| T1134.001_Windows | Access Token Manipulation: Token Impersonation/Theft (Windows) | Windows | Defense Evasion, Privilege Escalation | MITRE ATT&CK |
| T1134.002_Windows | Access Token Manipulation: Create Process with Token | Windows | Defense Evasion, Privilege Escalation | MITRE ATT&CK |
| WAS.113337 | NoSQL Injection Authentication Bypass | Web Application | Injection | OWASP |
| WAS.113331 | LDAP Injection Authentication Bypass | Web Application | Injection | OWASP |
| T1021.002_Windows | Remote Services: SMB/Windows Admin Shares | Windows | Lateral Movement | MITRE ATT&CK |
| T1049_Windows | System Network Connections Discovery (Windows) | Windows | Discovery | MITRE ATT&CK |
| WAS.113069 | SQL Injection Authentication Bypass | Web Application | Injection | OWASP |
| WAS.113309 | XPath Injection Authentication Bypass | Web Application | Injection | OWASP |
| T1557.001_Windows | Adversary-in-the-Middle: LLMNR/NBT-NS Poisoning and SMB Relay | Windows | Credential Access, Collection | MITRE ATT&CK |
| WAS.113162 | MySQLjs SQL Injection Authentication Bypass | Web Application | Injection | OWASP |
