Linux Technique Matrix

From enterprise
Jump to: navigation, search
Persistence .bash_profile and .bashrcBootkitCron JobHidden Files and DirectoriesRc.commonRedundant AccessTrapValid AccountsWeb Shell
Privilege Escalation Exploitation of VulnerabilitySetuid and SetgidSudoValid AccountsWeb Shell
Defense Evasion Binary PaddingClear Command HistoryDisabling Security ToolsExploitation of VulnerabilityFile DeletionHISTCONTROLHidden Files and DirectoriesIndicator Removal from ToolsIndicator Removal on HostInstall Root CertificateMasqueradingRedundant AccessScriptingSpace after FilenameTimestompValid Accounts
Credential Access Bash HistoryBrute ForceCreate AccountCredentials in FilesExploitation of VulnerabilityInput CaptureNetwork SniffingPrivate KeysTwo-Factor Authentication Interception
Discovery Account DiscoveryFile and Directory DiscoveryPermission Groups DiscoveryProcess DiscoverySystem Information DiscoverySystem Network Configuration DiscoverySystem Network Connections DiscoverySystem Owner/User Discovery
Lateral Movement Application Deployment SoftwareExploitation of VulnerabilityRemote File CopyRemote ServicesThird-party Software
Execution Command-Line InterfaceGraphical User InterfaceScriptingSourceSpace after FilenameThird-party SoftwareTrap
Collection Audio CaptureAutomated CollectionClipboard DataData StagedData from Local SystemData from Network Shared DriveData from Removable MediaInput CaptureScreen Capture
Exfiltration Automated ExfiltrationData CompressedData EncryptedData Transfer Size LimitsExfiltration Over Alternative ProtocolExfiltration Over Command and Control ChannelExfiltration Over Other Network MediumExfiltration Over Physical MediumScheduled Transfer
Command and Control Commonly Used PortCommunication Through Removable MediaConnection ProxyCustom Command and Control ProtocolCustom Cryptographic ProtocolData EncodingData ObfuscationFallback ChannelsMulti-Stage ChannelsMultiband CommunicationMultilayer EncryptionRemote File CopyStandard Application Layer ProtocolStandard Cryptographic ProtocolStandard Non-Application Layer ProtocolUncommonly Used PortWeb Service