Technique List

Technique Name Technique ID's Categories Snippet(s) Rules(s) OS Creation Date
Indicator Removal: Clear Persistence T1070.009 Defense Evasion [Mitre] 3 years
Indicator Removal: Clear Mailbox Data T1070.008 Defense Evasion [Mitre] 3 years
Indicator Removal: Clear Network Connection History and Configurations T1070.007 Defense Evasion [Mitre] 3 years
Indicator Removal: Network Share Connection Removal T1070.005 Defense Evasion [Mitre] 3 years
Indicator Removal: File Deletion T1070.004 Defense Evasion [Mitre] 3 years
Indicator Removal: Clear Command History T1070.003 Defense Evasion [Mitre] 3 years
Impair Defenses: Downgrade Attack T1562.010 Defense Evasion [Mitre] 3 years
Impair Defenses: Safe Mode Boot T1562.009 Defense Evasion [Mitre] 3 years
Impair Defenses: Indicator Blocking T1562.006 Defense Evasion [Mitre] 3 years
Impair Defenses: Disable or Modify System Firewall T1562.004 Defense Evasion [Mitre] 3 years
Impair Defenses: Impair Command History Logging T1562.003 Defense Evasion [Mitre] 3 years
Impair Defenses: Disable Windows Event Logging T1562.002 Defense Evasion [Mitre] 3 years
Impair Defenses: Disable or Modify Tools T1562.001 Defense Evasion [Mitre] 3 years
Exploitation for Defense Evasion T1211 Defense Evasion [Mitre] 3 years, 1 month
Direct Volume Access T1006 Defense Evasion [Mitre] 3 years, 1 month
Deobfuscate/Decode Files or Information T1140 Defense Evasion [Mitre] 3 years, 1 month
Debugger Evasion T1622 Defense Evasion [Mitre] 3 years, 1 month
BITS Jobs T1197 Defense Evasion [Mitre] 3 years, 1 month
Hijack Execution Flow: KernelCallbackTable T1574.013 Defense Evasion [Mitre] 3 years, 1 month
Hijack Execution Flow: COR_PROFILER T1574.012 Defense Evasion [Mitre] 3 years, 1 month
Hijack Execution Flow: Services Registry Permissions Weakness T1574.011 Defense Evasion [Mitre] 3 years, 1 month
Hijack Execution Flow: Services File Permissions Weakness T1574.010 Defense Evasion [Mitre] 3 years, 1 month
Hijack Execution Flow: Path Interception by Unquoted Path T1574.009 Defense Evasion [Mitre] 3 years, 1 month
Hijack Execution Flow: Path Interception by Search Order Hijacking T1574.008 Defense Evasion [Mitre] 3 years, 1 month
Hijack Execution Flow: Path Interception by PATH Environment Variable T1574.007 Defense Evasion [Mitre] 3 years, 1 month
Hijack Execution Flow: Executable Installer File Permissions Weakness T1574.005 Defense Evasion [Mitre] 3 years, 1 month
Hijack Execution Flow: DLL Side-Loading T1574.002 Defense Evasion [Mitre] 3 years, 1 month
Hide Artifacts: Process Argument Spoofing T1564.010 Defense Evasion [Mitre] 3 years, 1 month
Hide Artifacts: Email Hiding Rules T1564.008 Defense Evasion [Mitre] 3 years, 1 month
Hide Artifacts: VBA Stomping T1564.007 Defense Evasion [Mitre] 3 years, 1 month
Filter
Clear