T1537_AWS | Transfer Data to Cloud Account | AWS | Exfiltration | MITRE ATT&CK |
T1098.001_AWS | Account Manipulation: Additional Cloud Credentials | AWS | Persistence | MITRE ATT&CK |
T1619_AWS | Cloud Storage Object Discovery(AWS) | AWS | Discovery | MITRE ATT&CK |
T1110.001_Windows | Brute Force: Password Guessing (Windows) | Windows | Credential Access | MITRE ATT&CK |
T1110.003_Windows | Brute Force: Password Spraying (Windows) | Windows | Credential Access | MITRE ATT&CK |
T1482_Windows | Domain Trust Discovery | Windows | Discovery | MITRE ATT&CK |
T1133_AWS | External Remote Services | Windows | Initial Access, Persistence | MITRE ATT&CK |
T1530_AWS | Data from Cloud Storage Object (AWS) | AWS | Collection | MITRE ATT&CK |
T1134.005_Windows | Access Token Manipulation: SID-History Injection | Windows | Defense Evasion, Privilege Escalation | MITRE ATT&CK |
T1558.004_Windows | Steal or Forge Kerberos Tickets: AS-REP Roasting | Windows | Credential Access | MITRE ATT&CK |
WAS.112614 | Server-Side Template Injection | Web Application | Injection | OWASP |
WAS.113310 | Blind XPath Injection (differential analysis) | Web Application | Injection | OWASP |
WAS.98122 | Code Injection (Timing Attack) | Web Application | Injection | OWASP |
WAS.98114 | XPath Injection | Web Application | Injection | OWASP |
WAS.98123 | Operating System Command Injection | Web Application | Injection | OWASP |
T1558.001_Windows | Steal or Forge Kerberos Tickets: Golden Ticket | Windows | Credential Access | MITRE ATT&CK |
T1110.004_Windows | Brute Force: Credential Stuffing (Windows) | Windows | Credential Access | MITRE ATT&CK |
T1087.004_AWS | Account Discovery: Cloud Account (AWS) | AWS | Discovery | MITRE ATT&CK |
T1114.002_Windows | Remote Email Collection | Windows | Collection | MITRE ATT&CK |
T1204.002_AWS | User Execution: Malicious File (AWS) | AWS | Execution | MITRE ATT&CK |
T1207_Windows | Rogue Domain Controller | Windows | Defense Evasion | MITRE ATT&CK |
T1648_AWS | Serverless Execution | AWS | Execution | MITRE ATT&CK |
T1003.006_Windows | OS Credential Dumping: DCSync | Windows | Credential Access | MITRE ATT&CK |
T1548_Windows | Abuse Elevation Control Mechanism | Windows | Privilege Escalation, Defense Evasion | MITRE ATT&CK |
T1558.003_Windows | Steal or Forge Kerberos Tickets: Kerberoasting | Windows | Credential Access | MITRE ATT&CK |
WAS.113317 | Expression Language Injection | Web Application | Injection | OWASP |
WAS.98115 | SQL Injection | Web Application | Injection | OWASP |
WAS.98116 | NoSQL Injection | Web Application | Injection | OWASP |
WAS.98120 | Code Injection | Web Application | Injection | OWASP |
T1190_WAS | Exploit Public-Facing Application | Web Application | Initial Access | MITRE ATT&CK |
T1069.003_AWS | Permission Groups Discovery: Cloud Groups (AWS) | AWS | Discovery | MITRE ATT&CK |
T1528_AWS | Steal Application Access Token (AWS) | AWS | Collection | MITRE ATT&CK |
T1580_AWS | Cloud Infrastructure Discovery(AWS) | AWS | Discovery | MITRE ATT&CK |
T1037.003_Windows | Boot or Logon Initialization Scripts: Network Logon Script (Windows) | Windows | Persistence, Privilege Escalation | MITRE ATT&CK |
T1484.001_Windows | Domain Policy Modification: Group Policy Modification | Windows | Defense Evasion, Privilege Escalation | MITRE ATT&CK |
WAS.113634 | Server-Side Inclusion Injection | Web Application | Injection | OWASP |
WAS.98117 | Blind SQL Injection (differential analysis) | Web Application | Injection | OWASP |
WAS.98118 | Blind SQL Injection (timing attack) | Web Application | Injection | OWASP |
WAS.98127 | LDAP Injection Authentication Bypass | Web Application | Injection | OWASP |
WAS.98113 | XML External Entity | Web Application | Injection | OWASP |
WAS.98119 | Blind NoSQL Injection (differential analysis) | Web Application | Injection | OWASP |
WAS.98121 | Code Injection (Php://input Wrapper) | Web Application | Injection | OWASP |
WAS.98124 | Operating System Command Injection (Timing Attack) | Web Application | Injection | OWASP |