Detections
Analytics

Attack Path Techniques Search

IDNamePlatformFamilyFramework
WAS.113212Content InjectionWeb ApplicationInjectionOWASP
WAS.98113XML External EntityWeb ApplicationSecurity MisconfigurationOWASP
WAS.98119Blind NoSQL Injection (differential analysis)Web ApplicationInjectionOWASP
WAS.98121Code Injection (Php://input Wrapper)Web ApplicationInjectionOWASP
WAS.98124Operating System Command Injection (Timing Attack)Web ApplicationInjectionOWASP
T1110.001_WindowsBrute Force: Password Guessing (Windows)WindowsCredential AccessMITRE ATT&CK
T1110.003_WindowsBrute Force: Password Spraying (Windows)WindowsCredential AccessMITRE ATT&CK
T1482_WindowsDomain Trust DiscoveryWindowsDiscoveryMITRE ATT&CK
T1537_AWSTransfer Data to Cloud AccountAWSExfiltrationMITRE ATT&CK
T1619_AWSCloud Storage Object Discovery(AWS)AWSDiscoveryMITRE ATT&CK
T1003.006_WindowsOS Credential Dumping: DCSyncWindowsCredential AccessMITRE ATT&CK
T1087.004_AWSAccount Discovery: Cloud Account (AWS)AWSDiscoveryMITRE ATT&CK
T1098.004SSH Authorized KeysCloudPrivilege Escalation, PersistenceMITRE ATT&CK
T1114.002_WindowsRemote Email CollectionWindowsCollectionMITRE ATT&CK
T1204.002_AWSUser Execution: Malicious File (AWS)AWSExecutionMITRE ATT&CK
T1207_WindowsRogue Domain ControllerWindowsDefense EvasionMITRE ATT&CK
T1548.005_AzureAbuse Elevation Control Mechanism: Temporary Elevated Cloud AccessEntra IDDefense Evasion, Privilege EscalationMITRE ATT&CK
T1548_WindowsAbuse Elevation Control MechanismWindowsPrivilege Escalation, Defense EvasionMITRE ATT&CK
T1558.003_WindowsSteal or Forge Kerberos Tickets: KerberoastingWindowsCredential AccessMITRE ATT&CK
T1648_AWSServerless ExecutionAWSExecutionMITRE ATT&CK
WAS.112439Server-Side Request ForgeryWeb ApplicationServer-Side Request Forgery (SSRF)OWASP
WAS.112614Server-Side Template InjectionWeb ApplicationInjectionOWASP
WAS.113162My SQL Injection Authentication BypassWeb ApplicationInjectionOWASP
WAS.113310Blind XPath Injection (differential analysis)Web ApplicationInjectionOWASP
WAS.98122Code Injection (Timing Attack)Web ApplicationInjectionOWASP
WAS.112684Client Side Template InjectionWeb ApplicationInjectionOWASP
WAS.98117Blind SQL Injection (differential analysis)Web ApplicationInjectionOWASP
WAS.98118Blind SQL Injection (timing attack)Web ApplicationInjectionOWASP
WAS.98127LDAP Injection Authentication BypassWeb ApplicationInjectionOWASP
WAS.113634Server-Side Includes (SSI) InjectionWeb ApplicationInjectionOWASP