| T1021.001 | Remote Desktop Protocol | | Lateral Movement | MITRE ATT&CK |
| T1040_Windows | Network Sniffing (Windows) | Windows | Credential Access, Discovery | MITRE ATT&CK |
| T1047_Windows | Windows Management Instrumentation | Windows | Execution | MITRE ATT&CK |
| T1053.005_Windows | Scheduled Task/Job: Scheduled Task | Windows | Execution, Persistence, Privilege Escalation | MITRE ATT&CK |
| T1059.004 | Unix Shell | | Execution | MITRE ATT&CK |
| T1059.005 | Windows Command Shell | | Execution | MITRE ATT&CK |
| T1068 | Exploitation for Privilege Escalation | | Privilege Escalation | MITRE ATT&CK |
| T1069.001 | Local Groups | | Discovery | MITRE ATT&CK |
| T1203_Windows | Exploitation for Client Execution (Windows) | Windows | Execution | MITRE ATT&CK |
| T1211 | Exploitation for Defense Evasion | | Defense Evasion | MITRE ATT&CK |
| T1211_Windows | Exploitation for Defense Evasion (Windows) | Windows | Defense Evasion | MITRE ATT&CK |
| T1219 | Remote Access Software | | Command and Control | MITRE ATT&CK |
| T1495_Windows | Firmware Corruption | Windows | Impact | MITRE ATT&CK |
| T1499.004 | Application or System Exploitation | | Impact | MITRE ATT&CK |
| T1518.001_Windows | Software Discovery: Security Software Discovery | Windows | Discovery | MITRE ATT&CK |
| T1547.002 | Authentication Package | | Persistence, Privilege Escalation | MITRE ATT&CK |
| T1547.005_Windows | Boot or Logon Autostart Execution: Security Support Provider | Windows | Persistence, Privilege Escalation | MITRE ATT&CK |
| T1552.002_Windows | Unsecured Credentials: Credentials in Registry
| Windows | Credential Access | MITRE ATT&CK |
| T1574.009 | Path Interception by Unquoted Path | | Persistence, Privilege Escalation, Defense Evasion | MITRE ATT&CK |
| T1574.009_Windows | Path Interception by Unquoted Path | Windows | Persistence, Privilege Escalation, Defense Evasion | MITRE ATT&CK |
| T1574.011 | Services Registry Permissions Weakness | | Persistence, Privilege Escalation, Defense Evasion | MITRE ATT&CK |
| T1518.001 | Security Software Discovery | | Discovery | MITRE ATT&CK |
| T1210 | Exploitation of Remote Services | | Lateral Movement | MITRE ATT&CK |
| WAS.113162 | MySQLjs SQL Injection Authentication Bypass | | Injection | OWASP |
| WAS.98113 | XML External Entity | | Security Misconfiguration | OWASP |
| WAS.98116 | NoSQL Injection | | Injection | OWASP |
| WAS.98123 | Operating System Command Injection | | Injection | OWASP |
