Consists of techniques that result in adversary-controlled code running on a local or remote system.
Consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access.
Consists of techniques that adversaries use to avoid detection throughout their compromise.
Consists of techniques for stealing credentials like account names and passwords.
Consists of techniques an adversary may use to gain knowledge about the system and internal network.
Consists of techniques that adversaries use to enter and control remote systems on a network.
Command & Control
Consists of techniques that adversaries may use to communicate with systems under their control within a victim network.
Consists of techniques adversaries may use to gather information and the sources information is collected from that are relevant to following through on the adversary's objectives.
Consists of techniques that adversaries may use to steal data from your network.