "", 407 | "enabled": true, 408 | "metadata": [], 409 | "showSubtechniques": true 410 | }, 411 | { 412 | "techniqueID": "T1114.001", 413 | "tactic": "collection", 414 | "color": "#fd8d3c", 415 | "comment": "", 416 | "enabled": true, 417 | "metadata": [], 418 | "showSubtechniques": false 419 | }, 420 | { 421 | "techniqueID": "T1114.002", 422 | "tactic": "collection", 423 | "color": "#fd8d3c", 424 | "comment": "", 425 | "enabled": true, 426 | "metadata": [], 427 | "showSubtechniques": false 428 | }, 429 | { 430 | "techniqueID": "T1114.003", 431 | "tactic": "collection", 432 | "color": "#fd8d3c", 433 | "comment": "", 434 | "enabled": true, 435 | "metadata": [], 436 | "showSubtechniques": false 437 | }, 438 | { 439 | "techniqueID": "T1573", 440 | "tactic": "command-and-control", 441 | "color": "#fd8d3c", 442 | "comment": "", 443 | "enabled": true, 444 | "metadata": [], 445 | "showSubtechniques": true 446 | }, 447 | { 448 | "techniqueID": "T1499", 449 | "tactic": "impact", 450 | "color": "", 451 | "comment": "", 452 | "enabled": true, 453 | "metadata": [], 454 | "showSubtechniques": true 455 | }, 456 | { 457 | "techniqueID": "T1546", 458 | "tactic": "privilege-escalation", 459 | "color": "", 460 | "comment": "", 461 | "enabled": true, 462 | "metadata": [], 463 | "showSubtechniques": true 464 | }, 465 | { 466 | "techniqueID": "T1546", 467 | "tactic": "persistence", 468 | "color": "", 469 | "comment": "", 470 | "enabled": true, 471 | "metadata": [], 472 | "showSubtechniques": true 473 | }, 474 | { 475 | "techniqueID": "T1480", 476 | "tactic": "defense-evasion", 477 | "color": "", 478 | "comment": "", 479 | "enabled": true, 480 | "metadata": [], 481 | "showSubtechniques": true 482 | }, 483 | { 484 | "techniqueID": "T1048", 485 | "tactic": "exfiltration", 486 | "color": "#fd8d3c", 487 | "comment": "", 488 | "enabled": true, 489 | "metadata": [], 490 | "showSubtechniques": true 491 | }, 492 | { 493 | "techniqueID": "T1048.001", 494 | "tactic": "exfiltration", 495 | "color": "#fd8d3c", 496 | "comment": "", 497 | "enabled": true, 498 | "metadata": [], 499 | "showSubtechniques": false 500 | }, 501 | { 502 | "techniqueID": "T1048.002", 503 | "tactic": "exfiltration", 504 | "color": "#fd8d3c", 505 | "comment": "", 506 | "enabled": true, 507 | "metadata": [], 508 | "showSubtechniques": false 509 | }, 510 | { 511 | "techniqueID": "T1041", 512 | "tactic": "exfiltration", 513 | "color": "#fd8d3c", 514 | "comment": "", 515 | "enabled": true, 516 | "metadata": [], 517 | "showSubtechniques": false 518 | }, 519 | { 520 | "techniqueID": "T1011", 521 | "tactic": "exfiltration", 522 | "color": "#fd8d3c", 523 | "comment": "", 524 | "enabled": true, 525 | "metadata": [], 526 | "showSubtechniques": true 527 | }, 528 | { 529 | "techniqueID": "T1011.001", 530 | "tactic": "exfiltration", 531 | "color": "#fd8d3c", 532 | "comment": "", 533 | "enabled": true, 534 | "metadata": [], 535 | "showSubtechniques": false 536 | }, 537 | { 538 | "techniqueID": "T1052", 539 | "tactic": "exfiltration", 540 | "color": "", 541 | "comment": "", 542 | "enabled": true, 543 | "metadata": [], 544 | "showSubtechniques": true 545 | }, 546 | { 547 | "techniqueID": "T1567", 548 | "tactic": "exfiltration", 549 | "color": "#fd8d3c", 550 | "comment": "", 551 | "enabled": true, 552 | "metadata": [], 553 | "showSubtechniques": true 554 | }, 555 | { 556 | "techniqueID": "T1567.001", 557 | "tactic": "exfiltration", 558 | "color": "#fd8d3c", 559 | "comment": "", 560 | "enabled": true, 561 | "metadata": [], 562 | "showSubtechniques": false 563 | }, 564 | { 565 | "techniqueID": "T1567.002", 566 | "tactic": "exfiltration", 567 | "color": "#fd8d3c", 568 | "comment": "", 569 | "enabled": true, 570 | "metadata": [], 571 | "showSubtechniques": false 572 | }, 573 | { 574 | "techniqueID": "T1133", 575 | "tactic": "persistence", 576 | "color": "#fd8d3c", 577 | "comment": "", 578 | "enabled": true, 579 | "metadata": [], 580 | "showSubtechniques": false 581 | }, 582 | { 583 | "techniqueID": "T1133", 584 | "tactic": "initial-access", 585 | "color": "#fd8d3c", 586 | "comment": "", 587 | "enabled": true, 588 | "metadata": [], 589 | "showSubtechniques": false 590 | }, 591 | { 592 | "techniqueID": "T1222", 593 | "tactic": "defense-evasion", 594 | "color": "", 595 | "comment": "", 596 | "enabled": true, 597 | "metadata": [], 598 | "showSubtechniques": true 599 | }, 600 | { 601 | "techniqueID": "T1187", 602 | "tactic": "credential-access", 603 | "color": "#fd8d3c", 604 | "comment": "", 605 | "enabled": true, 606 | "metadata": [], 607 | "showSubtechniques": false 608 | }, 609 | { 610 | "techniqueID": "T1564", 611 | "tactic": "defense-evasion", 612 | "color": "", 613 | "comment": "", 614 | "enabled": true, 615 | "metadata": [], 616 | "showSubtechniques": true 617 | }, 618 | { 619 | "techniqueID": "T1574", 620 | "tactic": "persistence", 621 | "color": "", 622 | "comment": "", 623 | "enabled": true, 624 | "metadata": [], 625 | "showSubtechniques": true 626 | }, 627 | { 628 | "techniqueID": "T1574", 629 | "tactic": "privilege-escalation", 630 | "color": "", 631 | "comment": "", 632 | "enabled": true, 633 | "metadata": [], 634 | "showSubtechniques": true 635 | }, 636 | { 637 | "techniqueID": "T1574", 638 | "tactic": "defense-evasion", 639 | "color": "", 640 | "comment": "", 641 | "enabled": true, 642 | "metadata": [], 643 | "showSubtechniques": true 644 | }, 645 | { 646 | "techniqueID": "T1574.005", 647 | "tactic": "persistence", 648 | "color": "#fd8d3c", 649 | "comment": "", 650 | "enabled": true, 651 | "metadata": [], 652 | "showSubtechniques": false 653 | }, 654 | { 655 | "techniqueID": "T1574.005", 656 | "tactic": "privilege-escalation", 657 | "color": "#fd8d3c", 658 | "comment": "", 659 | "enabled": true, 660 | "metadata": [], 661 | "showSubtechniques": false 662 | }, 663 | { 664 | "techniqueID": "T1574.005", 665 | "tactic": "defense-evasion", 666 | "color": "#fd8d3c", 667 | "comment": "", 668 | "enabled": true, 669 | "metadata": [], 670 | "showSubtechniques": false 671 | }, 672 | { 673 | "techniqueID": "T1562", 674 | "tactic": "defense-evasion", 675 | "color": "", 676 | "comment": "", 677 | "enabled": true, 678 | "metadata": [], 679 | "showSubtechniques": true 680 | }, 681 | { 682 | "techniqueID": "T1070", 683 | "tactic": "defense-evasion", 684 | "color": "", 685 | "comment": "", 686 | "enabled": true, 687 | "metadata": [], 688 | "showSubtechniques": true 689 | }, 690 | { 691 | "techniqueID": "T1056", 692 | "tactic": "collection", 693 | "color": "", 694 | "comment": "", 695 | "enabled": true, 696 | "metadata": [], 697 | "showSubtechniques": true 698 | }, 699 | { 700 | "techniqueID": "T1056", 701 | "tactic": "credential-access", 702 | "color": "", 703 | "comment": "", 704 | "enabled": true, 705 | "metadata": [], 706 | "showSubtechniques": true 707 | }, 708 | { 709 | "techniqueID": "T1056.003", 710 | "tactic": "collection", 711 | "color": "#fd8d3c", 712 | "comment": "", 713 | "enabled": true, 714 | "metadata": [], 715 | "showSubtechniques": false 716 | }, 717 | { 718 | "techniqueID": "T1056.003", 719 | "tactic": "credential-access", 720 | "color": "#fd8d3c", 721 | "comment": "", 722 | "enabled": true, 723 | "metadata": [], 724 | "showSubtechniques": false 725 | }, 726 | { 727 | "techniqueID": "T1559", 728 | "tactic": "execution", 729 | "color": "", 730 | "comment": "", 731 | "enabled": true, 732 | "metadata": [], 733 | "showSubtechniques": true 734 | }, 735 | { 736 | "techniqueID": "T1570", 737 | "tactic": "lateral-movement", 738 | "color": "#fd8d3c", 739 | "comment": "", 740 | "enabled": true, 741 | "metadata": [], 742 | "showSubtechniques": false 743 | }, 744 | { 745 | "techniqueID": "T1557", 746 | "tactic": "credential-access", 747 | "color": "#fd8d3c", 748 | "comment": "", 749 | "enabled": true, 750 | "metadata": [], 751 | "showSubtechniques": true 752 | }, 753 | { 754 | "techniqueID": "T1557", 755 | "tactic": "collection", 756 | "color": "#fd8d3c", 757 | "comment": "", 758 | "enabled": true, 759 | "metadata": [], 760 | "showSubtechniques": true 761 | }, 762 | { 763 | "techniqueID": "T1557.001", 764 | "tactic": "credential-access", 765 | "color": "#fd8d3c", 766 | "comment": "", 767 | "enabled": true, 768 | "metadata": [], 769 | "showSubtechniques": false 770 | }, 771 | { 772 | "techniqueID": "T1557.001", 773 | "tactic": "collection", 774 | "color": "#fd8d3c", 775 | "comment": "", 776 | "enabled": true, 777 | "metadata": [], 778 | "showSubtechniques": false 779 | }, 780 | { 781 | "techniqueID": "T1036", 782 | "tactic": "defense-evasion", 783 | "color": "", 784 | "comment": "", 785 | "enabled": true, 786 | "metadata": [], 787 | "showSubtechniques": true 788 | }, 789 | { 790 | "techniqueID": "T1556", 791 | "tactic": "credential-access", 792 | "color": "", 793 | "comment": "", 794 | "enabled": true, 795 | "metadata": [], 796 | "showSubtechniques": true 797 | }, 798 | { 799 | "techniqueID": "T1556", 800 | "tactic": "defense-evasion", 801 | "color": "", 802 | "comment": "", 803 | "enabled": true, 804 | "metadata": [], 805 | "showSubtechniques": true 806 | }, 807 | { 808 | "techniqueID": "T1578", 809 | "tactic": "defense-evasion", 810 | "color": "", 811 | "comment": "", 812 | "enabled": true, 813 | "metadata": [], 814 | "showSubtechniques": true 815 | }, 816 | { 817 | "techniqueID": "T1498", 818 | "tactic": "impact", 819 | "color": "", 820 | "comment": "", 821 | "enabled": true, 822 | "metadata": [], 823 | "showSubtechniques": true 824 | }, 825 | { 826 | "techniqueID": "T1095", 827 | "tactic": "command-and-control", 828 | "color": "#fd8d3c", 829 | "comment": "", 830 | "enabled": true, 831 | "metadata": [], 832 | "showSubtechniques": false 833 | }, 834 | { 835 | "techniqueID": "T1571", 836 | "tactic": "command-and-control", 837 | "color": "#fd8d3c", 838 | "comment": "", 839 | "enabled": true, 840 | "metadata": [], 841 | "showSubtechniques": false 842 | }, 843 | { 844 | "techniqueID": "T1003", 845 | "tactic": "credential-access", 846 | "color": "", 847 | "comment": "", 848 | "enabled": true, 849 | "metadata": [], 850 | "showSubtechniques": true 851 | }, 852 | { 853 | "techniqueID": "T1027", 854 | "tactic": "defense-evasion", 855 | "color": "", 856 | "comment": "", 857 | "enabled": true, 858 | "metadata": [], 859 | "showSubtechniques": true 860 | }, 861 | { 862 | "techniqueID": "T1137", 863 | "tactic": "persistence", 864 | "color": "", 865 | "comment": "", 866 | "enabled": true, 867 | "metadata": [], 868 | "showSubtechniques": true 869 | }, 870 | { 871 | "techniqueID": "T1137.003", 872 | "tactic": "persistence", 873 | "color": "#fd8d3c", 874 | "comment": "", 875 | "enabled": true, 876 | "metadata": [], 877 | "showSubtechniques": false 878 | }, 879 | { 880 | "techniqueID": "T1137.005", 881 | "tactic": "persistence", 882 | "color": "#fd8d3c", 883 | "comment": "", 884 | "enabled": true, 885 | "metadata": [], 886 | "showSubtechniques": false 887 | }, 888 | { 889 | "techniqueID": "T1137.004", 890 | "tactic": "persistence", 891 | "color": "#fd8d3c", 892 | "comment": "", 893 | "enabled": true, 894 | "metadata": [], 895 | "showSubtechniques": false 896 | }, 897 | { 898 | "techniqueID": "T1069", 899 | "tactic": "discovery", 900 | "color": "", 901 | "comment": "", 902 | "enabled": true, 903 | "metadata": [], 904 | "showSubtechniques": true 905 | }, 906 | { 907 | "techniqueID": "T1566", 908 | "tactic": "initial-access", 909 | "color": "", 910 | "comment": "", 911 | "enabled": true, 912 | "metadata": [], 913 | "showSubtechniques": true 914 | }, 915 | { 916 | "techniqueID": "T1542", 917 | "tactic": "defense-evasion", 918 | "color": "", 919 | "comment": "", 920 | "enabled": true, 921 | "metadata": [], 922 | "showSubtechniques": true 923 | }, 924 | { 925 | "techniqueID": "T1542", 926 | "tactic": "persistence", 927 | "color": "", 928 | "comment": "", 929 | "enabled": true, 930 | "metadata": [], 931 | "showSubtechniques": true 932 | }, 933 | { 934 | "techniqueID": "T1055", 935 | "tactic": "defense-evasion", 936 | "color": "", 937 | "comment": "", 938 | "enabled": true, 939 | "metadata": [], 940 | "showSubtechniques": true 941 | }, 942 | { 943 | "techniqueID": "T1055", 944 | "tactic": "privilege-escalation", 945 | "color": "", 946 | "comment": "", 947 | "enabled": true, 948 | "metadata": [], 949 | "showSubtechniques": true 950 | }, 951 | { 952 | "techniqueID": "T1572", 953 | "tactic": "command-and-control", 954 | "color": "#fd8d3c", 955 | "comment": "", 956 | "enabled": true, 957 | "metadata": [], 958 | "showSubtechniques": false 959 | }, 960 | { 961 | "techniqueID": "T1090", 962 | "tactic": "command-and-control", 963 | "color": "#fd8d3c", 964 | "comment": "", 965 | "enabled": true, 966 | "metadata": [], 967 | "showSubtechniques": true 968 | }, 969 | { 970 | "techniqueID": "T1090.001", 971 | "tactic": "command-and-control", 972 | "color": "#fd8d3c", 973 | "comment": "", 974 | "enabled": true, 975 | "metadata": [], 976 | "showSubtechniques": false 977 | }, 978 | { 979 | "techniqueID": "T1090.002", 980 | "tactic": "command-and-control", 981 | "color": "#fd8d3c", 982 | "comment": "", 983 | "enabled": true, 984 | "metadata": [], 985 | "showSubtechniques": false 986 | }, 987 | { 988 | "techniqueID": "T1090.003", 989 | "tactic": "command-and-control", 990 | "color": "#fd8d3c", 991 | "comment": "", 992 | "enabled": true, 993 | "metadata": [], 994 | "showSubtechniques": false 995 | }, 996 | { 997 | "techniqueID": "T1090.004", 998 | "tactic": "command-and-control", 999 | "color": "#fd8d3c", 1000 | "comment": "", 1001 | "enabled": true, 1002 | "metadata": [], 1003 | "showSubtechniques": false 1004 | }, 1005 | { 1006 | "techniqueID": "T1563", 1007 | "tactic": "lateral-movement", 1008 | "color": "", 1009 | "comment": "", 1010 | "enabled": true, 1011 | "metadata": [], 1012 | "showSubtechniques": true 1013 | }, 1014 | { 1015 | "techniqueID": "T1021", 1016 | "tactic": "lateral-movement", 1017 | "color": "", 1018 | "comment": "", 1019 | "enabled": true, 1020 | "metadata": [], 1021 | "showSubtechniques": true 1022 | }, 1023 | { 1024 | "techniqueID": "T1207", 1025 | "tactic": "defense-evasion", 1026 | "color": "#fd8d3c", 1027 | "comment": "", 1028 | "enabled": true, 1029 | "metadata": [], 1030 | "showSubtechniques": false 1031 | }, 1032 | { 1033 | "techniqueID": "T1053", 1034 | "tactic": "execution", 1035 | "color": "", 1036 | "comment": "", 1037 | "enabled": true, 1038 | "metadata": [], 1039 | "showSubtechniques": true 1040 | }, 1041 | { 1042 | "techniqueID": "T1053", 1043 | "tactic": "persistence", 1044 | "color": "", 1045 | "comment": "", 1046 | "enabled": true, 1047 | "metadata": [], 1048 | "showSubtechniques": true 1049 | }, 1050 | { 1051 | "techniqueID": "T1053", 1052 | "tactic": "privilege-escalation", 1053 | "color": "", 1054 | "comment": "", 1055 | "enabled": true, 1056 | "metadata": [], 1057 | "showSubtechniques": true 1058 | }, 1059 | { 1060 | "techniqueID": "T1505", 1061 | "tactic": "persistence", 1062 | "color": "#fd8d3c", 1063 | "comment": "", 1064 | "enabled": true, 1065 | "metadata": [], 1066 | "showSubtechniques": true 1067 | }, 1068 | { 1069 | "techniqueID": "T1505.001", 1070 | "tactic": "persistence", 1071 | "color": "#fd8d3c", 1072 | "comment": "", 1073 | "enabled": true, 1074 | "metadata": [], 1075 | "showSubtechniques": false 1076 | }, 1077 | { 1078 | "techniqueID": "T1505.002", 1079 | "tactic": "persistence", 1080 | "color": "#fd8d3c", 1081 | "comment": "", 1082 | "enabled": true, 1083 | "metadata": [], 1084 | "showSubtechniques": false 1085 | }, 1086 | { 1087 | "techniqueID": "T1505.003", 1088 | "tactic": "persistence", 1089 | "color": "#fd8d3c", 1090 | "comment": "", 1091 | "enabled": true, 1092 | "metadata": [], 1093 | "showSubtechniques": false 1094 | }, 1095 | { 1096 | "techniqueID": "T1218", 1097 | "tactic": "defense-evasion", 1098 | "color": "", 1099 | "comment": "", 1100 | "enabled": true, 1101 | "metadata": [], 1102 | "showSubtechniques": true 1103 | }, 1104 | { 1105 | "techniqueID": "T1216", 1106 | "tactic": "defense-evasion", 1107 | "color": "#fd8d3c", 1108 | "comment": "", 1109 | "enabled": true, 1110 | "metadata": [], 1111 | "showSubtechniques": true 1112 | }, 1113 | { 1114 | "techniqueID": "T1216.001", 1115 | "tactic": "defense-evasion", 1116 | "color": "#fd8d3c", 1117 | "comment": "", 1118 | "enabled": true, 1119 | "metadata": [], 1120 | "showSubtechniques": false 1121 | }, 1122 | { 1123 | "techniqueID": "T1518", 1124 | "tactic": "discovery", 1125 | "color": "", 1126 | "comment": "", 1127 | "enabled": true, 1128 | "metadata": [], 1129 | "showSubtechniques": true 1130 | }, 1131 | { 1132 | "techniqueID": "T1539", 1133 | "tactic": "credential-access", 1134 | "color": "#fd8d3c", 1135 | "comment": "", 1136 | "enabled": true, 1137 | "metadata": [], 1138 | "showSubtechniques": false 1139 | }, 1140 | { 1141 | "techniqueID": "T1558", 1142 | "tactic": "credential-access", 1143 | "color": "", 1144 | "comment": "", 1145 | "enabled": true, 1146 | "metadata": [], 1147 | "showSubtechniques": true 1148 | }, 1149 | { 1150 | "techniqueID": "T1553", 1151 | "tactic": "defense-evasion", 1152 | "color": "", 1153 | "comment": "", 1154 | "enabled": true, 1155 | "metadata": [], 1156 | "showSubtechniques": true 1157 | }, 1158 | { 1159 | "techniqueID": "T1553.002", 1160 | "tactic": "defense-evasion", 1161 | "color": "#fd8d3c", 1162 | "comment": "", 1163 | "enabled": true, 1164 | "metadata": [], 1165 | "showSubtechniques": false 1166 | }, 1167 | { 1168 | "techniqueID": "T1195", 1169 | "tactic": "initial-access", 1170 | "color": "", 1171 | "comment": "", 1172 | "enabled": true, 1173 | "metadata": [], 1174 | "showSubtechniques": true 1175 | }, 1176 | { 1177 | "techniqueID": "T1569", 1178 | "tactic": "execution", 1179 | "color": "", 1180 | "comment": "", 1181 | "enabled": true, 1182 | "metadata": [], 1183 | "showSubtechniques": true 1184 | }, 1185 | { 1186 | "techniqueID": "T1080", 1187 | "tactic": "lateral-movement", 1188 | "color": "#fd8d3c", 1189 | "comment": "", 1190 | "enabled": true, 1191 | "metadata": [], 1192 | "showSubtechniques": false 1193 | }, 1194 | { 1195 | "techniqueID": "T1205", 1196 | "tactic": "defense-evasion", 1197 | "color": "#fd8d3c", 1198 | "comment": "", 1199 | "enabled": true, 1200 | "metadata": [], 1201 | "showSubtechniques": true 1202 | }, 1203 | { 1204 | "techniqueID": "T1205", 1205 | "tactic": "persistence", 1206 | "color": "#fd8d3c", 1207 | "comment": "", 1208 | "enabled": true, 1209 | "metadata": [], 1210 | "showSubtechniques": true 1211 | }, 1212 | { 1213 | "techniqueID": "T1205", 1214 | "tactic": "command-and-control", 1215 | "color": "#fd8d3c", 1216 | "comment": "", 1217 | "enabled": true, 1218 | "metadata": [], 1219 | "showSubtechniques": true 1220 | }, 1221 | { 1222 | "techniqueID": "T1205.001", 1223 | "tactic": "defense-evasion", 1224 | "color": "#fd8d3c", 1225 | "comment": "", 1226 | "enabled": true, 1227 | "metadata": [], 1228 | "showSubtechniques": false 1229 | }, 1230 | { 1231 | "techniqueID": "T1205.001", 1232 | "tactic": "persistence", 1233 | "color": "#fd8d3c", 1234 | "comment": "", 1235 | "enabled": true, 1236 | "metadata": [], 1237 | "showSubtechniques": false 1238 | }, 1239 | { 1240 | "techniqueID": "T1205.001", 1241 | "tactic": "command-and-control", 1242 | "color": "#fd8d3c", 1243 | "comment": "", 1244 | "enabled": true, 1245 | "metadata": [], 1246 | "showSubtechniques": false 1247 | }, 1248 | { 1249 | "techniqueID": "T1127", 1250 | "tactic": "defense-evasion", 1251 | "color": "", 1252 | "comment": "", 1253 | "enabled": true, 1254 | "metadata": [], 1255 | "showSubtechniques": true 1256 | }, 1257 | { 1258 | "techniqueID": "T1111", 1259 | "tactic": "credential-access", 1260 | "color": "#fd8d3c", 1261 | "comment": "", 1262 | "enabled": true, 1263 | "metadata": [], 1264 | "showSubtechniques": false 1265 | }, 1266 | { 1267 | "techniqueID": "T1552", 1268 | "tactic": "credential-access", 1269 | "color": "", 1270 | "comment": "", 1271 | "enabled": true, 1272 | "metadata": [], 1273 | "showSubtechniques": true 1274 | }, 1275 | { 1276 | "techniqueID": "T1550", 1277 | "tactic": "defense-evasion", 1278 | "color": "", 1279 | "comment": "", 1280 | "enabled": true, 1281 | "metadata": [], 1282 | "showSubtechniques": true 1283 | }, 1284 | { 1285 | "techniqueID": "T1550", 1286 | "tactic": "lateral-movement", 1287 | "color": "", 1288 | "comment": "", 1289 | "enabled": true, 1290 | "metadata": [], 1291 | "showSubtechniques": true 1292 | }, 1293 | { 1294 | "techniqueID": "T1204", 1295 | "tactic": "execution", 1296 | "color": "", 1297 | "comment": "", 1298 | "enabled": true, 1299 | "metadata": [], 1300 | "showSubtechniques": true 1301 | }, 1302 | { 1303 | "techniqueID": "T1078", 1304 | "tactic": "defense-evasion", 1305 | "color": "", 1306 | "comment": "", 1307 | "enabled": true, 1308 | "metadata": [], 1309 | "showSubtechniques": true 1310 | }, 1311 | { 1312 | "techniqueID": "T1078", 1313 | "tactic": "persistence", 1314 | "color": "", 1315 | "comment": "", 1316 | "enabled": true, 1317 | "metadata": [], 1318 | "showSubtechniques": true 1319 | }, 1320 | { 1321 | "techniqueID": "T1078", 1322 | "tactic": "privilege-escalation", 1323 | "color": "", 1324 | "comment": "", 1325 | "enabled": true, 1326 | "metadata": [], 1327 | "showSubtechniques": true 1328 | }, 1329 | { 1330 | "techniqueID": "T1078", 1331 | "tactic": "initial-access", 1332 | "color": "", 1333 | "comment": "", 1334 | "enabled": true, 1335 | "metadata": [], 1336 | "showSubtechniques": true 1337 | }, 1338 | { 1339 | "techniqueID": "T1497", 1340 | "tactic": "defense-evasion", 1341 | "color": "", 1342 | "comment": "", 1343 | "enabled": true, 1344 | "metadata": [], 1345 | "showSubtechniques": true 1346 | }, 1347 | { 1348 | "techniqueID": "T1497", 1349 | "tactic": "discovery", 1350 | "color": "", 1351 | "comment": "", 1352 | "enabled": true, 1353 | "metadata": [], 1354 | "showSubtechniques": true 1355 | }, 1356 | { 1357 | "techniqueID": "T1102", 1358 | "tactic": "command-and-control", 1359 | "color": "#fd8d3c", 1360 | "comment": "", 1361 | "enabled": true, 1362 | "metadata": [], 1363 | "showSubtechniques": true 1364 | }, 1365 | { 1366 | "techniqueID": "T1102.001", 1367 | "tactic": "command-and-control", 1368 | "color": "#fd8d3c", 1369 | "comment": "", 1370 | "enabled": true, 1371 | "metadata": [], 1372 | "showSubtechniques": false 1373 | }, 1374 | { 1375 | "techniqueID": "T1102.002", 1376 | "tactic": "command-and-control", 1377 | "color": "#fd8d3c", 1378 | "comment": "", 1379 | "enabled": true, 1380 | "metadata": [], 1381 | "showSubtechniques": false 1382 | }, 1383 | { 1384 | "techniqueID": "T1102.003", 1385 | "tactic": "command-and-control", 1386 | "color": "#fd8d3c", 1387 | "comment": "", 1388 | "enabled": true, 1389 | "metadata": [], 1390 | "showSubtechniques": false 1391 | } 1392 | ], 1393 | "gradient": { 1394 | "colors": [ 1395 | "#ff6666", 1396 | "#ffe766", 1397 | "#8ec843" 1398 | ], 1399 | "minValue": 0, 1400 | "maxValue": 100 1401 | }, 1402 | "legendItems": [], 1403 | "metadata": [], 1404 | "showTacticRowBackground": false, 1405 | "tacticRowBackground": "#dddddd", 1406 | "selectTechniquesAcrossTactics": true, 1407 | "selectSubtechniquesWithParent": false 1408 | } -------------------------------------------------------------------------------- /teaching/Red.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Red", 3 | "version": "3.0", 4 | "domain": "mitre-enterprise", 5 | "description": "", 6 | "filters": { 7 | "stages": [ 8 | "act" 9 | ], 10 | "platforms": [ 11 | "Windows", 12 | "Linux", 13 | "macOS" 14 | ] 15 | }, 16 | "sorting": 0, 17 | "layout": { 18 | "layout": "side", 19 | "showID": false, 20 | "showName": true 21 | }, 22 | "hideDisabled": false, 23 | "techniques": [ 24 | { 25 | "techniqueID": "T1548", 26 | "tactic": "privilege-escalation", 27 | "color": "", 28 | "comment": "", 29 | "enabled": true, 30 | "metadata": [], 31 | "showSubtechniques": true 32 | }, 33 | { 34 | "techniqueID": "T1548", 35 | "tactic": "defense-evasion", 36 | "color": "", 37 | "comment": "", 38 | "enabled": true, 39 | "metadata": [], 40 | "showSubtechniques": true 41 | }, 42 | { 43 | "techniqueID": "T1134", 44 | "tactic": "defense-evasion", 45 | "color": "", 46 | "comment": "", 47 | "enabled": true, 48 | "metadata": [], 49 | "showSubtechniques": true 50 | }, 51 | { 52 | "techniqueID": "T1134", 53 | "tactic": "privilege-escalation", 54 | "color": "", 55 | "comment": "", 56 | "enabled": true, 57 | "metadata": [], 58 | "showSubtechniques": true 59 | }, 60 | { 61 | "techniqueID": "T1087", 62 | "tactic": "discovery", 63 | "color": "", 64 | "comment": "", 65 | "enabled": true, 66 | "metadata": [], 67 | "showSubtechniques": true 68 | }, 69 | { 70 | "techniqueID": "T1098", 71 | "tactic": "persistence", 72 | "color": "", 73 | "comment": "", 74 | "enabled": true, 75 | "metadata": [], 76 | "showSubtechniques": true 77 | }, 78 | { 79 | "techniqueID": "T1071", 80 | "tactic": "command-and-control", 81 | "color": "", 82 | "comment": "", 83 | "enabled": true, 84 | "metadata": [], 85 | "showSubtechniques": true 86 | }, 87 | { 88 | "techniqueID": "T1560", 89 | "tactic": "collection", 90 | "color": "", 91 | "comment": "", 92 | "enabled": true, 93 | "metadata": [], 94 | "showSubtechniques": true 95 | }, 96 | { 97 | "techniqueID": "T1547", 98 | "tactic": "persistence", 99 | "color": "", 100 | "comment": "", 101 | "enabled": true, 102 | "metadata": [], 103 | "showSubtechniques": true 104 | }, 105 | { 106 | "techniqueID": "T1547", 107 | "tactic": "privilege-escalation", 108 | "color": "", 109 | "comment": "", 110 | "enabled": true, 111 | "metadata": [], 112 | "showSubtechniques": true 113 | }, 114 | { 115 | "techniqueID": "T1547.002", 116 | "tactic": "persistence", 117 | "color": "#fc3b3b", 118 | "comment": "", 119 | "enabled": true, 120 | "metadata": [], 121 | "showSubtechniques": false 122 | }, 123 | { 124 | "techniqueID": "T1547.002", 125 | "tactic": "privilege-escalation", 126 | "color": "#fc3b3b", 127 | "comment": "", 128 | "enabled": true, 129 | "metadata": [], 130 | "showSubtechniques": false 131 | }, 132 | { 133 | "techniqueID": "T1547.003", 134 | "tactic": "persistence", 135 | "color": "#fc3b3b", 136 | "comment": "", 137 | "enabled": true, 138 | "metadata": [], 139 | "showSubtechniques": false 140 | }, 141 | { 142 | "techniqueID": "T1547.003", 143 | "tactic": "privilege-escalation", 144 | "color": "#fc3b3b", 145 | "comment": "", 146 | "enabled": true, 147 | "metadata": [], 148 | "showSubtechniques": false 149 | }, 150 | { 151 | "techniqueID": "T1547.004", 152 | "tactic": "persistence", 153 | "color": "#fc3b3b", 154 | "comment": "", 155 | "enabled": true, 156 | "metadata": [], 157 | "showSubtechniques": false 158 | }, 159 | { 160 | "techniqueID": "T1547.004", 161 | "tactic": "privilege-escalation", 162 | "color": "#fc3b3b", 163 | "comment": "", 164 | "enabled": true, 165 | "metadata": [], 166 | "showSubtechniques": false 167 | }, 168 | { 169 | "techniqueID": "T1547.005", 170 | "tactic": "persistence", 171 | "color": "#fc3b3b", 172 | "comment": "", 173 | "enabled": true, 174 | "metadata": [], 175 | "showSubtechniques": false 176 | }, 177 | { 178 | "techniqueID": "T1547.005", 179 | "tactic": "privilege-escalation", 180 | "color": "#fc3b3b", 181 | "comment": "", 182 | "enabled": true, 183 | "metadata": [], 184 | "showSubtechniques": false 185 | }, 186 | { 187 | "techniqueID": "T1547.006", 188 | "tactic": "persistence", 189 | "color": "#fc3b3b", 190 | "comment": "", 191 | "enabled": true, 192 | "metadata": [], 193 | "showSubtechniques": false 194 | }, 195 | { 196 | "techniqueID": "T1547.006", 197 | "tactic": "privilege-escalation", 198 | "color": "#fc3b3b", 199 | "comment": "", 200 | "enabled": true, 201 | "metadata": [], 202 | "showSubtechniques": false 203 | }, 204 | { 205 | "techniqueID": "T1547.008", 206 | "tactic": "persistence", 207 | "color": "#fc3b3b", 208 | "comment": "", 209 | "enabled": true, 210 | "metadata": [], 211 | "showSubtechniques": false 212 | }, 213 | { 214 | "techniqueID": "T1547.008", 215 | "tactic": "privilege-escalation", 216 | "color": "#fc3b3b", 217 | "comment": "", 218 | "enabled": true, 219 | "metadata": [], 220 | "showSubtechniques": false 221 | }, 222 | { 223 | "techniqueID": "T1547.010", 224 | "tactic": "persistence", 225 | "color": "#fc3b3b", 226 | "comment": "", 227 | "enabled": true, 228 | "metadata": [], 229 | "showSubtechniques": false 230 | }, 231 | { 232 | "techniqueID": "T1547.010", 233 | "tactic": "privilege-escalation", 234 | "color": "#fc3b3b", 235 | "comment": "", 236 | "enabled": true, 237 | "metadata": [], 238 | "showSubtechniques": false 239 | }, 240 | { 241 | "techniqueID": "T1037", 242 | "tactic": "persistence", 243 | "color": "", 244 | "comment": "", 245 | "enabled": true, 246 | "metadata": [], 247 | "showSubtechniques": true 248 | }, 249 | { 250 | "techniqueID": "T1037", 251 | "tactic": "privilege-escalation", 252 | "color": "", 253 | "comment": "", 254 | "enabled": true, 255 | "metadata": [], 256 | "showSubtechniques": true 257 | }, 258 | { 259 | "techniqueID": "T1110", 260 | "tactic": "credential-access", 261 | "color": "", 262 | "comment": "", 263 | "enabled": true, 264 | "metadata": [], 265 | "showSubtechniques": true 266 | }, 267 | { 268 | "techniqueID": "T1059", 269 | "tactic": "execution", 270 | "color": "", 271 | "comment": "", 272 | "enabled": true, 273 | "metadata": [], 274 | "showSubtechniques": true 275 | }, 276 | { 277 | "techniqueID": "T1136", 278 | "tactic": "persistence", 279 | "color": "", 280 | "comment": "", 281 | "enabled": true, 282 | "metadata": [], 283 | "showSubtechniques": true 284 | }, 285 | { 286 | "techniqueID": "T1543", 287 | "tactic": "persistence", 288 | "color": "", 289 | "comment": "", 290 | "enabled": true, 291 | "metadata": [], 292 | "showSubtechniques": true 293 | }, 294 | { 295 | "techniqueID": "T1543", 296 | "tactic": "privilege-escalation", 297 | "color": "", 298 | "comment": "", 299 | "enabled": true, 300 | "metadata": [], 301 | "showSubtechniques": true 302 | }, 303 | { 304 | "techniqueID": "T1555", 305 | "tactic": "credential-access", 306 | "color": "", 307 | "comment": "", 308 | "enabled": true, 309 | "metadata": [], 310 | "showSubtechniques": true 311 | }, 312 | { 313 | "techniqueID": "T1132", 314 | "tactic": "command-and-control", 315 | "color": "", 316 | "comment": "", 317 | "enabled": true, 318 | "metadata": [], 319 | "showSubtechniques": true 320 | }, 321 | { 322 | "techniqueID": "T1565", 323 | "tactic": "impact", 324 | "color": "", 325 | "comment": "", 326 | "enabled": true, 327 | "metadata": [], 328 | "showSubtechniques": true 329 | }, 330 | { 331 | "techniqueID": "T1565.003", 332 | "tactic": "impact", 333 | "color": "#fc3b3b", 334 | "comment": "", 335 | "enabled": true, 336 | "metadata": [], 337 | "showSubtechniques": false 338 | }, 339 | { 340 | "techniqueID": "T1001", 341 | "tactic": "command-and-control", 342 | "color": "", 343 | "comment": "", 344 | "enabled": true, 345 | "metadata": [], 346 | "showSubtechniques": true 347 | }, 348 | { 349 | "techniqueID": "T1074", 350 | "tactic": "collection", 351 | "color": "", 352 | "comment": "", 353 | "enabled": true, 354 | "metadata": [], 355 | "showSubtechniques": true 356 | }, 357 | { 358 | "techniqueID": "T1213", 359 | "tactic": "collection", 360 | "color": "", 361 | "comment": "", 362 | "enabled": true, 363 | "metadata": [], 364 | "showSubtechniques": true 365 | }, 366 | { 367 | "techniqueID": "T1491", 368 | "tactic": "impact", 369 | "color": "", 370 | "comment": "", 371 | "enabled": true, 372 | "metadata": [], 373 | "showSubtechniques": true 374 | }, 375 | { 376 | "techniqueID": "T1561", 377 | "tactic": "impact", 378 | "color": "", 379 | "comment": "", 380 | "enabled": true, 381 | "metadata": [], 382 | "showSubtechniques": true 383 | }, 384 | { 385 | "techniqueID": "T1568", 386 | "tactic": "command-and-control", 387 | "color": "", 388 | "comment": "", 389 | "enabled": true, 390 | "metadata": [], 391 | "showSubtechniques": true 392 | }, 393 | { 394 | "techniqueID": "T1114", 395 | "tactic": "collection", 396 | "color": "", 397 | "comment": "", 398 | "enabled": true, 399 | "metadata": [], 400 | "showSubtechniques": true 401 | }, 402 | { 403 | "techniqueID": "T1573", 404 | "tactic": "command-and-control", 405 | "color": "", 406 | "comment": "", 407 | "enabled": true, 408 | "metadata": [], 409 | "showSubtechniques": true 410 | }, 411 | { 412 | "techniqueID": "T1499", 413 | "tactic": "impact", 414 | "color": "", 415 | "comment": "", 416 | "enabled": true, 417 | "metadata": [], 418 | "showSubtechniques": true 419 | }, 420 | { 421 | "techniqueID": "T1546", 422 | "tactic": "privilege-escalation", 423 | "color": "", 424 | "comment": "", 425 | "enabled": true, 426 | "metadata": [], 427 | "showSubtechniques": true 428 | }, 429 | { 430 | "techniqueID": "T1546", 431 | "tactic": "persistence", 432 | "color": "", 433 | "comment": "", 434 | "enabled": true, 435 | "metadata": [], 436 | "showSubtechniques": true 437 | }, 438 | { 439 | "techniqueID": "T1546.005", 440 | "tactic": "privilege-escalation", 441 | "color": "#fc3b3b", 442 | "comment": "", 443 | "enabled": true, 444 | "metadata": [], 445 | "showSubtechniques": false 446 | }, 447 | { 448 | "techniqueID": "T1546.005", 449 | "tactic": "persistence", 450 | "color": "#fc3b3b", 451 | "comment": "", 452 | "enabled": true, 453 | "metadata": [], 454 | "showSubtechniques": false 455 | }, 456 | { 457 | "techniqueID": "T1546.006", 458 | "tactic": "privilege-escalation", 459 | "color": "#fc3b3b", 460 | "comment": "", 461 | "enabled": true, 462 | "metadata": [], 463 | "showSubtechniques": false 464 | }, 465 | { 466 | "techniqueID": "T1546.006", 467 | "tactic": "persistence", 468 | "color": "#fc3b3b", 469 | "comment": "", 470 | "enabled": true, 471 | "metadata": [], 472 | "showSubtechniques": false 473 | }, 474 | { 475 | "techniqueID": "T1546.007", 476 | "tactic": "privilege-escalation", 477 | "color": "#fc3b3b", 478 | "comment": "", 479 | "enabled": true, 480 | "metadata": [], 481 | "showSubtechniques": false 482 | }, 483 | { 484 | "techniqueID": "T1546.007", 485 | "tactic": "persistence", 486 | "color": "#fc3b3b", 487 | "comment": "", 488 | "enabled": true, 489 | "metadata": [], 490 | "showSubtechniques": false 491 | }, 492 | { 493 | "techniqueID": "T1546.009", 494 | "tactic": "privilege-escalation", 495 | "color": "#fc3b3b", 496 | "comment": "", 497 | "enabled": true, 498 | "metadata": [], 499 | "showSubtechniques": false 500 | }, 501 | { 502 | "techniqueID": "T1546.009", 503 | "tactic": "persistence", 504 | "color": "#fc3b3b", 505 | "comment": "", 506 | "enabled": true, 507 | "metadata": [], 508 | "showSubtechniques": false 509 | }, 510 | { 511 | "techniqueID": "T1546.010", 512 | "tactic": "privilege-escalation", 513 | "color": "#fc3b3b", 514 | "comment": "", 515 | "enabled": true, 516 | "metadata": [], 517 | "showSubtechniques": false 518 | }, 519 | { 520 | "techniqueID": "T1546.010", 521 | "tactic": "persistence", 522 | "color": "#fc3b3b", 523 | "comment": "", 524 | "enabled": true, 525 | "metadata": [], 526 | "showSubtechniques": false 527 | }, 528 | { 529 | "techniqueID": "T1546.011", 530 | "tactic": "privilege-escalation", 531 | "color": "#fc3b3b", 532 | "comment": "", 533 | "enabled": true, 534 | "metadata": [], 535 | "showSubtechniques": false 536 | }, 537 | { 538 | "techniqueID": "T1546.011", 539 | "tactic": "persistence", 540 | "color": "#fc3b3b", 541 | "comment": "", 542 | "enabled": true, 543 | "metadata": [], 544 | "showSubtechniques": false 545 | }, 546 | { 547 | "techniqueID": "T1546.015", 548 | "tactic": "privilege-escalation", 549 | "color": "#fc3b3b", 550 | "comment": "", 551 | "enabled": true, 552 | "metadata": [], 553 | "showSubtechniques": false 554 | }, 555 | { 556 | "techniqueID": "T1546.015", 557 | "tactic": "persistence", 558 | "color": "#fc3b3b", 559 | "comment": "", 560 | "enabled": true, 561 | "metadata": [], 562 | "showSubtechniques": false 563 | }, 564 | { 565 | "techniqueID": "T1480", 566 | "tactic": "defense-evasion", 567 | "color": "#fc3b3b", 568 | "comment": "", 569 | "enabled": true, 570 | "metadata": [], 571 | "showSubtechniques": true 572 | }, 573 | { 574 | "techniqueID": "T1480.001", 575 | "tactic": "defense-evasion", 576 | "color": "#fc3b3b", 577 | "comment": "", 578 | "enabled": true, 579 | "metadata": [], 580 | "showSubtechniques": false 581 | }, 582 | { 583 | "techniqueID": "T1048", 584 | "tactic": "exfiltration", 585 | "color": "", 586 | "comment": "", 587 | "enabled": true, 588 | "metadata": [], 589 | "showSubtechniques": true 590 | }, 591 | { 592 | "techniqueID": "T1011", 593 | "tactic": "exfiltration", 594 | "color": "", 595 | "comment": "", 596 | "enabled": true, 597 | "metadata": [], 598 | "showSubtechniques": true 599 | }, 600 | { 601 | "techniqueID": "T1052", 602 | "tactic": "exfiltration", 603 | "color": "", 604 | "comment": "", 605 | "enabled": true, 606 | "metadata": [], 607 | "showSubtechniques": true 608 | }, 609 | { 610 | "techniqueID": "T1567", 611 | "tactic": "exfiltration", 612 | "color": "", 613 | "comment": "", 614 | "enabled": true, 615 | "metadata": [], 616 | "showSubtechniques": true 617 | }, 618 | { 619 | "techniqueID": "T1222", 620 | "tactic": "defense-evasion", 621 | "color": "", 622 | "comment": "", 623 | "enabled": true, 624 | "metadata": [], 625 | "showSubtechniques": true 626 | }, 627 | { 628 | "techniqueID": "T1495", 629 | "tactic": "impact", 630 | "color": "#fc3b3b", 631 | "comment": "", 632 | "enabled": true, 633 | "metadata": [], 634 | "showSubtechniques": false 635 | }, 636 | { 637 | "techniqueID": "T1564", 638 | "tactic": "defense-evasion", 639 | "color": "", 640 | "comment": "", 641 | "enabled": true, 642 | "metadata": [], 643 | "showSubtechniques": true 644 | }, 645 | { 646 | "techniqueID": "T1564.005", 647 | "tactic": "defense-evasion", 648 | "color": "#fc3b3b", 649 | "comment": "", 650 | "enabled": true, 651 | "metadata": [], 652 | "showSubtechniques": false 653 | }, 654 | { 655 | "techniqueID": "T1574", 656 | "tactic": "persistence", 657 | "color": "", 658 | "comment": "", 659 | "enabled": true, 660 | "metadata": [], 661 | "showSubtechniques": true 662 | }, 663 | { 664 | "techniqueID": "T1574", 665 | "tactic": "privilege-escalation", 666 | "color": "", 667 | "comment": "", 668 | "enabled": true, 669 | "metadata": [], 670 | "showSubtechniques": true 671 | }, 672 | { 673 | "techniqueID": "T1574", 674 | "tactic": "defense-evasion", 675 | "color": "", 676 | "comment": "", 677 | "enabled": true, 678 | "metadata": [], 679 | "showSubtechniques": true 680 | }, 681 | { 682 | "techniqueID": "T1574.001", 683 | "tactic": "persistence", 684 | "color": "#fc3b3b", 685 | "comment": "", 686 | "enabled": true, 687 | "metadata": [], 688 | "showSubtechniques": false 689 | }, 690 | { 691 | "techniqueID": "T1574.001", 692 | "tactic": "privilege-escalation", 693 | "color": "#fc3b3b", 694 | "comment": "", 695 | "enabled": true, 696 | "metadata": [], 697 | "showSubtechniques": false 698 | }, 699 | { 700 | "techniqueID": "T1574.001", 701 | "tactic": "defense-evasion", 702 | "color": "#fc3b3b", 703 | "comment": "", 704 | "enabled": true, 705 | "metadata": [], 706 | "showSubtechniques": false 707 | }, 708 | { 709 | "techniqueID": "T1574.002", 710 | "tactic": "persistence", 711 | "color": "#fc3b3b", 712 | "comment": "", 713 | "enabled": true, 714 | "metadata": [], 715 | "showSubtechniques": false 716 | }, 717 | { 718 | "techniqueID": "T1574.002", 719 | "tactic": "privilege-escalation", 720 | "color": "#fc3b3b", 721 | "comment": "", 722 | "enabled": true, 723 | "metadata": [], 724 | "showSubtechniques": false 725 | }, 726 | { 727 | "techniqueID": "T1574.002", 728 | "tactic": "defense-evasion", 729 | "color": "#fc3b3b", 730 | "comment": "", 731 | "enabled": true, 732 | "metadata": [], 733 | "showSubtechniques": false 734 | }, 735 | { 736 | "techniqueID": "T1574.012", 737 | "tactic": "persistence", 738 | "color": "#fc3b3b", 739 | "comment": "", 740 | "enabled": true, 741 | "metadata": [], 742 | "showSubtechniques": false 743 | }, 744 | { 745 | "techniqueID": "T1574.012", 746 | "tactic": "privilege-escalation", 747 | "color": "#fc3b3b", 748 | "comment": "", 749 | "enabled": true, 750 | "metadata": [], 751 | "showSubtechniques": false 752 | }, 753 | { 754 | "techniqueID": "T1574.012", 755 | "tactic": "defense-evasion", 756 | "color": "#fc3b3b", 757 | "comment": "", 758 | "enabled": true, 759 | "metadata": [], 760 | "showSubtechniques": false 761 | }, 762 | { 763 | "techniqueID": "T1562", 764 | "tactic": "defense-evasion", 765 | "color": "", 766 | "comment": "", 767 | "enabled": true, 768 | "metadata": [], 769 | "showSubtechniques": true 770 | }, 771 | { 772 | "techniqueID": "T1070", 773 | "tactic": "defense-evasion", 774 | "color": "", 775 | "comment": "", 776 | "enabled": true, 777 | "metadata": [], 778 | "showSubtechniques": true 779 | }, 780 | { 781 | "techniqueID": "T1056", 782 | "tactic": "collection", 783 | "color": "", 784 | "comment": "", 785 | "enabled": true, 786 | "metadata": [], 787 | "showSubtechniques": true 788 | }, 789 | { 790 | "techniqueID": "T1056", 791 | "tactic": "credential-access", 792 | "color": "", 793 | "comment": "", 794 | "enabled": true, 795 | "metadata": [], 796 | "showSubtechniques": true 797 | }, 798 | { 799 | "techniqueID": "T1559", 800 | "tactic": "execution", 801 | "color": "#fc3b3b", 802 | "comment": "", 803 | "enabled": true, 804 | "metadata": [], 805 | "showSubtechniques": true 806 | }, 807 | { 808 | "techniqueID": "T1559.001", 809 | "tactic": "execution", 810 | "color": "#fc3b3b", 811 | "comment": "", 812 | "enabled": true, 813 | "metadata": [], 814 | "showSubtechniques": false 815 | }, 816 | { 817 | "techniqueID": "T1559.002", 818 | "tactic": "execution", 819 | "color": "#fc3b3b", 820 | "comment": "", 821 | "enabled": true, 822 | "metadata": [], 823 | "showSubtechniques": false 824 | }, 825 | { 826 | "techniqueID": "T1557", 827 | "tactic": "credential-access", 828 | "color": "", 829 | "comment": "", 830 | "enabled": true, 831 | "metadata": [], 832 | "showSubtechniques": true 833 | }, 834 | { 835 | "techniqueID": "T1557", 836 | "tactic": "collection", 837 | "color": "", 838 | "comment": "", 839 | "enabled": true, 840 | "metadata": [], 841 | "showSubtechniques": true 842 | }, 843 | { 844 | "techniqueID": "T1036", 845 | "tactic": "defense-evasion", 846 | "color": "", 847 | "comment": "", 848 | "enabled": true, 849 | "metadata": [], 850 | "showSubtechniques": true 851 | }, 852 | { 853 | "techniqueID": "T1556", 854 | "tactic": "credential-access", 855 | "color": "", 856 | "comment": "", 857 | "enabled": true, 858 | "metadata": [], 859 | "showSubtechniques": true 860 | }, 861 | { 862 | "techniqueID": "T1556", 863 | "tactic": "defense-evasion", 864 | "color": "", 865 | "comment": "", 866 | "enabled": true, 867 | "metadata": [], 868 | "showSubtechniques": true 869 | }, 870 | { 871 | "techniqueID": "T1556.002", 872 | "tactic": "credential-access", 873 | "color": "#fc3b3b", 874 | "comment": "", 875 | "enabled": true, 876 | "metadata": [], 877 | "showSubtechniques": false 878 | }, 879 | { 880 | "techniqueID": "T1556.002", 881 | "tactic": "defense-evasion", 882 | "color": "#fc3b3b", 883 | "comment": "", 884 | "enabled": true, 885 | "metadata": [], 886 | "showSubtechniques": false 887 | }, 888 | { 889 | "techniqueID": "T1556.003", 890 | "tactic": "credential-access", 891 | "color": "#fc3b3b", 892 | "comment": "", 893 | "enabled": true, 894 | "metadata": [], 895 | "showSubtechniques": false 896 | }, 897 | { 898 | "techniqueID": "T1556.003", 899 | "tactic": "defense-evasion", 900 | "color": "#fc3b3b", 901 | "comment": "", 902 | "enabled": true, 903 | "metadata": [], 904 | "showSubtechniques": false 905 | }, 906 | { 907 | "techniqueID": "T1578", 908 | "tactic": "defense-evasion", 909 | "color": "", 910 | "comment": "", 911 | "enabled": true, 912 | "metadata": [], 913 | "showSubtechniques": true 914 | }, 915 | { 916 | "techniqueID": "T1106", 917 | "tactic": "execution", 918 | "color": "#fc3b3b", 919 | "comment": "", 920 | "enabled": true, 921 | "metadata": [], 922 | "showSubtechniques": false 923 | }, 924 | { 925 | "techniqueID": "T1498", 926 | "tactic": "impact", 927 | "color": "", 928 | "comment": "", 929 | "enabled": true, 930 | "metadata": [], 931 | "showSubtechniques": true 932 | }, 933 | { 934 | "techniqueID": "T1003", 935 | "tactic": "credential-access", 936 | "color": "", 937 | "comment": "", 938 | "enabled": true, 939 | "metadata": [], 940 | "showSubtechniques": true 941 | }, 942 | { 943 | "techniqueID": "T1027", 944 | "tactic": "defense-evasion", 945 | "color": "", 946 | "comment": "", 947 | "enabled": true, 948 | "metadata": [], 949 | "showSubtechniques": true 950 | }, 951 | { 952 | "techniqueID": "T1137", 953 | "tactic": "persistence", 954 | "color": "", 955 | "comment": "", 956 | "enabled": true, 957 | "metadata": [], 958 | "showSubtechniques": true 959 | }, 960 | { 961 | "techniqueID": "T1137.006", 962 | "tactic": "persistence", 963 | "color": "#fc3b3b", 964 | "comment": "", 965 | "enabled": true, 966 | "metadata": [], 967 | "showSubtechniques": false 968 | }, 969 | { 970 | "techniqueID": "T1137.002", 971 | "tactic": "persistence", 972 | "color": "#fc3b3b", 973 | "comment": "", 974 | "enabled": true, 975 | "metadata": [], 976 | "showSubtechniques": false 977 | }, 978 | { 979 | "techniqueID": "T1069", 980 | "tactic": "discovery", 981 | "color": "", 982 | "comment": "", 983 | "enabled": true, 984 | "metadata": [], 985 | "showSubtechniques": true 986 | }, 987 | { 988 | "techniqueID": "T1566", 989 | "tactic": "initial-access", 990 | "color": "", 991 | "comment": "", 992 | "enabled": true, 993 | "metadata": [], 994 | "showSubtechniques": true 995 | }, 996 | { 997 | "techniqueID": "T1542", 998 | "tactic": "defense-evasion", 999 | "color": "#fc3b3b", 1000 | "comment": "", 1001 | "enabled": true, 1002 | "metadata": [], 1003 | "showSubtechniques": true 1004 | }, 1005 | { 1006 | "techniqueID": "T1542", 1007 | "tactic": "persistence", 1008 | "color": "#fc3b3b", 1009 | "comment": "", 1010 | "enabled": true, 1011 | "metadata": [], 1012 | "showSubtechniques": true 1013 | }, 1014 | { 1015 | "techniqueID": "T1542.001", 1016 | "tactic": "persistence", 1017 | "color": "#fc3b3b", 1018 | "comment": "", 1019 | "enabled": true, 1020 | "metadata": [], 1021 | "showSubtechniques": false 1022 | }, 1023 | { 1024 | "techniqueID": "T1542.001", 1025 | "tactic": "defense-evasion", 1026 | "color": "#fc3b3b", 1027 | "comment": "", 1028 | "enabled": true, 1029 | "metadata": [], 1030 | "showSubtechniques": false 1031 | }, 1032 | { 1033 | "techniqueID": "T1542.002", 1034 | "tactic": "persistence", 1035 | "color": "#fc3b3b", 1036 | "comment": "", 1037 | "enabled": true, 1038 | "metadata": [], 1039 | "showSubtechniques": false 1040 | }, 1041 | { 1042 | "techniqueID": "T1542.002", 1043 | "tactic": "defense-evasion", 1044 | "color": "#fc3b3b", 1045 | "comment": "", 1046 | "enabled": true, 1047 | "metadata": [], 1048 | "showSubtechniques": false 1049 | }, 1050 | { 1051 | "techniqueID": "T1542.003", 1052 | "tactic": "persistence", 1053 | "color": "#fc3b3b", 1054 | "comment": "", 1055 | "enabled": true, 1056 | "metadata": [], 1057 | "showSubtechniques": false 1058 | }, 1059 | { 1060 | "techniqueID": "T1542.003", 1061 | "tactic": "defense-evasion", 1062 | "color": "#fc3b3b", 1063 | "comment": "", 1064 | "enabled": true, 1065 | "metadata": [], 1066 | "showSubtechniques": false 1067 | }, 1068 | { 1069 | "techniqueID": "T1055", 1070 | "tactic": "defense-evasion", 1071 | "color": "", 1072 | "comment": "", 1073 | "enabled": true, 1074 | "metadata": [], 1075 | "showSubtechniques": true 1076 | }, 1077 | { 1078 | "techniqueID": "T1055", 1079 | "tactic": "privilege-escalation", 1080 | "color": "", 1081 | "comment": "", 1082 | "enabled": true, 1083 | "metadata": [], 1084 | "showSubtechniques": true 1085 | }, 1086 | { 1087 | "techniqueID": "T1055.001", 1088 | "tactic": "defense-evasion", 1089 | "color": "#fc3b3b", 1090 | "comment": "", 1091 | "enabled": true, 1092 | "metadata": [], 1093 | "showSubtechniques": false 1094 | }, 1095 | { 1096 | "techniqueID": "T1055.001", 1097 | "tactic": "privilege-escalation", 1098 | "color": "#fc3b3b", 1099 | "comment": "", 1100 | "enabled": true, 1101 | "metadata": [], 1102 | "showSubtechniques": false 1103 | }, 1104 | { 1105 | "techniqueID": "T1055.002", 1106 | "tactic": "defense-evasion", 1107 | "color": "#fc3b3b", 1108 | "comment": "", 1109 | "enabled": true, 1110 | "metadata": [], 1111 | "showSubtechniques": false 1112 | }, 1113 | { 1114 | "techniqueID": "T1055.002", 1115 | "tactic": "privilege-escalation", 1116 | "color": "#fc3b3b", 1117 | "comment": "", 1118 | "enabled": true, 1119 | "metadata": [], 1120 | "showSubtechniques": false 1121 | }, 1122 | { 1123 | "techniqueID": "T1055.003", 1124 | "tactic": "defense-evasion", 1125 | "color": "#fc3b3b", 1126 | "comment": "", 1127 | "enabled": true, 1128 | "metadata": [], 1129 | "showSubtechniques": false 1130 | }, 1131 | { 1132 | "techniqueID": "T1055.003", 1133 | "tactic": "privilege-escalation", 1134 | "color": "#fc3b3b", 1135 | "comment": "", 1136 | "enabled": true, 1137 | "metadata": [], 1138 | "showSubtechniques": false 1139 | }, 1140 | { 1141 | "techniqueID": "T1055.004", 1142 | "tactic": "defense-evasion", 1143 | "color": "#fc3b3b", 1144 | "comment": "", 1145 | "enabled": true, 1146 | "metadata": [], 1147 | "showSubtechniques": false 1148 | }, 1149 | { 1150 | "techniqueID": "T1055.004", 1151 | "tactic": "privilege-escalation", 1152 | "color": "#fc3b3b", 1153 | "comment": "", 1154 | "enabled": true, 1155 | "metadata": [], 1156 | "showSubtechniques": false 1157 | }, 1158 | { 1159 | "techniqueID": "T1055.005", 1160 | "tactic": "defense-evasion", 1161 | "color": "#fc3b3b", 1162 | "comment": "", 1163 | "enabled": true, 1164 | "metadata": [], 1165 | "showSubtechniques": false 1166 | }, 1167 | { 1168 | "techniqueID": "T1055.005", 1169 | "tactic": "privilege-escalation", 1170 | "color": "#fc3b3b", 1171 | "comment": "", 1172 | "enabled": true, 1173 | "metadata": [], 1174 | "showSubtechniques": false 1175 | }, 1176 | { 1177 | "techniqueID": "T1055.008", 1178 | "tactic": "defense-evasion", 1179 | "color": "#fc3b3b", 1180 | "comment": "", 1181 | "enabled": true, 1182 | "metadata": [], 1183 | "showSubtechniques": false 1184 | }, 1185 | { 1186 | "techniqueID": "T1055.008", 1187 | "tactic": "privilege-escalation", 1188 | "color": "#fc3b3b", 1189 | "comment": "", 1190 | "enabled": true, 1191 | "metadata": [], 1192 | "showSubtechniques": false 1193 | }, 1194 | { 1195 | "techniqueID": "T1055.009", 1196 | "tactic": "defense-evasion", 1197 | "color": "#fc3b3b", 1198 | "comment": "", 1199 | "enabled": true, 1200 | "metadata": [], 1201 | "showSubtechniques": false 1202 | }, 1203 | { 1204 | "techniqueID": "T1055.009", 1205 | "tactic": "privilege-escalation", 1206 | "color": "#fc3b3b", 1207 | "comment": "", 1208 | "enabled": true, 1209 | "metadata": [], 1210 | "showSubtechniques": false 1211 | }, 1212 | { 1213 | "techniqueID": "T1055.011", 1214 | "tactic": "defense-evasion", 1215 | "color": "#fc3b3b", 1216 | "comment": "", 1217 | "enabled": true, 1218 | "metadata": [], 1219 | "showSubtechniques": false 1220 | }, 1221 | { 1222 | "techniqueID": "T1055.011", 1223 | "tactic": "privilege-escalation", 1224 | "color": "#fc3b3b", 1225 | "comment": "", 1226 | "enabled": true, 1227 | "metadata": [], 1228 | "showSubtechniques": false 1229 | }, 1230 | { 1231 | "techniqueID": "T1055.012", 1232 | "tactic": "defense-evasion", 1233 | "color": "#fc3b3b", 1234 | "comment": "", 1235 | "enabled": true, 1236 | "metadata": [], 1237 | "showSubtechniques": false 1238 | }, 1239 | { 1240 | "techniqueID": "T1055.012", 1241 | "tactic": "privilege-escalation", 1242 | "color": "#fc3b3b", 1243 | "comment": "", 1244 | "enabled": true, 1245 | "metadata": [], 1246 | "showSubtechniques": false 1247 | }, 1248 | { 1249 | "techniqueID": "T1055.014", 1250 | "tactic": "defense-evasion", 1251 | "color": "#fc3b3b", 1252 | "comment": "", 1253 | "enabled": true, 1254 | "metadata": [], 1255 | "showSubtechniques": false 1256 | }, 1257 | { 1258 | "techniqueID": "T1055.014", 1259 | "tactic": "privilege-escalation", 1260 | "color": "#fc3b3b", 1261 | "comment": "", 1262 | "enabled": true, 1263 | "metadata": [], 1264 | "showSubtechniques": false 1265 | }, 1266 | { 1267 | "techniqueID": "T1090", 1268 | "tactic": "command-and-control", 1269 | "color": "", 1270 | "comment": "", 1271 | "enabled": true, 1272 | "metadata": [], 1273 | "showSubtechniques": true 1274 | }, 1275 | { 1276 | "techniqueID": "T1563", 1277 | "tactic": "lateral-movement", 1278 | "color": "", 1279 | "comment": "", 1280 | "enabled": true, 1281 | "metadata": [], 1282 | "showSubtechniques": true 1283 | }, 1284 | { 1285 | "techniqueID": "T1021", 1286 | "tactic": "lateral-movement", 1287 | "color": "", 1288 | "comment": "", 1289 | "enabled": true, 1290 | "metadata": [], 1291 | "showSubtechniques": true 1292 | }, 1293 | { 1294 | "techniqueID": "T1014", 1295 | "tactic": "defense-evasion", 1296 | "color": "#fc3b3b", 1297 | "comment": "", 1298 | "enabled": true, 1299 | "metadata": [], 1300 | "showSubtechniques": false 1301 | }, 1302 | { 1303 | "techniqueID": "T1053", 1304 | "tactic": "execution", 1305 | "color": "", 1306 | "comment": "", 1307 | "enabled": true, 1308 | "metadata": [], 1309 | "showSubtechniques": true 1310 | }, 1311 | { 1312 | "techniqueID": "T1053", 1313 | "tactic": "persistence", 1314 | "color": "", 1315 | "comment": "", 1316 | "enabled": true, 1317 | "metadata": [], 1318 | "showSubtechniques": true 1319 | }, 1320 | { 1321 | "techniqueID": "T1053", 1322 | "tactic": "privilege-escalation", 1323 | "color": "", 1324 | "comment": "", 1325 | "enabled": true, 1326 | "metadata": [], 1327 | "showSubtechniques": true 1328 | }, 1329 | { 1330 | "techniqueID": "T1505", 1331 | "tactic": "persistence", 1332 | "color": "", 1333 | "comment": "", 1334 | "enabled": true, 1335 | "metadata": [], 1336 | "showSubtechniques": true 1337 | }, 1338 | { 1339 | "techniqueID": "T1129", 1340 | "tactic": "execution", 1341 | "color": "#fc3b3b", 1342 | "comment": "", 1343 | "enabled": true, 1344 | "metadata": [], 1345 | "showSubtechniques": false 1346 | }, 1347 | { 1348 | "techniqueID": "T1218", 1349 | "tactic": "defense-evasion", 1350 | "color": "#fc3b3b", 1351 | "comment": "", 1352 | "enabled": true, 1353 | "metadata": [], 1354 | "showSubtechniques": true 1355 | }, 1356 | { 1357 | "techniqueID": "T1218.011", 1358 | "tactic": "defense-evasion", 1359 | "color": "#fc3b3b", 1360 | "comment": "", 1361 | "enabled": true, 1362 | "metadata": [], 1363 | "showSubtechniques": false 1364 | }, 1365 | { 1366 | "techniqueID": "T1218.001", 1367 | "tactic": "defense-evasion", 1368 | "color": "#fc3b3b", 1369 | "comment": "", 1370 | "enabled": true, 1371 | "metadata": [], 1372 | "showSubtechniques": false 1373 | }, 1374 | { 1375 | "techniqueID": "T1218.002", 1376 | "tactic": "defense-evasion", 1377 | "color": "#fc3b3b", 1378 | "comment": "", 1379 | "enabled": true, 1380 | "metadata": [], 1381 | "showSubtechniques": false 1382 | }, 1383 | { 1384 | "techniqueID": "T1218.003", 1385 | "tactic": "defense-evasion", 1386 | "color": "#fc3b3b", 1387 | "comment": "", 1388 | "enabled": true, 1389 | "metadata": [], 1390 | "showSubtechniques": false 1391 | }, 1392 | { 1393 | "techniqueID": "T1218.004", 1394 | "tactic": "defense-evasion", 1395 | "color": "#fc3b3b", 1396 | "comment": "", 1397 | "enabled": true, 1398 | "metadata": [], 1399 | "showSubtechniques": false 1400 | }, 1401 | { 1402 | "techniqueID": "T1218.005", 1403 | "tactic": "defense-evasion", 1404 | "color": "#fc3b3b", 1405 | "comment": "", 1406 | "enabled": true, 1407 | "metadata": [], 1408 | "showSubtechniques": false 1409 | }, 1410 | { 1411 | "techniqueID": "T1218.009", 1412 | "tactic": "defense-evasion", 1413 | "color": "#fc3b3b", 1414 | "comment": "", 1415 | "enabled": true, 1416 | "metadata": [], 1417 | "showSubtechniques": false 1418 | }, 1419 | { 1420 | "techniqueID": "T1218.010", 1421 | "tactic": "defense-evasion", 1422 | "color": "#fc3b3b", 1423 | "comment": "", 1424 | "enabled": true, 1425 | "metadata": [], 1426 | "showSubtechniques": false 1427 | }, 1428 | { 1429 | "techniqueID": "T1218.007", 1430 | "tactic": "defense-evasion", 1431 | "color": "#fc3b3b", 1432 | "comment": "", 1433 | "enabled": true, 1434 | "metadata": [], 1435 | "showSubtechniques": false 1436 | }, 1437 | { 1438 | "techniqueID": "T1218.008", 1439 | "tactic": "defense-evasion", 1440 | "color": "#fc3b3b", 1441 | "comment": "", 1442 | "enabled": true, 1443 | "metadata": [], 1444 | "showSubtechniques": false 1445 | }, 1446 | { 1447 | "techniqueID": "T1216", 1448 | "tactic": "defense-evasion", 1449 | "color": "", 1450 | "comment": "", 1451 | "enabled": true, 1452 | "metadata": [], 1453 | "showSubtechniques": true 1454 | }, 1455 | { 1456 | "techniqueID": "T1518", 1457 | "tactic": "discovery", 1458 | "color": "", 1459 | "comment": "", 1460 | "enabled": true, 1461 | "metadata": [], 1462 | "showSubtechniques": true 1463 | }, 1464 | { 1465 | "techniqueID": "T1558", 1466 | "tactic": "credential-access", 1467 | "color": "", 1468 | "comment": "", 1469 | "enabled": true, 1470 | "metadata": [], 1471 | "showSubtechniques": true 1472 | }, 1473 | { 1474 | "techniqueID": "T1553", 1475 | "tactic": "defense-evasion", 1476 | "color": "", 1477 | "comment": "", 1478 | "enabled": true, 1479 | "metadata": [], 1480 | "showSubtechniques": true 1481 | }, 1482 | { 1483 | "techniqueID": "T1553.003", 1484 | "tactic": "defense-evasion", 1485 | "color": "#fc3b3b", 1486 | "comment": "", 1487 | "enabled": true, 1488 | "metadata": [], 1489 | "showSubtechniques": false 1490 | }, 1491 | { 1492 | "techniqueID": "T1195", 1493 | "tactic": "initial-access", 1494 | "color": "", 1495 | "comment": "", 1496 | "enabled": true, 1497 | "metadata": [], 1498 | "showSubtechniques": true 1499 | }, 1500 | { 1501 | "techniqueID": "T1569", 1502 | "tactic": "execution", 1503 | "color": "", 1504 | "comment": "", 1505 | "enabled": true, 1506 | "metadata": [], 1507 | "showSubtechniques": true 1508 | }, 1509 | { 1510 | "techniqueID": "T1205", 1511 | "tactic": "defense-evasion", 1512 | "color": "", 1513 | "comment": "", 1514 | "enabled": true, 1515 | "metadata": [], 1516 | "showSubtechniques": true 1517 | }, 1518 | { 1519 | "techniqueID": "T1205", 1520 | "tactic": "persistence", 1521 | "color": "", 1522 | "comment": "", 1523 | "enabled": true, 1524 | "metadata": [], 1525 | "showSubtechniques": true 1526 | }, 1527 | { 1528 | "techniqueID": "T1205", 1529 | "tactic": "command-and-control", 1530 | "color": "", 1531 | "comment": "", 1532 | "enabled": true, 1533 | "metadata": [], 1534 | "showSubtechniques": true 1535 | }, 1536 | { 1537 | "techniqueID": "T1127", 1538 | "tactic": "defense-evasion", 1539 | "color": "#fc3b3b", 1540 | "comment": "", 1541 | "enabled": true, 1542 | "metadata": [], 1543 | "showSubtechniques": true 1544 | }, 1545 | { 1546 | "techniqueID": "T1127.001", 1547 | "tactic": "defense-evasion", 1548 | "color": "#fc3b3b", 1549 | "comment": "", 1550 | "enabled": true, 1551 | "metadata": [], 1552 | "showSubtechniques": false 1553 | }, 1554 | { 1555 | "techniqueID": "T1552", 1556 | "tactic": "credential-access", 1557 | "color": "", 1558 | "comment": "", 1559 | "enabled": true, 1560 | "metadata": [], 1561 | "showSubtechniques": true 1562 | }, 1563 | { 1564 | "techniqueID": "T1550", 1565 | "tactic": "defense-evasion", 1566 | "color": "", 1567 | "comment": "", 1568 | "enabled": true, 1569 | "metadata": [], 1570 | "showSubtechniques": true 1571 | }, 1572 | { 1573 | "techniqueID": "T1550", 1574 | "tactic": "lateral-movement", 1575 | "color": "", 1576 | "comment": "", 1577 | "enabled": true, 1578 | "metadata": [], 1579 | "showSubtechniques": true 1580 | }, 1581 | { 1582 | "techniqueID": "T1204", 1583 | "tactic": "execution", 1584 | "color": "", 1585 | "comment": "", 1586 | "enabled": true, 1587 | "metadata": [], 1588 | "showSubtechniques": true 1589 | }, 1590 | { 1591 | "techniqueID": "T1078", 1592 | "tactic": "defense-evasion", 1593 | "color": "", 1594 | "comment": "", 1595 | "enabled": true, 1596 | "metadata": [], 1597 | "showSubtechniques": true 1598 | }, 1599 | { 1600 | "techniqueID": "T1078", 1601 | "tactic": "persistence", 1602 | "color": "", 1603 | "comment": "", 1604 | "enabled": true, 1605 | "metadata": [], 1606 | "showSubtechniques": true 1607 | }, 1608 | { 1609 | "techniqueID": "T1078", 1610 | "tactic": "privilege-escalation", 1611 | "color": "", 1612 | "comment": "", 1613 | "enabled": true, 1614 | "metadata": [], 1615 | "showSubtechniques": true 1616 | }, 1617 | { 1618 | "techniqueID": "T1078", 1619 | "tactic": "initial-access", 1620 | "color": "", 1621 | "comment": "", 1622 | "enabled": true, 1623 | "metadata": [], 1624 | "showSubtechniques": true 1625 | }, 1626 | { 1627 | "techniqueID": "T1497", 1628 | "tactic": "defense-evasion", 1629 | "color": "#fc3b3b", 1630 | "comment": "", 1631 | "enabled": true, 1632 | "metadata": [], 1633 | "showSubtechniques": true 1634 | }, 1635 | { 1636 | "techniqueID": "T1497", 1637 | "tactic": "discovery", 1638 | "color": "#fc3b3b", 1639 | "comment": "", 1640 | "enabled": true, 1641 | "metadata": [], 1642 | "showSubtechniques": true 1643 | }, 1644 | { 1645 | "techniqueID": "T1497.001", 1646 | "tactic": "defense-evasion", 1647 | "color": "#fc3b3b", 1648 | "comment": "", 1649 | "enabled": true, 1650 | "metadata": [], 1651 | "showSubtechniques": false 1652 | }, 1653 | { 1654 | "techniqueID": "T1497.001", 1655 | "tactic": "discovery", 1656 | "color": "#fc3b3b", 1657 | "comment": "", 1658 | "enabled": true, 1659 | "metadata": [], 1660 | "showSubtechniques": false 1661 | }, 1662 | { 1663 | "techniqueID": "T1497.002", 1664 | "tactic": "defense-evasion", 1665 | "color": "#fc3b3b", 1666 | "comment": "", 1667 | "enabled": true, 1668 | "metadata": [], 1669 | "showSubtechniques": false 1670 | }, 1671 | { 1672 | "techniqueID": "T1497.002", 1673 | "tactic": "discovery", 1674 | "color": "#fc3b3b", 1675 | "comment": "", 1676 | "enabled": true, 1677 | "metadata": [], 1678 | "showSubtechniques": false 1679 | }, 1680 | { 1681 | "techniqueID": "T1497.003", 1682 | "tactic": "defense-evasion", 1683 | "color": "#fc3b3b", 1684 | "comment": "", 1685 | "enabled": true, 1686 | "metadata": [], 1687 | "showSubtechniques": false 1688 | }, 1689 | { 1690 | "techniqueID": "T1497.003", 1691 | "tactic": "discovery", 1692 | "color": "#fc3b3b", 1693 | "comment": "", 1694 | "enabled": true, 1695 | "metadata": [], 1696 | "showSubtechniques": false 1697 | }, 1698 | { 1699 | "techniqueID": "T1102", 1700 | "tactic": "command-and-control", 1701 | "color": "", 1702 | "comment": "", 1703 | "enabled": true, 1704 | "metadata": [], 1705 | "showSubtechniques": true 1706 | }, 1707 | { 1708 | "techniqueID": "T1220", 1709 | "tactic": "defense-evasion", 1710 | "color": "#fc3b3b", 1711 | "comment": "", 1712 | "enabled": true, 1713 | "metadata": [], 1714 | "showSubtechniques": false 1715 | } 1716 | ], 1717 | "gradient": { 1718 | "colors": [ 1719 | "#ff6666", 1720 | "#ffe766", 1721 | "#8ec843" 1722 | ], 1723 | "minValue": 0, 1724 | "maxValue": 100 1725 | }, 1726 | "legendItems": [], 1727 | "metadata": [], 1728 | "showTacticRowBackground": false, 1729 | "tacticRowBackground": "#dddddd", 1730 | "selectTechniquesAcrossTactics": true, 1731 | "selectSubtechniquesWithParent": false 1732 | } -------------------------------------------------------------------------------- /teaching/Yellow.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Yellow", 3 | "version": "3.0", 4 | "domain": "mitre-enterprise", 5 | "description": "", 6 | "filters": { 7 | "stages": [ 8 | "act" 9 | ], 10 | "platforms": [ 11 | "Windows", 12 | "Linux", 13 | "macOS" 14 | ] 15 | }, 16 | "sorting": 0, 17 | "layout": { 18 | "layout": "side", 19 | "showID": false, 20 | "showName": true 21 | }, 22 | "hideDisabled": false, 23 | "techniques": [ 24 | { 25 | "techniqueID": "T1548", 26 | "tactic": "privilege-escalation", 27 | "color": "", 28 | "comment": "", 29 | "enabled": true, 30 | "metadata": [], 31 | "showSubtechniques": true 32 | }, 33 | { 34 | "techniqueID": "T1548", 35 | "tactic": "defense-evasion", 36 | "color": "", 37 | "comment": "", 38 | "enabled": true, 39 | "metadata": [], 40 | "showSubtechniques": true 41 | }, 42 | { 43 | "techniqueID": "T1134", 44 | "tactic": "defense-evasion", 45 | "color": "#fce93b", 46 | "comment": "", 47 | "enabled": true, 48 | "metadata": [], 49 | "showSubtechniques": true 50 | }, 51 | { 52 | "techniqueID": "T1134", 53 | "tactic": "privilege-escalation", 54 | "color": "#fce93b", 55 | "comment": "", 56 | "enabled": true, 57 | "metadata": [], 58 | "showSubtechniques": true 59 | }, 60 | { 61 | "techniqueID": "T1134.001", 62 | "tactic": "defense-evasion", 63 | "color": "#fce93b", 64 | "comment": "", 65 | "enabled": true, 66 | "metadata": [], 67 | "showSubtechniques": false 68 | }, 69 | { 70 | "techniqueID": "T1134.001", 71 | "tactic": "privilege-escalation", 72 | "color": "#fce93b", 73 | "comment": "", 74 | "enabled": true, 75 | "metadata": [], 76 | "showSubtechniques": false 77 | }, 78 | { 79 | "techniqueID": "T1134.002", 80 | "tactic": "defense-evasion", 81 | "color": "#fce93b", 82 | "comment": "", 83 | "enabled": true, 84 | "metadata": [], 85 | "showSubtechniques": false 86 | }, 87 | { 88 | "techniqueID": "T1134.002", 89 | "tactic": "privilege-escalation", 90 | "color": "#fce93b", 91 | "comment": "", 92 | "enabled": true, 93 | "metadata": [], 94 | "showSubtechniques": false 95 | }, 96 | { 97 | "techniqueID": "T1134.003", 98 | "tactic": "defense-evasion", 99 | "color": "#fce93b", 100 | "comment": "", 101 | "enabled": true, 102 | "metadata": [], 103 | "showSubtechniques": false 104 | }, 105 | { 106 | "techniqueID": "T1134.003", 107 | "tactic": "privilege-escalation", 108 | "color": "#fce93b", 109 | "comment": "", 110 | "enabled": true, 111 | "metadata": [], 112 | "showSubtechniques": false 113 | }, 114 | { 115 | "techniqueID": "T1134.004", 116 | "tactic": "defense-evasion", 117 | "color": "#fce93b", 118 | "comment": "", 119 | "enabled": true, 120 | "metadata": [], 121 | "showSubtechniques": false 122 | }, 123 | { 124 | "techniqueID": "T1134.004", 125 | "tactic": "privilege-escalation", 126 | "color": "#fce93b", 127 | "comment": "", 128 | "enabled": true, 129 | "metadata": [], 130 | "showSubtechniques": false 131 | }, 132 | { 133 | "techniqueID": "T1134.005", 134 | "tactic": "defense-evasion", 135 | "color": "#fce93b", 136 | "comment": "", 137 | "enabled": true, 138 | "metadata": [], 139 | "showSubtechniques": false 140 | }, 141 | { 142 | "techniqueID": "T1134.005", 143 | "tactic": "privilege-escalation", 144 | "color": "#fce93b", 145 | "comment": "", 146 | "enabled": true, 147 | "metadata": [], 148 | "showSubtechniques": false 149 | }, 150 | { 151 | "techniqueID": "T1087", 152 | "tactic": "discovery", 153 | "color": "", 154 | "comment": "", 155 | "enabled": true, 156 | "metadata": [], 157 | "showSubtechniques": true 158 | }, 159 | { 160 | "techniqueID": "T1098", 161 | "tactic": "persistence", 162 | "color": "", 163 | "comment": "", 164 | "enabled": true, 165 | "metadata": [], 166 | "showSubtechniques": true 167 | }, 168 | { 169 | "techniqueID": "T1071", 170 | "tactic": "command-and-control", 171 | "color": "", 172 | "comment": "", 173 | "enabled": true, 174 | "metadata": [], 175 | "showSubtechniques": true 176 | }, 177 | { 178 | "techniqueID": "T1560", 179 | "tactic": "collection", 180 | "color": "", 181 | "comment": "", 182 | "enabled": true, 183 | "metadata": [], 184 | "showSubtechniques": true 185 | }, 186 | { 187 | "techniqueID": "T1123", 188 | "tactic": "collection", 189 | "color": "#e6d60d", 190 | "comment": "", 191 | "enabled": true, 192 | "metadata": [], 193 | "showSubtechniques": false 194 | }, 195 | { 196 | "techniqueID": "T1547", 197 | "tactic": "persistence", 198 | "color": "", 199 | "comment": "", 200 | "enabled": true, 201 | "metadata": [], 202 | "showSubtechniques": true 203 | }, 204 | { 205 | "techniqueID": "T1547", 206 | "tactic": "privilege-escalation", 207 | "color": "", 208 | "comment": "", 209 | "enabled": true, 210 | "metadata": [], 211 | "showSubtechniques": true 212 | }, 213 | { 214 | "techniqueID": "T1037", 215 | "tactic": "persistence", 216 | "color": "", 217 | "comment": "", 218 | "enabled": true, 219 | "metadata": [], 220 | "showSubtechniques": true 221 | }, 222 | { 223 | "techniqueID": "T1037", 224 | "tactic": "privilege-escalation", 225 | "color": "", 226 | "comment": "", 227 | "enabled": true, 228 | "metadata": [], 229 | "showSubtechniques": true 230 | }, 231 | { 232 | "techniqueID": "T1110", 233 | "tactic": "credential-access", 234 | "color": "", 235 | "comment": "", 236 | "enabled": true, 237 | "metadata": [], 238 | "showSubtechniques": true 239 | }, 240 | { 241 | "techniqueID": "T1110.002", 242 | "tactic": "credential-access", 243 | "color": "#fce93b", 244 | "comment": "", 245 | "enabled": true, 246 | "metadata": [], 247 | "showSubtechniques": false 248 | }, 249 | { 250 | "techniqueID": "T1110.003", 251 | "tactic": "credential-access", 252 | "color": "#fce93b", 253 | "comment": "", 254 | "enabled": true, 255 | "metadata": [], 256 | "showSubtechniques": false 257 | }, 258 | { 259 | "techniqueID": "T1110.004", 260 | "tactic": "credential-access", 261 | "color": "#fce93b", 262 | "comment": "", 263 | "enabled": true, 264 | "metadata": [], 265 | "showSubtechniques": false 266 | }, 267 | { 268 | "techniqueID": "T1059", 269 | "tactic": "execution", 270 | "color": "", 271 | "comment": "", 272 | "enabled": true, 273 | "metadata": [], 274 | "showSubtechniques": true 275 | }, 276 | { 277 | "techniqueID": "T1136", 278 | "tactic": "persistence", 279 | "color": "", 280 | "comment": "", 281 | "enabled": true, 282 | "metadata": [], 283 | "showSubtechniques": true 284 | }, 285 | { 286 | "techniqueID": "T1543", 287 | "tactic": "persistence", 288 | "color": "", 289 | "comment": "", 290 | "enabled": true, 291 | "metadata": [], 292 | "showSubtechniques": true 293 | }, 294 | { 295 | "techniqueID": "T1543", 296 | "tactic": "privilege-escalation", 297 | "color": "", 298 | "comment": "", 299 | "enabled": true, 300 | "metadata": [], 301 | "showSubtechniques": true 302 | }, 303 | { 304 | "techniqueID": "T1555", 305 | "tactic": "credential-access", 306 | "color": "#fce93b", 307 | "comment": "", 308 | "enabled": true, 309 | "metadata": [], 310 | "showSubtechniques": true 311 | }, 312 | { 313 | "techniqueID": "T1555.001", 314 | "tactic": "credential-access", 315 | "color": "#fce93b", 316 | "comment": "", 317 | "enabled": true, 318 | "metadata": [], 319 | "showSubtechniques": false 320 | }, 321 | { 322 | "techniqueID": "T1555.002", 323 | "tactic": "credential-access", 324 | "color": "#fce93b", 325 | "comment": "", 326 | "enabled": true, 327 | "metadata": [], 328 | "showSubtechniques": false 329 | }, 330 | { 331 | "techniqueID": "T1555.003", 332 | "tactic": "credential-access", 333 | "color": "#fce93b", 334 | "comment": "", 335 | "enabled": true, 336 | "metadata": [], 337 | "showSubtechniques": false 338 | }, 339 | { 340 | "techniqueID": "T1132", 341 | "tactic": "command-and-control", 342 | "color": "", 343 | "comment": "", 344 | "enabled": true, 345 | "metadata": [], 346 | "showSubtechniques": true 347 | }, 348 | { 349 | "techniqueID": "T1565", 350 | "tactic": "impact", 351 | "color": "", 352 | "comment": "", 353 | "enabled": true, 354 | "metadata": [], 355 | "showSubtechniques": true 356 | }, 357 | { 358 | "techniqueID": "T1001", 359 | "tactic": "command-and-control", 360 | "color": "#fce93b", 361 | "comment": "", 362 | "enabled": true, 363 | "metadata": [], 364 | "showSubtechniques": true 365 | }, 366 | { 367 | "techniqueID": "T1001.001", 368 | "tactic": "command-and-control", 369 | "color": "#fce93b", 370 | "comment": "", 371 | "enabled": true, 372 | "metadata": [], 373 | "showSubtechniques": false 374 | }, 375 | { 376 | "techniqueID": "T1001.002", 377 | "tactic": "command-and-control", 378 | "color": "#fce93b", 379 | "comment": "", 380 | "enabled": true, 381 | "metadata": [], 382 | "showSubtechniques": false 383 | }, 384 | { 385 | "techniqueID": "T1001.003", 386 | "tactic": "command-and-control", 387 | "color": "#fce93b", 388 | "comment": "", 389 | "enabled": true, 390 | "metadata": [], 391 | "showSubtechniques": false 392 | }, 393 | { 394 | "techniqueID": "T1074", 395 | "tactic": "collection", 396 | "color": "", 397 | "comment": "", 398 | "enabled": true, 399 | "metadata": [], 400 | "showSubtechniques": true 401 | }, 402 | { 403 | "techniqueID": "T1213", 404 | "tactic": "collection", 405 | "color": "", 406 | "comment": "", 407 | "enabled": true, 408 | "metadata": [], 409 | "showSubtechniques": true 410 | }, 411 | { 412 | "techniqueID": "T1491", 413 | "tactic": "impact", 414 | "color": "", 415 | "comment": "", 416 | "enabled": true, 417 | "metadata": [], 418 | "showSubtechniques": true 419 | }, 420 | { 421 | "techniqueID": "T1140", 422 | "tactic": "defense-evasion", 423 | "color": "#fce93b", 424 | "comment": "", 425 | "enabled": true, 426 | "metadata": [], 427 | "showSubtechniques": false 428 | }, 429 | { 430 | "techniqueID": "T1006", 431 | "tactic": "defense-evasion", 432 | "color": "#fce93b", 433 | "comment": "", 434 | "enabled": true, 435 | "metadata": [], 436 | "showSubtechniques": false 437 | }, 438 | { 439 | "techniqueID": "T1561", 440 | "tactic": "impact", 441 | "color": "", 442 | "comment": "", 443 | "enabled": true, 444 | "metadata": [], 445 | "showSubtechniques": true 446 | }, 447 | { 448 | "techniqueID": "T1568", 449 | "tactic": "command-and-control", 450 | "color": "", 451 | "comment": "", 452 | "enabled": true, 453 | "metadata": [], 454 | "showSubtechniques": true 455 | }, 456 | { 457 | "techniqueID": "T1114", 458 | "tactic": "collection", 459 | "color": "", 460 | "comment": "", 461 | "enabled": true, 462 | "metadata": [], 463 | "showSubtechniques": true 464 | }, 465 | { 466 | "techniqueID": "T1573", 467 | "tactic": "command-and-control", 468 | "color": "", 469 | "comment": "", 470 | "enabled": true, 471 | "metadata": [], 472 | "showSubtechniques": true 473 | }, 474 | { 475 | "techniqueID": "T1499", 476 | "tactic": "impact", 477 | "color": "#fce93b", 478 | "comment": "", 479 | "enabled": true, 480 | "metadata": [], 481 | "showSubtechniques": true 482 | }, 483 | { 484 | "techniqueID": "T1499.001", 485 | "tactic": "impact", 486 | "color": "#fce93b", 487 | "comment": "", 488 | "enabled": true, 489 | "metadata": [], 490 | "showSubtechniques": false 491 | }, 492 | { 493 | "techniqueID": "T1499.002", 494 | "tactic": "impact", 495 | "color": "#fce93b", 496 | "comment": "", 497 | "enabled": true, 498 | "metadata": [], 499 | "showSubtechniques": false 500 | }, 501 | { 502 | "techniqueID": "T1499.003", 503 | "tactic": "impact", 504 | "color": "#fce93b", 505 | "comment": "", 506 | "enabled": true, 507 | "metadata": [], 508 | "showSubtechniques": false 509 | }, 510 | { 511 | "techniqueID": "T1499.004", 512 | "tactic": "impact", 513 | "color": "#fce93b", 514 | "comment": "", 515 | "enabled": true, 516 | "metadata": [], 517 | "showSubtechniques": false 518 | }, 519 | { 520 | "techniqueID": "T1546", 521 | "tactic": "privilege-escalation", 522 | "color": "", 523 | "comment": "", 524 | "enabled": true, 525 | "metadata": [], 526 | "showSubtechniques": true 527 | }, 528 | { 529 | "techniqueID": "T1546", 530 | "tactic": "persistence", 531 | "color": "", 532 | "comment": "", 533 | "enabled": true, 534 | "metadata": [], 535 | "showSubtechniques": true 536 | }, 537 | { 538 | "techniqueID": "T1546.003", 539 | "tactic": "privilege-escalation", 540 | "color": "#fce93b", 541 | "comment": "", 542 | "enabled": true, 543 | "metadata": [], 544 | "showSubtechniques": false 545 | }, 546 | { 547 | "techniqueID": "T1546.003", 548 | "tactic": "persistence", 549 | "color": "#fce93b", 550 | "comment": "", 551 | "enabled": true, 552 | "metadata": [], 553 | "showSubtechniques": false 554 | }, 555 | { 556 | "techniqueID": "T1546.014", 557 | "tactic": "privilege-escalation", 558 | "color": "#fce93b", 559 | "comment": "", 560 | "enabled": true, 561 | "metadata": [], 562 | "showSubtechniques": false 563 | }, 564 | { 565 | "techniqueID": "T1546.014", 566 | "tactic": "persistence", 567 | "color": "#fce93b", 568 | "comment": "", 569 | "enabled": true, 570 | "metadata": [], 571 | "showSubtechniques": false 572 | }, 573 | { 574 | "techniqueID": "T1480", 575 | "tactic": "defense-evasion", 576 | "color": "", 577 | "comment": "", 578 | "enabled": true, 579 | "metadata": [], 580 | "showSubtechniques": true 581 | }, 582 | { 583 | "techniqueID": "T1048", 584 | "tactic": "exfiltration", 585 | "color": "", 586 | "comment": "", 587 | "enabled": true, 588 | "metadata": [], 589 | "showSubtechniques": true 590 | }, 591 | { 592 | "techniqueID": "T1011", 593 | "tactic": "exfiltration", 594 | "color": "", 595 | "comment": "", 596 | "enabled": true, 597 | "metadata": [], 598 | "showSubtechniques": true 599 | }, 600 | { 601 | "techniqueID": "T1052", 602 | "tactic": "exfiltration", 603 | "color": "", 604 | "comment": "", 605 | "enabled": true, 606 | "metadata": [], 607 | "showSubtechniques": true 608 | }, 609 | { 610 | "techniqueID": "T1567", 611 | "tactic": "exfiltration", 612 | "color": "", 613 | "comment": "", 614 | "enabled": true, 615 | "metadata": [], 616 | "showSubtechniques": true 617 | }, 618 | { 619 | "techniqueID": "T1190", 620 | "tactic": "initial-access", 621 | "color": "#fce93b", 622 | "comment": "", 623 | "enabled": true, 624 | "metadata": [], 625 | "showSubtechniques": false 626 | }, 627 | { 628 | "techniqueID": "T1203", 629 | "tactic": "execution", 630 | "color": "#fce93b", 631 | "comment": "", 632 | "enabled": true, 633 | "metadata": [], 634 | "showSubtechniques": false 635 | }, 636 | { 637 | "techniqueID": "T1212", 638 | "tactic": "credential-access", 639 | "color": "#fce93b", 640 | "comment": "", 641 | "enabled": true, 642 | "metadata": [], 643 | "showSubtechniques": false 644 | }, 645 | { 646 | "techniqueID": "T1211", 647 | "tactic": "defense-evasion", 648 | "color": "#fce93b", 649 | "comment": "", 650 | "enabled": true, 651 | "metadata": [], 652 | "showSubtechniques": false 653 | }, 654 | { 655 | "techniqueID": "T1068", 656 | "tactic": "privilege-escalation", 657 | "color": "#fce93b", 658 | "comment": "", 659 | "enabled": true, 660 | "metadata": [], 661 | "showSubtechniques": false 662 | }, 663 | { 664 | "techniqueID": "T1210", 665 | "tactic": "lateral-movement", 666 | "color": "#fce93b", 667 | "comment": "", 668 | "enabled": true, 669 | "metadata": [], 670 | "showSubtechniques": false 671 | }, 672 | { 673 | "techniqueID": "T1222", 674 | "tactic": "defense-evasion", 675 | "color": "", 676 | "comment": "", 677 | "enabled": true, 678 | "metadata": [], 679 | "showSubtechniques": true 680 | }, 681 | { 682 | "techniqueID": "T1200", 683 | "tactic": "initial-access", 684 | "color": "#fce93b", 685 | "comment": "", 686 | "enabled": true, 687 | "metadata": [], 688 | "showSubtechniques": false 689 | }, 690 | { 691 | "techniqueID": "T1564", 692 | "tactic": "defense-evasion", 693 | "color": "", 694 | "comment": "", 695 | "enabled": true, 696 | "metadata": [], 697 | "showSubtechniques": true 698 | }, 699 | { 700 | "techniqueID": "T1574", 701 | "tactic": "persistence", 702 | "color": "", 703 | "comment": "", 704 | "enabled": true, 705 | "metadata": [], 706 | "showSubtechniques": true 707 | }, 708 | { 709 | "techniqueID": "T1574", 710 | "tactic": "privilege-escalation", 711 | "color": "", 712 | "comment": "", 713 | "enabled": true, 714 | "metadata": [], 715 | "showSubtechniques": true 716 | }, 717 | { 718 | "techniqueID": "T1574", 719 | "tactic": "defense-evasion", 720 | "color": "", 721 | "comment": "", 722 | "enabled": true, 723 | "metadata": [], 724 | "showSubtechniques": true 725 | }, 726 | { 727 | "techniqueID": "T1562", 728 | "tactic": "defense-evasion", 729 | "color": "", 730 | "comment": "", 731 | "enabled": true, 732 | "metadata": [], 733 | "showSubtechniques": true 734 | }, 735 | { 736 | "techniqueID": "T1070", 737 | "tactic": "defense-evasion", 738 | "color": "", 739 | "comment": "", 740 | "enabled": true, 741 | "metadata": [], 742 | "showSubtechniques": true 743 | }, 744 | { 745 | "techniqueID": "T1202", 746 | "tactic": "defense-evasion", 747 | "color": "#fce93b", 748 | "comment": "", 749 | "enabled": true, 750 | "metadata": [], 751 | "showSubtechniques": false 752 | }, 753 | { 754 | "techniqueID": "T1056", 755 | "tactic": "collection", 756 | "color": "", 757 | "comment": "", 758 | "enabled": true, 759 | "metadata": [], 760 | "showSubtechniques": true 761 | }, 762 | { 763 | "techniqueID": "T1056", 764 | "tactic": "credential-access", 765 | "color": "", 766 | "comment": "", 767 | "enabled": true, 768 | "metadata": [], 769 | "showSubtechniques": true 770 | }, 771 | { 772 | "techniqueID": "T1056.001", 773 | "tactic": "collection", 774 | "color": "#fce93b", 775 | "comment": "", 776 | "enabled": true, 777 | "metadata": [], 778 | "showSubtechniques": false 779 | }, 780 | { 781 | "techniqueID": "T1056.001", 782 | "tactic": "credential-access", 783 | "color": "#fce93b", 784 | "comment": "", 785 | "enabled": true, 786 | "metadata": [], 787 | "showSubtechniques": false 788 | }, 789 | { 790 | "techniqueID": "T1056.002", 791 | "tactic": "collection", 792 | "color": "#fce93b", 793 | "comment": "", 794 | "enabled": true, 795 | "metadata": [], 796 | "showSubtechniques": false 797 | }, 798 | { 799 | "techniqueID": "T1056.002", 800 | "tactic": "credential-access", 801 | "color": "#fce93b", 802 | "comment": "", 803 | "enabled": true, 804 | "metadata": [], 805 | "showSubtechniques": false 806 | }, 807 | { 808 | "techniqueID": "T1056.004", 809 | "tactic": "collection", 810 | "color": "#fce93b", 811 | "comment": "", 812 | "enabled": true, 813 | "metadata": [], 814 | "showSubtechniques": false 815 | }, 816 | { 817 | "techniqueID": "T1056.004", 818 | "tactic": "credential-access", 819 | "color": "#fce93b", 820 | "comment": "", 821 | "enabled": true, 822 | "metadata": [], 823 | "showSubtechniques": false 824 | }, 825 | { 826 | "techniqueID": "T1559", 827 | "tactic": "execution", 828 | "color": "", 829 | "comment": "", 830 | "enabled": true, 831 | "metadata": [], 832 | "showSubtechniques": true 833 | }, 834 | { 835 | "techniqueID": "T1185", 836 | "tactic": "collection", 837 | "color": "#e6d60d", 838 | "comment": "", 839 | "enabled": true, 840 | "metadata": [], 841 | "showSubtechniques": false 842 | }, 843 | { 844 | "techniqueID": "T1557", 845 | "tactic": "credential-access", 846 | "color": "", 847 | "comment": "", 848 | "enabled": true, 849 | "metadata": [], 850 | "showSubtechniques": true 851 | }, 852 | { 853 | "techniqueID": "T1557", 854 | "tactic": "collection", 855 | "color": "", 856 | "comment": "", 857 | "enabled": true, 858 | "metadata": [], 859 | "showSubtechniques": true 860 | }, 861 | { 862 | "techniqueID": "T1036", 863 | "tactic": "defense-evasion", 864 | "color": "", 865 | "comment": "", 866 | "enabled": true, 867 | "metadata": [], 868 | "showSubtechniques": true 869 | }, 870 | { 871 | "techniqueID": "T1036.001", 872 | "tactic": "defense-evasion", 873 | "color": "#fce93b", 874 | "comment": "", 875 | "enabled": true, 876 | "metadata": [], 877 | "showSubtechniques": false 878 | }, 879 | { 880 | "techniqueID": "T1556", 881 | "tactic": "credential-access", 882 | "color": "", 883 | "comment": "", 884 | "enabled": true, 885 | "metadata": [], 886 | "showSubtechniques": true 887 | }, 888 | { 889 | "techniqueID": "T1556", 890 | "tactic": "defense-evasion", 891 | "color": "", 892 | "comment": "", 893 | "enabled": true, 894 | "metadata": [], 895 | "showSubtechniques": true 896 | }, 897 | { 898 | "techniqueID": "T1556.001", 899 | "tactic": "credential-access", 900 | "color": "#fce93b", 901 | "comment": "", 902 | "enabled": true, 903 | "metadata": [], 904 | "showSubtechniques": false 905 | }, 906 | { 907 | "techniqueID": "T1556.001", 908 | "tactic": "defense-evasion", 909 | "color": "#fce93b", 910 | "comment": "", 911 | "enabled": true, 912 | "metadata": [], 913 | "showSubtechniques": false 914 | }, 915 | { 916 | "techniqueID": "T1578", 917 | "tactic": "defense-evasion", 918 | "color": "", 919 | "comment": "", 920 | "enabled": true, 921 | "metadata": [], 922 | "showSubtechniques": true 923 | }, 924 | { 925 | "techniqueID": "T1498", 926 | "tactic": "impact", 927 | "color": "#fce93b", 928 | "comment": "", 929 | "enabled": true, 930 | "metadata": [], 931 | "showSubtechniques": true 932 | }, 933 | { 934 | "techniqueID": "T1498.001", 935 | "tactic": "impact", 936 | "color": "#fce93b", 937 | "comment": "", 938 | "enabled": true, 939 | "metadata": [], 940 | "showSubtechniques": false 941 | }, 942 | { 943 | "techniqueID": "T1498.002", 944 | "tactic": "impact", 945 | "color": "#fce93b", 946 | "comment": "", 947 | "enabled": true, 948 | "metadata": [], 949 | "showSubtechniques": false 950 | }, 951 | { 952 | "techniqueID": "T1040", 953 | "tactic": "credential-access", 954 | "color": "#fce93b", 955 | "comment": "", 956 | "enabled": true, 957 | "metadata": [], 958 | "showSubtechniques": false 959 | }, 960 | { 961 | "techniqueID": "T1040", 962 | "tactic": "discovery", 963 | "color": "#fce93b", 964 | "comment": "", 965 | "enabled": true, 966 | "metadata": [], 967 | "showSubtechniques": false 968 | }, 969 | { 970 | "techniqueID": "T1003", 971 | "tactic": "credential-access", 972 | "color": "#fce93b", 973 | "comment": "", 974 | "enabled": true, 975 | "metadata": [], 976 | "showSubtechniques": true 977 | }, 978 | { 979 | "techniqueID": "T1003.001", 980 | "tactic": "credential-access", 981 | "color": "#fce93b", 982 | "comment": "", 983 | "enabled": true, 984 | "metadata": [], 985 | "showSubtechniques": false 986 | }, 987 | { 988 | "techniqueID": "T1003.002", 989 | "tactic": "credential-access", 990 | "color": "#fce93b", 991 | "comment": "", 992 | "enabled": true, 993 | "metadata": [], 994 | "showSubtechniques": false 995 | }, 996 | { 997 | "techniqueID": "T1003.003", 998 | "tactic": "credential-access", 999 | "color": "#fce93b", 1000 | "comment": "", 1001 | "enabled": true, 1002 | "metadata": [], 1003 | "showSubtechniques": false 1004 | }, 1005 | { 1006 | "techniqueID": "T1003.006", 1007 | "tactic": "credential-access", 1008 | "color": "#fce93b", 1009 | "comment": "", 1010 | "enabled": true, 1011 | "metadata": [], 1012 | "showSubtechniques": false 1013 | }, 1014 | { 1015 | "techniqueID": "T1003.007", 1016 | "tactic": "credential-access", 1017 | "color": "#fce93b", 1018 | "comment": "", 1019 | "enabled": true, 1020 | "metadata": [], 1021 | "showSubtechniques": false 1022 | }, 1023 | { 1024 | "techniqueID": "T1003.008", 1025 | "tactic": "credential-access", 1026 | "color": "#fce93b", 1027 | "comment": "", 1028 | "enabled": true, 1029 | "metadata": [], 1030 | "showSubtechniques": false 1031 | }, 1032 | { 1033 | "techniqueID": "T1003.005", 1034 | "tactic": "credential-access", 1035 | "color": "#fce93b", 1036 | "comment": "", 1037 | "enabled": true, 1038 | "metadata": [], 1039 | "showSubtechniques": false 1040 | }, 1041 | { 1042 | "techniqueID": "T1003.004", 1043 | "tactic": "credential-access", 1044 | "color": "#fce93b", 1045 | "comment": "", 1046 | "enabled": true, 1047 | "metadata": [], 1048 | "showSubtechniques": false 1049 | }, 1050 | { 1051 | "techniqueID": "T1027", 1052 | "tactic": "defense-evasion", 1053 | "color": "", 1054 | "comment": "", 1055 | "enabled": true, 1056 | "metadata": [], 1057 | "showSubtechniques": true 1058 | }, 1059 | { 1060 | "techniqueID": "T1027.001", 1061 | "tactic": "defense-evasion", 1062 | "color": "#fce93b", 1063 | "comment": "", 1064 | "enabled": true, 1065 | "metadata": [], 1066 | "showSubtechniques": false 1067 | }, 1068 | { 1069 | "techniqueID": "T1027.002", 1070 | "tactic": "defense-evasion", 1071 | "color": "#fce93b", 1072 | "comment": "", 1073 | "enabled": true, 1074 | "metadata": [], 1075 | "showSubtechniques": false 1076 | }, 1077 | { 1078 | "techniqueID": "T1027.003", 1079 | "tactic": "defense-evasion", 1080 | "color": "#fce93b", 1081 | "comment": "", 1082 | "enabled": true, 1083 | "metadata": [], 1084 | "showSubtechniques": false 1085 | }, 1086 | { 1087 | "techniqueID": "T1027.004", 1088 | "tactic": "defense-evasion", 1089 | "color": "#fce93b", 1090 | "comment": "", 1091 | "enabled": true, 1092 | "metadata": [], 1093 | "showSubtechniques": false 1094 | }, 1095 | { 1096 | "techniqueID": "T1137", 1097 | "tactic": "persistence", 1098 | "color": "", 1099 | "comment": "", 1100 | "enabled": true, 1101 | "metadata": [], 1102 | "showSubtechniques": true 1103 | }, 1104 | { 1105 | "techniqueID": "T1069", 1106 | "tactic": "discovery", 1107 | "color": "", 1108 | "comment": "", 1109 | "enabled": true, 1110 | "metadata": [], 1111 | "showSubtechniques": true 1112 | }, 1113 | { 1114 | "techniqueID": "T1566", 1115 | "tactic": "initial-access", 1116 | "color": "", 1117 | "comment": "", 1118 | "enabled": true, 1119 | "metadata": [], 1120 | "showSubtechniques": true 1121 | }, 1122 | { 1123 | "techniqueID": "T1542", 1124 | "tactic": "defense-evasion", 1125 | "color": "", 1126 | "comment": "", 1127 | "enabled": true, 1128 | "metadata": [], 1129 | "showSubtechniques": true 1130 | }, 1131 | { 1132 | "techniqueID": "T1542", 1133 | "tactic": "persistence", 1134 | "color": "", 1135 | "comment": "", 1136 | "enabled": true, 1137 | "metadata": [], 1138 | "showSubtechniques": true 1139 | }, 1140 | { 1141 | "techniqueID": "T1055", 1142 | "tactic": "defense-evasion", 1143 | "color": "", 1144 | "comment": "", 1145 | "enabled": true, 1146 | "metadata": [], 1147 | "showSubtechniques": true 1148 | }, 1149 | { 1150 | "techniqueID": "T1055", 1151 | "tactic": "privilege-escalation", 1152 | "color": "", 1153 | "comment": "", 1154 | "enabled": true, 1155 | "metadata": [], 1156 | "showSubtechniques": true 1157 | }, 1158 | { 1159 | "techniqueID": "T1090", 1160 | "tactic": "command-and-control", 1161 | "color": "", 1162 | "comment": "", 1163 | "enabled": true, 1164 | "metadata": [], 1165 | "showSubtechniques": true 1166 | }, 1167 | { 1168 | "techniqueID": "T1219", 1169 | "tactic": "command-and-control", 1170 | "color": "#fce93b", 1171 | "comment": "", 1172 | "enabled": true, 1173 | "metadata": [], 1174 | "showSubtechniques": false 1175 | }, 1176 | { 1177 | "techniqueID": "T1563", 1178 | "tactic": "lateral-movement", 1179 | "color": "", 1180 | "comment": "", 1181 | "enabled": true, 1182 | "metadata": [], 1183 | "showSubtechniques": true 1184 | }, 1185 | { 1186 | "techniqueID": "T1563.001", 1187 | "tactic": "lateral-movement", 1188 | "color": "#fce93b", 1189 | "comment": "", 1190 | "enabled": true, 1191 | "metadata": [], 1192 | "showSubtechniques": false 1193 | }, 1194 | { 1195 | "techniqueID": "T1021", 1196 | "tactic": "lateral-movement", 1197 | "color": "", 1198 | "comment": "", 1199 | "enabled": true, 1200 | "metadata": [], 1201 | "showSubtechniques": true 1202 | }, 1203 | { 1204 | "techniqueID": "T1053", 1205 | "tactic": "execution", 1206 | "color": "", 1207 | "comment": "", 1208 | "enabled": true, 1209 | "metadata": [], 1210 | "showSubtechniques": true 1211 | }, 1212 | { 1213 | "techniqueID": "T1053", 1214 | "tactic": "persistence", 1215 | "color": "", 1216 | "comment": "", 1217 | "enabled": true, 1218 | "metadata": [], 1219 | "showSubtechniques": true 1220 | }, 1221 | { 1222 | "techniqueID": "T1053", 1223 | "tactic": "privilege-escalation", 1224 | "color": "", 1225 | "comment": "", 1226 | "enabled": true, 1227 | "metadata": [], 1228 | "showSubtechniques": true 1229 | }, 1230 | { 1231 | "techniqueID": "T1505", 1232 | "tactic": "persistence", 1233 | "color": "", 1234 | "comment": "", 1235 | "enabled": true, 1236 | "metadata": [], 1237 | "showSubtechniques": true 1238 | }, 1239 | { 1240 | "techniqueID": "T1218", 1241 | "tactic": "defense-evasion", 1242 | "color": "", 1243 | "comment": "", 1244 | "enabled": true, 1245 | "metadata": [], 1246 | "showSubtechniques": true 1247 | }, 1248 | { 1249 | "techniqueID": "T1216", 1250 | "tactic": "defense-evasion", 1251 | "color": "", 1252 | "comment": "", 1253 | "enabled": true, 1254 | "metadata": [], 1255 | "showSubtechniques": true 1256 | }, 1257 | { 1258 | "techniqueID": "T1518", 1259 | "tactic": "discovery", 1260 | "color": "", 1261 | "comment": "", 1262 | "enabled": true, 1263 | "metadata": [], 1264 | "showSubtechniques": true 1265 | }, 1266 | { 1267 | "techniqueID": "T1558", 1268 | "tactic": "credential-access", 1269 | "color": "#fce93b", 1270 | "comment": "", 1271 | "enabled": true, 1272 | "metadata": [], 1273 | "showSubtechniques": true 1274 | }, 1275 | { 1276 | "techniqueID": "T1558.001", 1277 | "tactic": "credential-access", 1278 | "color": "#fce93b", 1279 | "comment": "", 1280 | "enabled": true, 1281 | "metadata": [], 1282 | "showSubtechniques": false 1283 | }, 1284 | { 1285 | "techniqueID": "T1558.002", 1286 | "tactic": "credential-access", 1287 | "color": "#fce93b", 1288 | "comment": "", 1289 | "enabled": true, 1290 | "metadata": [], 1291 | "showSubtechniques": false 1292 | }, 1293 | { 1294 | "techniqueID": "T1558.003", 1295 | "tactic": "credential-access", 1296 | "color": "#fce93b", 1297 | "comment": "", 1298 | "enabled": true, 1299 | "metadata": [], 1300 | "showSubtechniques": false 1301 | }, 1302 | { 1303 | "techniqueID": "T1553", 1304 | "tactic": "defense-evasion", 1305 | "color": "", 1306 | "comment": "", 1307 | "enabled": true, 1308 | "metadata": [], 1309 | "showSubtechniques": true 1310 | }, 1311 | { 1312 | "techniqueID": "T1553.004", 1313 | "tactic": "defense-evasion", 1314 | "color": "#fce93b", 1315 | "comment": "", 1316 | "enabled": true, 1317 | "metadata": [], 1318 | "showSubtechniques": false 1319 | }, 1320 | { 1321 | "techniqueID": "T1195", 1322 | "tactic": "initial-access", 1323 | "color": "", 1324 | "comment": "", 1325 | "enabled": true, 1326 | "metadata": [], 1327 | "showSubtechniques": true 1328 | }, 1329 | { 1330 | "techniqueID": "T1569", 1331 | "tactic": "execution", 1332 | "color": "", 1333 | "comment": "", 1334 | "enabled": true, 1335 | "metadata": [], 1336 | "showSubtechniques": true 1337 | }, 1338 | { 1339 | "techniqueID": "T1205", 1340 | "tactic": "defense-evasion", 1341 | "color": "", 1342 | "comment": "", 1343 | "enabled": true, 1344 | "metadata": [], 1345 | "showSubtechniques": true 1346 | }, 1347 | { 1348 | "techniqueID": "T1205", 1349 | "tactic": "persistence", 1350 | "color": "", 1351 | "comment": "", 1352 | "enabled": true, 1353 | "metadata": [], 1354 | "showSubtechniques": true 1355 | }, 1356 | { 1357 | "techniqueID": "T1205", 1358 | "tactic": "command-and-control", 1359 | "color": "", 1360 | "comment": "", 1361 | "enabled": true, 1362 | "metadata": [], 1363 | "showSubtechniques": true 1364 | }, 1365 | { 1366 | "techniqueID": "T1127", 1367 | "tactic": "defense-evasion", 1368 | "color": "", 1369 | "comment": "", 1370 | "enabled": true, 1371 | "metadata": [], 1372 | "showSubtechniques": true 1373 | }, 1374 | { 1375 | "techniqueID": "T1552", 1376 | "tactic": "credential-access", 1377 | "color": "", 1378 | "comment": "", 1379 | "enabled": true, 1380 | "metadata": [], 1381 | "showSubtechniques": true 1382 | }, 1383 | { 1384 | "techniqueID": "T1550", 1385 | "tactic": "defense-evasion", 1386 | "color": "#fce93b", 1387 | "comment": "", 1388 | "enabled": true, 1389 | "metadata": [], 1390 | "showSubtechniques": true 1391 | }, 1392 | { 1393 | "techniqueID": "T1550", 1394 | "tactic": "lateral-movement", 1395 | "color": "#fce93b", 1396 | "comment": "", 1397 | "enabled": true, 1398 | "metadata": [], 1399 | "showSubtechniques": true 1400 | }, 1401 | { 1402 | "techniqueID": "T1550.002", 1403 | "tactic": "defense-evasion", 1404 | "color": "#fce93b", 1405 | "comment": "", 1406 | "enabled": true, 1407 | "metadata": [], 1408 | "showSubtechniques": false 1409 | }, 1410 | { 1411 | "techniqueID": "T1550.002", 1412 | "tactic": "lateral-movement", 1413 | "color": "#fce93b", 1414 | "comment": "", 1415 | "enabled": true, 1416 | "metadata": [], 1417 | "showSubtechniques": false 1418 | }, 1419 | { 1420 | "techniqueID": "T1550.003", 1421 | "tactic": "defense-evasion", 1422 | "color": "#fce93b", 1423 | "comment": "", 1424 | "enabled": true, 1425 | "metadata": [], 1426 | "showSubtechniques": false 1427 | }, 1428 | { 1429 | "techniqueID": "T1550.003", 1430 | "tactic": "lateral-movement", 1431 | "color": "#fce93b", 1432 | "comment": "", 1433 | "enabled": true, 1434 | "metadata": [], 1435 | "showSubtechniques": false 1436 | }, 1437 | { 1438 | "techniqueID": "T1204", 1439 | "tactic": "execution", 1440 | "color": "", 1441 | "comment": "", 1442 | "enabled": true, 1443 | "metadata": [], 1444 | "showSubtechniques": true 1445 | }, 1446 | { 1447 | "techniqueID": "T1078", 1448 | "tactic": "defense-evasion", 1449 | "color": "", 1450 | "comment": "", 1451 | "enabled": true, 1452 | "metadata": [], 1453 | "showSubtechniques": true 1454 | }, 1455 | { 1456 | "techniqueID": "T1078", 1457 | "tactic": "persistence", 1458 | "color": "", 1459 | "comment": "", 1460 | "enabled": true, 1461 | "metadata": [], 1462 | "showSubtechniques": true 1463 | }, 1464 | { 1465 | "techniqueID": "T1078", 1466 | "tactic": "privilege-escalation", 1467 | "color": "", 1468 | "comment": "", 1469 | "enabled": true, 1470 | "metadata": [], 1471 | "showSubtechniques": true 1472 | }, 1473 | { 1474 | "techniqueID": "T1078", 1475 | "tactic": "initial-access", 1476 | "color": "", 1477 | "comment": "", 1478 | "enabled": true, 1479 | "metadata": [], 1480 | "showSubtechniques": true 1481 | }, 1482 | { 1483 | "techniqueID": "T1125", 1484 | "tactic": "collection", 1485 | "color": "#e6d60d", 1486 | "comment": "", 1487 | "enabled": true, 1488 | "metadata": [], 1489 | "showSubtechniques": false 1490 | }, 1491 | { 1492 | "techniqueID": "T1497", 1493 | "tactic": "defense-evasion", 1494 | "color": "", 1495 | "comment": "", 1496 | "enabled": true, 1497 | "metadata": [], 1498 | "showSubtechniques": true 1499 | }, 1500 | { 1501 | "techniqueID": "T1497", 1502 | "tactic": "discovery", 1503 | "color": "", 1504 | "comment": "", 1505 | "enabled": true, 1506 | "metadata": [], 1507 | "showSubtechniques": true 1508 | }, 1509 | { 1510 | "techniqueID": "T1102", 1511 | "tactic": "command-and-control", 1512 | "color": "", 1513 | "comment": "", 1514 | "enabled": true, 1515 | "metadata": [], 1516 | "showSubtechniques": true 1517 | } 1518 | ], 1519 | "gradient": { 1520 | "colors": [ 1521 | "#ff6666", 1522 | "#ffe766", 1523 | "#8ec843" 1524 | ], 1525 | "minValue": 0, 1526 | "maxValue": 100 1527 | }, 1528 | "legendItems": [], 1529 | "metadata": [], 1530 | "showTacticRowBackground": false, 1531 | "tacticRowBackground": "#dddddd", 1532 | "selectTechniquesAcrossTactics": true, 1533 | "selectSubtechniquesWithParent": false 1534 | } --------------------------------------------------------------------------------