# Mitre Attack

- [Initial Access](/mitre/mitre/ta0001.md): Initial Access \[TA0001]
- [Valid Accounts](/mitre/mitre/ta0001/t1078.md): Valid Accounts \[T1078]
- [Default Accounts](/mitre/mitre/ta0001/t1078/t1078.001.md): Default Accounts \[T1078.001]
- [Domain Accounts](/mitre/mitre/ta0001/t1078/t1078.002.md): Domain Accounts \[T1078.002]
- [Local Accounts](/mitre/mitre/ta0001/t1078/t1078.003.md): Local Accounts \[T1078.003]
- [Cloud Accounts](/mitre/mitre/ta0001/t1078/t1078.004.md): Cloud Accounts \[T1078.004]
- [Replication Through Removable Media](/mitre/mitre/ta0001/t1091.md): Replication Through Removable Media \[T1091]
- [External Remote Services](/mitre/mitre/ta0001/t1133.md): External Remote Services \[T1133]
- [Drive-by Compromise](/mitre/mitre/ta0001/t1189.md): Drive-by Compromise \[T1189]
- [Exploit Public-Facing Application](/mitre/mitre/ta0001/t1190.md): Exploit Public-Facing Application \[T1190]
- [Supply Chain Compromise](/mitre/mitre/ta0001/t1195.md): Supply Chain Compromise \[T1195]
- [Compromise Software Dependencies and Development Tools](/mitre/mitre/ta0001/t1195/t1195.001.md): Compromise Software Dependencies and Development Tools \[T1195.001]
- [Compromise Software Supply Chain](/mitre/mitre/ta0001/t1195/t1195.002.md): Compromise Software Supply Chain \[T1195.002]
- [Compromise Hardware Supply Chain](/mitre/mitre/ta0001/t1195/t1195.003.md): Compromise Hardware Supply Chain \[T1195.003]
- [Trusted Relationship](/mitre/mitre/ta0001/t1199.md): Trusted Relationship \[T1199]
- [Hardware Additions](/mitre/mitre/ta0001/t1200.md): Hardware Additions \[T1200]
- [Phishing](/mitre/mitre/ta0001/t1566.md): Phishing \[T1566]
- [Spearphishing Attachment](/mitre/mitre/ta0001/t1566/t1566.001.md): Spearphishing Attachment \[T1566.001]
- [Spearphishing Link](/mitre/mitre/ta0001/t1566/t1566.002.md): Spearphishing Link \[T1566.002]
- [Spearphishing via Service](/mitre/mitre/ta0001/t1566/t1566.003.md): Spearphishing via Service \[T1566.003]
- [Spearphishing Voice](/mitre/mitre/ta0001/t1566/t1566.004.md): Spearphishing Voice \[T1566.004]
- [Execution](/mitre/mitre/ta0002.md): Execution \[TA0002]
- [Windows Management Instrumentation](/mitre/mitre/ta0002/t1047.md): Windows Management Instrumentation \[T1047]
- [Scheduled Task/Job](/mitre/mitre/ta0002/t1053.md): Scheduled Task/Job \[T1053]
- [At](/mitre/mitre/ta0002/t1053/t1053.002.md): At \[T1053.002]
- [Cron](/mitre/mitre/ta0002/t1053/t1053.003.md): Cron \[T1053.003]
- [Scheduled Task](/mitre/mitre/ta0002/t1053/t1053.005.md): Scheduled Task \[T1053.005]
- [Systemd Timers](/mitre/mitre/ta0002/t1053/t1053.006.md): Systemd Timers \[T1053.006]
- [Container Orchestration Job](/mitre/mitre/ta0002/t1053/t1053.007.md): Container Orchestration Job \[T1053.007]
- [Command and Scripting Interpreter](/mitre/mitre/ta0002/t1059.md): Command and Scripting Interpreter \[T1059]
- [PowerShell](/mitre/mitre/ta0002/t1059/t1059.001.md): PowerShell \[T1059.001]
- [AppleScript](/mitre/mitre/ta0002/t1059/t1059.002.md): AppleScript \[T1059.002]
- [Windows Command Shell](/mitre/mitre/ta0002/t1059/t1059.003.md): Windows Command Shell \[T1059.003]
- [Unix Shell](/mitre/mitre/ta0002/t1059/t1059.004.md): Unix Shell \[T1059.004]
- [Visual Basic](/mitre/mitre/ta0002/t1059/t1059.005.md): Visual Basic \[T1059.005]
- [Python](/mitre/mitre/ta0002/t1059/t1059.006.md): Python \[T1059.006]
- [JavaScript](/mitre/mitre/ta0002/t1059/t1059.007.md): JavaScript \[T1059.007]
- [Network Device CLI](/mitre/mitre/ta0002/t1059/t1059.008.md): Network Device CLI \[T1059.008]
- [Cloud API](/mitre/mitre/ta0002/t1059/t1059.009.md): Cloud API \[T1059.009]
- [AutoHotKey & AutoIT](/mitre/mitre/ta0002/t1059/t1059.010.md): AutoHotkey & AutoIt \[T1059.010]
- [Lua](/mitre/mitre/ta0002/t1059/t1059.011.md): Lua \[T1059.011]
- [Software Deployment Tools](/mitre/mitre/ta0002/t1072.md): Software Deployment Tools \[T1072]
- [Native API](/mitre/mitre/ta0002/t1106.md): Native API \[T1106]
- [Shared Modules](/mitre/mitre/ta0002/t1129.md): Shared Modules \[T1129]
- [Exploitation for Client Execution](/mitre/mitre/ta0002/t1203.md): Exploitation for Client Execution \[T1203]
- [User Execution](/mitre/mitre/ta0002/t1204.md): User Execution \[T1204]
- [Malicious Link](/mitre/mitre/ta0002/t1204/t1204.001.md): Malicious Link \[T1204.001]
- [Malicious File](/mitre/mitre/ta0002/t1204/t1204.002.md): Malicious File \[T1204.002]
- [Malicious Image](/mitre/mitre/ta0002/t1204/t1204.003.md): Malicious Image \[T1204.003]
- [Inter-Process Communication](/mitre/mitre/ta0002/t1559.md): Inter-Process Communication \[T1559]
- [Component Object Model](/mitre/mitre/ta0002/t1559/t1559.001.md): Component Object Model \[T1559.001]
- [Dynamic Data Exchange](/mitre/mitre/ta0002/t1559/t1559.002.md): Dynamic Data Exchange \[T1559.002]
- [XPC Services](/mitre/mitre/ta0002/t1559/t1559.003.md): XPC Services \[T1559.003]
- [System Services](/mitre/mitre/ta0002/t1569.md): System Services \[T1569]
- [Launchctl](/mitre/mitre/ta0002/t1569/t1569.001.md): Launchctl \[T1569.001]
- [Service Execution](/mitre/mitre/ta0002/t1569/t1569.002.md): Service Execution \[T1569.002]
- [Container Administration Command](/mitre/mitre/ta0002/t1609.md): Container Administration Command \[T1609]
- [Deploy Container](/mitre/mitre/ta0002/t1609/t1609.001.md): Deploy Container \[T1609.001]
- [Serverless Execution](/mitre/mitre/ta0002/t1648.md): Serverless Execution \[T1648]
- [Cloud Administration Command](/mitre/mitre/ta0002/t1651.md): Cloud Administration Command \[T1651]
- [Persistence](/mitre/mitre/ta0003.md): Persistence \[TA0003]
- [Boot or Logon Initialization Scripts](/mitre/mitre/ta0003/t1037.md): Boot or Logon Initialization Scripts \[T1037]
- [Logon Script (Windows)](/mitre/mitre/ta0003/t1037/t1037.001.md): Logon Script (Windows) \[T1037.001]
- [Login Hook](/mitre/mitre/ta0003/t1037/t1037.002.md): Login Hook \[T1037.002]
- [Network Logon Script](/mitre/mitre/ta0003/t1037/t1037.003.md): Network Logon Script \[T1037.003]
- [RC Scripts](/mitre/mitre/ta0003/t1037/t1037.004.md): RC Scripts \[T1037.004]
- [Startup Items](/mitre/mitre/ta0003/t1037/t1037.005.md): Startup Items \[T1037.005]
- [Scheduled Task/Job](/mitre/mitre/ta0003/t1053.md): Scheduled Task/Job \[T1053]
- [At](/mitre/mitre/ta0003/t1053/t1053.002.md): At \[T1053.002]
- [Cron](/mitre/mitre/ta0003/t1053/t1053.003.md): Cron \[T1053.003]
- [Scheduled Task](/mitre/mitre/ta0003/t1053/t1053.005.md): Scheduled Task \[T1053.005]
- [Systemd Timers](/mitre/mitre/ta0003/t1053/t1053.006.md): Systemd Timers \[T1053.006]
- [Container Orchestration Job](/mitre/mitre/ta0003/t1053/t1053.007.md): Container Orchestration Job \[T1053.007]
- [Valid Accounts](/mitre/mitre/ta0003/t1078.md): Valid Accounts \[T1078]
- [Default Accounts](/mitre/mitre/ta0003/t1078/t1078.001.md): Default Accounts \[T1078.001]
- [Domain Accounts](/mitre/mitre/ta0003/t1078/t1078.002.md): Domain Accounts \[T1078.002]
- [Local Accounts](/mitre/mitre/ta0003/t1078/t1078.003.md): Local Accounts \[T1078.003]
- [Cloud Accounts](/mitre/mitre/ta0003/t1078/t1078.004.md): Cloud Accounts \[T1078.004]
- [Account Manipulation](/mitre/mitre/ta0003/t1098.md): Account Manipulation \[T1098]
- [Additional Cloud Credentials](/mitre/mitre/ta0003/t1098/t1098.001.md): Additional Cloud Credentials \[T1098.001]
- [Additional Email Delegate Permissions](/mitre/mitre/ta0003/t1098/t1098.002.md): Additional Email Delegate Permissions \[T1098.002]
- [Additional Cloud Roles](/mitre/mitre/ta0003/t1098/t1098.003.md): Additional Cloud Roles \[T1098.003]
- [SSH Authorized Keys](/mitre/mitre/ta0003/t1098/t1098.004.md): SSH Authorized Keys \[T1098.004]
- [Device Registration](/mitre/mitre/ta0003/t1098/t1098.005.md): Device Registration \[T1098.005]
- [Additional Container Cluster Roles](/mitre/mitre/ta0003/t1098/t1098.006.md): Additional Container Cluster Roles \[T1098.006]
- [Additional Local or Domain Groups](/mitre/mitre/ta0003/t1098/t1098.007.md): Additional Local or Domain Groups \[T1098.007]
- [External Remote Services](/mitre/mitre/ta0003/t1133.md): External Remote Services \[T1133]
- [Create Account](/mitre/mitre/ta0003/t1136.md): Create Account \[T1136]
- [Local Account](/mitre/mitre/ta0003/t1136/t1136.001.md): Local Account \[T1136.001]
- [Domain Account](/mitre/mitre/ta0003/t1136/t1136.002.md): Domain Account \[T1136.002]
- [Cloud Account](/mitre/mitre/ta0003/t1136/t1136.003.md): Cloud Account \[T1136.003]
- [Office Application Startup](/mitre/mitre/ta0003/t1137.md): Office Application Startup \[T1137]
- [Office Template Macros](/mitre/mitre/ta0003/t1137/t1137.001.md): Office Template Macros \[T1137.001]
- [Office Test](/mitre/mitre/ta0003/t1137/t1137.002.md): Office Test \[T1137.002]
- [Outlook Forms](/mitre/mitre/ta0003/t1137/t1137.003.md): Outlook Forms \[T1137.003]
- [Outlook Home Page](/mitre/mitre/ta0003/t1137/t1137.004.md): Outlook Home Page \[T1137.004]
- [Outlook Rules](/mitre/mitre/ta0003/t1137/t1137.005.md): Outlook Rules \[T1137.005]
- [Add-ins](/mitre/mitre/ta0003/t1137/t1137.006.md): Add-ins \[T1137.006]
- [Browser Extensions](/mitre/mitre/ta0003/t1176.md): Browser Extensions \[T1176]
- [BITS Jobs](/mitre/mitre/ta0003/t1197.md): BITS Jobs \[T1197]
- [Traffic Signaling](/mitre/mitre/ta0003/t1205.md): Traffic Signaling \[T1205]
- [Port Knocking](/mitre/mitre/ta0003/t1205/t1205.001.md): Port Knocking \[T1205.001]
- [Socket Filters](/mitre/mitre/ta0003/t1205/t1205.002.md): Socket Filters \[T1205.002]
- [Server Software Component](/mitre/mitre/ta0003/t1505.md): Server Software Component \[T1505]
- [SQL Stored Procedures](/mitre/mitre/ta0003/t1505/t1505.001.md): SQL Stored Procedures \[T1505.001]
- [Transport Agent](/mitre/mitre/ta0003/t1505/t1505.002.md): Transport Agent \[T1505.002]
- [Web Shell](/mitre/mitre/ta0003/t1505/t1505.003.md): Web Shell \[T1505.003]
- [IIS Components](/mitre/mitre/ta0003/t1505/t1505.004.md): IIS Components \[T1505.004]
- [Terminal Services DLL](/mitre/mitre/ta0003/t1505/t1505.005.md): Terminal Services DLL \[T1505.005]
- [Implant Internal Image](/mitre/mitre/ta0003/t1525.md): Implant Internal Image \[T1525]
- [Pre-OS Boot](/mitre/mitre/ta0003/t1542.md): Pre-OS Boot \[T1542]
- [System Firmware](/mitre/mitre/ta0003/t1542/t1542.001.md): System Firmware \[T1542.001]
- [Component Firmware](/mitre/mitre/ta0003/t1542/t1542.002.md): Component Firmware \[T1542.002]
- [Bootkit](/mitre/mitre/ta0003/t1542/t1542.003.md): Bootkit \[T1542.003]
- [ROMMONkit](/mitre/mitre/ta0003/t1542/t1542.004.md): ROMMONkit \[T1542.004]
- [TFTP Boot](/mitre/mitre/ta0003/t1542/t1542.005.md): TFTP Boot \[T1542.005]
- [Create or Modify System Process](/mitre/mitre/ta0003/t1543.md): Create or Modify System Process \[T1543]
- [Launch Agent](/mitre/mitre/ta0003/t1543/t1543.001.md): Launch Agent \[T1543.001]
- [Systemd Service](/mitre/mitre/ta0003/t1543/t1543.002.md): Systemd Service \[T1543.002]
- [Windows Service](/mitre/mitre/ta0003/t1543/t1543.003.md): Windows Service \[T1543.003]
- [Launch Daemon](/mitre/mitre/ta0003/t1543/t1543.004.md): Launch Daemon \[T1543.004]
- [Container Service](/mitre/mitre/ta0003/t1543/t1543.005.md): Container Service \[T1543.005]
- [Event Triggered Execution](/mitre/mitre/ta0003/t1546.md): Event Triggered Execution \[T1546]
- [Change Default File Association](/mitre/mitre/ta0003/t1546/t1546.001.md): Change Default File Association \[T1546.001]
- [Screensaver](/mitre/mitre/ta0003/t1546/t1546.002.md): Screensaver \[T1546.002]
- [Windows Management Instrumentation Event Subscription](/mitre/mitre/ta0003/t1546/t1546.003.md): Windows Management Instrumentation Event Subscription \[T1546.003]
- [Unix Shell Configuration Modification](/mitre/mitre/ta0003/t1546/t1546.004.md): Unix Shell Configuration Modification \[T1546.004]
- [Trap](/mitre/mitre/ta0003/t1546/t1546.005.md): Trap \[T1546.005]
- [LC\_LOAD\_DYLIB Addition](/mitre/mitre/ta0003/t1546/t1546.006.md): LC\_LOAD\_DYLIB Addition \[T1546.006]
- [Netsh Helper DLL](/mitre/mitre/ta0003/t1546/t1546.007.md): Netsh Helper DLL \[T1546.007]
- [Accessibility Features](/mitre/mitre/ta0003/t1546/t1546.008.md): Accessibility Features \[T1546.008]
- [AppCert DLLs](/mitre/mitre/ta0003/t1546/t1546.009.md): AppCert DLLs \[T1546.009]
- [AppInit DLLs](/mitre/mitre/ta0003/t1546/t1546.010.md): AppInit DLLs \[T1546.010]
- [Application Shimming](/mitre/mitre/ta0003/t1546/t1546.011.md): Application Shimming \[T1546.011]
- [Image File Execution Options Injection](/mitre/mitre/ta0003/t1546/t1546.012.md): Image File Execution Options Injection \[T1546.012]
- [PowerShell Profile](/mitre/mitre/ta0003/t1546/t1546.013.md): PowerShell Profile \[T1546.013]
- [Emond](/mitre/mitre/ta0003/t1546/t1546.014.md): Emond \[T1546.014]
- [Component Object Model Hijacking](/mitre/mitre/ta0003/t1546/t1546.015.md): Component Object Model Hijacking \[T1546.015]
- [Installer Packages](/mitre/mitre/ta0003/t1546/t1546.016.md): Installer Packages \[T1546.016]
- [Udev Rules](/mitre/mitre/ta0003/t1546/t1546.017.md): Udev Rules \[T1546.017]
- [Boot or Logon Autostart Execution](/mitre/mitre/ta0003/t1547.md): Boot or Logon Autostart Execution \[T1547]
- [Registry Run Keys / Startup Folder](/mitre/mitre/ta0003/t1547/t1547.001.md): Registry Run Keys / Startup Folder \[T1547.001]
- [Authentication Package](/mitre/mitre/ta0003/t1547/t1547.002.md): Authentication Package \[T1547.002]
- [Time Providers](/mitre/mitre/ta0003/t1547/t1547.003.md): Time Providers \[T1547.003]
- [Winlogon Helper DLL](/mitre/mitre/ta0003/t1547/t1547.004.md): Winlogon Helper DLL \[T1547.004]
- [Security Support Provider](/mitre/mitre/ta0003/t1547/t1547.005.md): Security Support Provider \[T1547.005]
- [Kernel Modules and Extensions](/mitre/mitre/ta0003/t1547/t1547.006.md): Kernel Modules and Extensions \[T1547.006]
- [Re-opened Applications](/mitre/mitre/ta0003/t1547/t1547.007.md): Re-opened Applications \[T1547.007]
- [LSASS Driver](/mitre/mitre/ta0003/t1547/t1547.008.md): LSASS Driver \[T1547.008]
- [Shortcut Modification](/mitre/mitre/ta0003/t1547/t1547.009.md): Shortcut Modification \[T1547.009]
- [Port Monitors](/mitre/mitre/ta0003/t1547/t1547.010.md): Port Monitors \[T1547.010]
- [Plist Modification](/mitre/mitre/ta0003/t1547/t1547.011.md): Print Processors \[T1547.011]
- [XDG Autostart Entries](/mitre/mitre/ta0003/t1547/t1547.013.md): XDG Autostart Entries \[T1547.013]
- [Active Setup](/mitre/mitre/ta0003/t1547/t1547.014.md): Active Setup \[T1547.014]
- [Login Items](/mitre/mitre/ta0003/t1547/t1547.015.md): Login Items \[T1547.015]
- [Compromise Host Software Binary](/mitre/mitre/ta0003/t1554.md): Compromise Host Software Binary \[T1554]
- [Modify Authentication Process](/mitre/mitre/ta0003/t1556.md): Modify Authentication Process \[T1556]
- [Domain Controller Authentication](/mitre/mitre/ta0003/t1556/t1556.001.md): Domain Controller Authentication \[T1556.001]
- [Password Filter DLL](/mitre/mitre/ta0003/t1556/t1556.002.md): Password Filter DLL \[T1556.002]
- [Pluggable Authentication Modules](/mitre/mitre/ta0003/t1556/t1556.003.md): Pluggable Authentication Modules \[T1556.003]
- [Network Device Authentication](/mitre/mitre/ta0003/t1556/t1556.004.md): Network Device Authentication \[T1556.004]
- [Reversible Encryption](/mitre/mitre/ta0003/t1556/t1556.005.md): Reverse Encryption \[T1556.005]
- [Multi-Factor Authentication](/mitre/mitre/ta0003/t1556/t1556.006.md): Multi-Factor Authentication \[T1556.006]
- [Hybrid Identity](/mitre/mitre/ta0003/t1556/t1556.007.md): Hybrid Identity \[T1556.007]
- [Network Provider DLL](/mitre/mitre/ta0003/t1556/t1556.008.md): Network Provider DLL \[T1556.008]
- [Conditional Access Policies](/mitre/mitre/ta0003/t1556/t1556.009.md): Conditional Access Policies \[T1556.009]
- [Hijack Execution Flow](/mitre/mitre/ta0003/t1574.md): Hijack Execution Flow \[T1574]
- [DLL Search Order Hijacking](/mitre/mitre/ta0003/t1574/t1574.001.md): DLL Search Order Hijacking \[T1574.001]
- [DLL Side-Loading](/mitre/mitre/ta0003/t1574/t1574.002.md): DLL Side-Loading \[T1574.002]
- [Dylib Hijacking](/mitre/mitre/ta0003/t1574/t1574.004.md): Dylib Hijacking \[T1574.004]
- [Executable Installer File Permissions Weakness](/mitre/mitre/ta0003/t1574/t1574.005.md): Executable Installer File Permissions Weakness \[T1574.005]
- [Dynamic Linker Hijacking](/mitre/mitre/ta0003/t1574/t1574.006.md): Dynamic Linker Hijacking \[T1574.006]
- [Path Interception by PATH Environment Variable](/mitre/mitre/ta0003/t1574/t1574.007.md): Path Interception by PATH Environment Variable \[T1574.007]
- [Path Interception by Search Order Hijacking](/mitre/mitre/ta0003/t1574/t1574.008.md): Path Interception by Search Order Hijacking \[T1574.008]
- [Path Interception by Unquoted Path](/mitre/mitre/ta0003/t1574/t1574.009.md): Path Interception by Unquoted Path \[T1574.009]
- [Services File Permissions Weakness](/mitre/mitre/ta0003/t1574/t1574.010.md): Services File Permissions Weakness \[T1574.010]
- [Services Registry Permissions Weakness](/mitre/mitre/ta0003/t1574/t1574.011.md): Services Registry Permissions Weakness \[T1574.011]
- [COR\_PROFILER](/mitre/mitre/ta0003/t1574/t1574.012.md): COR\_PROFILER \[T1574.012]
- [KernelCallbackTable](/mitre/mitre/ta0003/t1574/t1574.013.md): KernelCallbackTable \[T1574.013]
- [AppDomainManager](/mitre/mitre/ta0003/t1574/t1574.014.md): AppDomainManager \[T1574.014]
- [Privilege Escalation](/mitre/mitre/ta0004.md): Privilege Escalation \[TA0004]
- [Boot or Logon Initialization Scripts](/mitre/mitre/ta0004/t1037.md): Boot or Logon Initialization Scripts \[T1037]
- [Logon Script (Windows)](/mitre/mitre/ta0004/t1037/t1037.001.md): Logon Script (Windows) \[T1037.001]
- [Login Hook](/mitre/mitre/ta0004/t1037/t1037.002.md): Login Hook \[T1037.002]
- [Network Logon Script](/mitre/mitre/ta0004/t1037/t1037.003.md): Network Logon Script \[T1037.003]
- [RC Scripts](/mitre/mitre/ta0004/t1037/t1037.004.md): RC Scripts \[T1037.004]
- [Startup Items](/mitre/mitre/ta0004/t1037/t1037.005.md): Startup Items \[T1037.005]
- [Scheduled Task/Job](/mitre/mitre/ta0004/t1053.md): Scheduled Task/Job \[T1053]
- [At](/mitre/mitre/ta0004/t1053/t1053.002.md): At \[T1053.002]
- [Cron](/mitre/mitre/ta0004/t1053/t1053.003.md): Cron \[T1053.003]
- [Scheduled Task](/mitre/mitre/ta0004/t1053/t1053.005.md): Scheduled Task \[T1053.005]
- [Systemd Timers](/mitre/mitre/ta0004/t1053/t1053.006.md): Systemd Timers \[T1053.006]
- [Container Orchestration Job](/mitre/mitre/ta0004/t1053/t1053.007.md): Container Orchestration Job \[T1053.007]
- [Process Injection](/mitre/mitre/ta0004/t1055.md): Process Injection \[T1055]
- [Dynamic-link Library Injection](/mitre/mitre/ta0004/t1055/t1055.001.md): Dynamic-link Library Injection \[T1055.001]
- [Portable Executable Injection](/mitre/mitre/ta0004/t1055/t1055.002.md): Portable Executable Injection \[T1055.002]
- [Thread Execution Hijacking](/mitre/mitre/ta0004/t1055/t1055.003.md): Thread Execution Hijacking \[T1055.003]
- [Asynchronous Procedure Call](/mitre/mitre/ta0004/t1055/t1055.004.md): Asynchronous Procedure Call \[T1055.004]
- [Thread Local Storage](/mitre/mitre/ta0004/t1055/t1055.005.md): Thread Local Storage \[T1055.005]
- [Ptrace System Calls](/mitre/mitre/ta0004/t1055/t1055.008.md): Ptrace System Calls \[T1055.008]
- [Proc Memory](/mitre/mitre/ta0004/t1055/t1055.009.md): Proc Memory \[T1055.009]
- [Extra Window Memory Injection](/mitre/mitre/ta0004/t1055/t1055.011.md): Extra Window Memory Injection \[T1055.011]
- [Process Hollowing](/mitre/mitre/ta0004/t1055/t1055.012.md): Process Hollowing \[T1055.012]
- [Process Doppelgänging](/mitre/mitre/ta0004/t1055/t1055.013.md): Process Doppelgänging \[T1055.013]
- [VDSO Hijacking](/mitre/mitre/ta0004/t1055/t1055.014.md): VDSO Hijacking \[T1055.014]
- [ListPlanting](/mitre/mitre/ta0004/t1055/t1055.015.md): ListPlanting \[T1055.015]
- [Exploitation for Privilege Escalation](/mitre/mitre/ta0004/t1068.md): Exploitation for Privilege Escalation \[T1068]
- [Valid Accounts](/mitre/mitre/ta0004/t1078.md): Valid Accounts \[T1078]
- [Default Accounts](/mitre/mitre/ta0004/t1078/t1078.001.md): Default Accounts \[T1078.001]
- [Domain Accounts](/mitre/mitre/ta0004/t1078/t1078.002.md): Domain Accounts \[T1078.002]
- [Local Accounts](/mitre/mitre/ta0004/t1078/t1078.003.md): Local Accounts \[T1078.003]
- [Cloud Accounts](/mitre/mitre/ta0004/t1078/t1078.004.md): Cloud Accounts \[T1078.004]
- [Account Manipulation](/mitre/mitre/ta0004/t1098.md): Account Manipulation \[T1098]
- [Additional Cloud Credentials](/mitre/mitre/ta0004/t1098/t1098.001.md): Additional Cloud Credentials \[T1098.001]
- [Additional Email Delegate Permissions](/mitre/mitre/ta0004/t1098/t1098.002.md): Additional Email Delegate Permissions \[T1098.002]
- [Additional Cloud Roles](/mitre/mitre/ta0004/t1098/t1098.003.md): Additional Cloud Roles \[T1098.003]
- [SSH Authorized Keys](/mitre/mitre/ta0004/t1098/t1098.004.md): SSH Authorized Keys \[T1098.004]
- [Device Registration](/mitre/mitre/ta0004/t1098/t1098.005.md): Device Registration \[T1098.005]
- [Additional Container Cluster Roles](/mitre/mitre/ta0004/t1098/t1098.006.md): Additional Container Cluster Roles \[T1098.006]
- [Additional Local or Domain Groups](/mitre/mitre/ta0004/t1098/t1098.007.md): Additional Local or Domain Groups \[T1098.007]
- [Access Token Manipulation](/mitre/mitre/ta0004/t1134.md): Access Token Manipulation \[T1134]
- [Token Impersonation/Theft](/mitre/mitre/ta0004/t1134/t1134.001.md): Token Impersonation/Theft \[T1134.001]
- [Create Process with Token](/mitre/mitre/ta0004/t1134/t1134.002.md): Create Process with Token \[T1134.002]
- [Make and Impersonate Token](/mitre/mitre/ta0004/t1134/t1134.003.md): Make and Impersonate Token \[T1134.003]
- [Parent PID Spoofing](/mitre/mitre/ta0004/t1134/t1134.004.md): Parent PID Spoofing \[T1134.004]
- [SID-History Injection](/mitre/mitre/ta0004/t1134/t1134.005.md): SID-History Injection \[T1134.005]
- [Domain or Tenant Policy Modification](/mitre/mitre/ta0004/t1484.md): Domain or Group Policy Modification \[T1484]
- [Group Policy Modification](/mitre/mitre/ta0004/t1484/t1484.001.md): Group Policy Modification \[T1484.001]
- [Trust Modification](/mitre/mitre/ta0004/t1484/t1484.002.md): Trust Modification \[T1484.002]
- [Create or Modify System Process](/mitre/mitre/ta0004/t1543.md): Create or Modify System Process \[T1543]
- [Launch Agent](/mitre/mitre/ta0004/t1543/t1543.001.md): Launch Agent \[T1543.001]
- [Systemd Service](/mitre/mitre/ta0004/t1543/t1543.002.md): Systemd Service \[T1543.002]
- [Windows Service](/mitre/mitre/ta0004/t1543/t1543.003.md): Windows Service \[T1543.003]
- [Launch Daemon](/mitre/mitre/ta0004/t1543/t1543.004.md): Launch Daemon \[T1543.004]
- [Container Service](/mitre/mitre/ta0004/t1543/t1543.005.md): Container Service \[T1543.005]
- [Event Triggered Execution](/mitre/mitre/ta0004/t1546.md): Event Triggered Execution \[T1546]
- [Change Default File Association](/mitre/mitre/ta0004/t1546/t1546.001.md): Change Default File Association \[T1546.001]
- [Screensaver](/mitre/mitre/ta0004/t1546/t1546.002.md): Screensaver \[T1546.002]
- [Windows Management Instrumentation Event Subscription](/mitre/mitre/ta0004/t1546/t1546.003.md): Windows Management Instrumentation Event Subscription \[T1546.003]
- [Unix Shell Configuration Modification](/mitre/mitre/ta0004/t1546/t1546.004.md): Unix Shell Configuration Modification \[T1546.004]
- [Trap](/mitre/mitre/ta0004/t1546/t1546.005.md): Trap \[T1546.005]
- [LC\_LOAD\_DYLIB Addition](/mitre/mitre/ta0004/t1546/t1546.006.md): LC\_LOAD\_DYLIB Addition \[T1546.006]
- [Netsh Helper DLL](/mitre/mitre/ta0004/t1546/t1546.007.md): Netsh Helper DLL \[T1546.007]
- [Accessibility Features](/mitre/mitre/ta0004/t1546/t1546.008.md): Accessibility Features \[T1546.008]
- [AppCert DLLs](/mitre/mitre/ta0004/t1546/t1546.009.md): AppCert DLLs \[T1546.009]
- [AppInit DLLs](/mitre/mitre/ta0004/t1546/t1546.010.md): AppInit DLLs \[T1546.010]
- [Application Shimming](/mitre/mitre/ta0004/t1546/t1546.011.md): Application Shimming \[T1546.011]
- [Image File Execution Options Injection](/mitre/mitre/ta0004/t1546/t1546.012.md): Image File Execution Options Injection \[T1546.012]
- [PowerShell Profile](/mitre/mitre/ta0004/t1546/t1546.013.md): PowerShell Profile \[T1546.013]
- [Emond](/mitre/mitre/ta0004/t1546/t1546.014.md): Emond \[T1546.014]
- [Component Object Model Hijacking](/mitre/mitre/ta0004/t1546/t1546.015.md): Component Object Model Hijacking \[T1546.015]
- [Installer Packages](/mitre/mitre/ta0004/t1546/t1546.016.md): Installer Packages \[T1546.016]
- [Udev Rules](/mitre/mitre/ta0004/t1546/t1546.017.md): Udev Rules \[T1546.017]
- [Boot or Logon Autostart Execution](/mitre/mitre/ta0004/t1547.md): Boot or Logon Autostart Execution \[T1547]
- [Registry Run Keys / Startup Folder](/mitre/mitre/ta0004/t1547/t1547.001.md): Registry Run Keys / Startup Folder \[T1547.001]
- [Authentication Package](/mitre/mitre/ta0004/t1547/t1547.002.md): Authentication Package \[T1547.002]
- [Time Providers](/mitre/mitre/ta0004/t1547/t1547.003.md): Time Providers \[T1547.003]
- [Winlogon Helper DLL](/mitre/mitre/ta0004/t1547/t1547.004.md): Winlogon Helper DLL \[T1547.004]
- [Security Support Provider](/mitre/mitre/ta0004/t1547/t1547.005.md): Security Support Provider \[T1547.005]
- [Kernel Modules and Extensions](/mitre/mitre/ta0004/t1547/t1547.006.md): Kernel Modules and Extensions \[T1547.006]
- [Re-opened Applications](/mitre/mitre/ta0004/t1547/t1547.007.md): Re-opened Applications \[T1547.007]
- [LSASS Driver](/mitre/mitre/ta0004/t1547/t1547.008.md): LSASS Driver \[T1547.008]
- [Shortcut Modification](/mitre/mitre/ta0004/t1547/t1547.009.md): Shortcut Modification \[T1547.009]
- [Port Monitors](/mitre/mitre/ta0004/t1547/t1547.010.md): Port Monitors \[T1547.010]
- [Plist Modification](/mitre/mitre/ta0004/t1547/t1547.011.md): Print Processors \[T1547.011]
- [XDG Autostart Entries](/mitre/mitre/ta0004/t1547/t1547.013.md): XDG Autostart Entries \[T1547.013]
- [Active Setup](/mitre/mitre/ta0004/t1547/t1547.014.md): Active Setup \[T1547.014]
- [Login Items](/mitre/mitre/ta0004/t1547/t1547.015.md): Login Items \[T1547.015]
- [Abuse Elevation Control Mechanism](/mitre/mitre/ta0004/t1548.md): Abuse Elevation Control Mechanism \[T1548]
- [Setuid and Setgid](/mitre/mitre/ta0004/t1548/t1548.001.md): Setuid and Setgid \[T1548.001]
- [Bypass User Account Control](/mitre/mitre/ta0004/t1548/t1548.002.md): Bypass User Account Control \[T1548.002]
- [Sudo and Sudo Caching](/mitre/mitre/ta0004/t1548/t1548.003.md): Sudo and Sudo Caching \[T1548.003]
- [Elevated Execution with Prompt](/mitre/mitre/ta0004/t1548/t1548.004.md): Elevated Execution with Prompt \[T1548.004]
- [Temporary Elevated Cloud Access](/mitre/mitre/ta0004/t1548/t1548.005.md): Temporary Elevated Cloud Access \[T1548.005]
- [TCC Manipulation](/mitre/mitre/ta0004/t1548/t1548.006.md): TCC Manipulation \[T1548.006]
- [Hijack Execution Flow](/mitre/mitre/ta0004/t1574.md): Hijack Execution Flow \[T1574]
- [DLL Search Order Hijacking](/mitre/mitre/ta0004/t1574/t1574.001.md): DLL Search Order Hijacking \[T1574.001]
- [DLL Side-Loading](/mitre/mitre/ta0004/t1574/t1574.002.md): DLL Side-Loading \[T1574.002]
- [Dylib Hijacking](/mitre/mitre/ta0004/t1574/t1574.004.md): Dylib Hijacking \[T1574.004]
- [Executable Installer File Permissions Weakness](/mitre/mitre/ta0004/t1574/t1574.005.md): Executable Installer File Permissions Weakness \[T1574.005]
- [Dynamic Linker Hijacking](/mitre/mitre/ta0004/t1574/t1574.006.md): Dynamic Linker Hijacking \[T1574.006]
- [Path Interception by PATH Environment Variable](/mitre/mitre/ta0004/t1574/t1574.007.md): Path Interception by PATH Environment Variable \[T1574.007]
- [Path Interception by Search Order Hijacking](/mitre/mitre/ta0004/t1574/t1574.008.md): Path Interception by Search Order Hijacking \[T1574.008]
- [Path Interception by Unquoted Path](/mitre/mitre/ta0004/t1574/t1574.009.md): Path Interception by Unquoted Path \[T1574.009]
- [Services File Permissions Weakness](/mitre/mitre/ta0004/t1574/t1574.010.md): Services File Permissions Weakness \[T1574.010]
- [Services Registry Permissions Weakness](/mitre/mitre/ta0004/t1574/t1574.011.md): Services Registry Permissions Weakness \[T1574.011]
- [COR\_PROFILER](/mitre/mitre/ta0004/t1574/t1574.012.md): COR\_PROFILER \[T1574.012]
- [KernelCallbackTable](/mitre/mitre/ta0004/t1574/t1574.013.md): KernelCallbackTable \[T1574.013]
- [AppDomainManager](/mitre/mitre/ta0004/t1574/t1574.014.md): AppDomainManager \[T1574.014]
- [Escape to Host](/mitre/mitre/ta0004/t1611.md): Escape to Host \[T1611]
- [Defense Evasion](/mitre/mitre/ta0005.md): Defense Evasion \[TA0005]
- [Direct Volume Access](/mitre/mitre/ta0005/t1006.md): Direct Volume Access \[T1006]
- [Rootkit](/mitre/mitre/ta0005/t1014.md): Rootkit \[T1014]
- [Obfuscated Files or Information](/mitre/mitre/ta0005/t1027.md): Obfuscated Files or Information \[T1027]
- [Binary Padding](/mitre/mitre/ta0005/t1027/t1027.001.md): Binary Padding \[T1027.001]
- [Software Packing](/mitre/mitre/ta0005/t1027/t1027.002.md): Software Packing \[T1027.002]
- [Steganography](/mitre/mitre/ta0005/t1027/t1027.003.md): Steganography \[T1027.003]
- [Compile After Delivery](/mitre/mitre/ta0005/t1027/t1027.004.md): Compile After Delivery \[T1027.004]
- [HTML Smuggling](/mitre/mitre/ta0005/t1027/t1027.006.md): HTML Smuggling \[T1027.006]
- [Masquerading](/mitre/mitre/ta0005/t1036.md): Masquerading \[T1036]
- [Right-to-Left Override](/mitre/mitre/ta0005/t1036/t1036.002.md): Right-to-Left Override \[T1036.002]
- [Rename System Utilities](/mitre/mitre/ta0005/t1036/t1036.003.md): Rename System Utilities \[T1036.003]
- [Masquerade Task or Service](/mitre/mitre/ta0005/t1036/t1036.004.md): Masquerade Task or Service \[T1036.004]
- [Match Legitimate Name or Location](/mitre/mitre/ta0005/t1036/t1036.005.md): Match Legitimate Name or Location \[T1036.005]
- [Space after Filename](/mitre/mitre/ta0005/t1036/t1036.006.md): Space after Filename \[T1036.006]
- [Double File Extension](/mitre/mitre/ta0005/t1036/t1036.007.md): Double File Extension \[T1036.007]
- [Masquerade File Type](/mitre/mitre/ta0005/t1036/t1036.008.md): Compiled HTML File \[T1036.008]
- [Process Injection](/mitre/mitre/ta0005/t1055.md): Process Injection \[T1055]
- [Dynamic-link Library Injection](/mitre/mitre/ta0005/t1055/t1055.001.md): Dynamic-link Library Injection \[T1055.001]
- [Portable Executable Injection](/mitre/mitre/ta0005/t1055/t1055.002.md): Portable Executable Injection \[T1055.002]
- [Thread Execution Hijacking](/mitre/mitre/ta0005/t1055/t1055.003.md): Thread Execution Hijacking \[T1055.003]
- [Asynchronous Procedure Call](/mitre/mitre/ta0005/t1055/t1055.004.md): Asynchronous Procedure Call \[T1055.004]
- [Thread Local Storage](/mitre/mitre/ta0005/t1055/t1055.005.md): Thread Local Storage \[T1055.005]
- [Ptrace System Calls](/mitre/mitre/ta0005/t1055/t1055.008.md): Ptrace System Calls \[T1055.008]
- [Proc Memory](/mitre/mitre/ta0005/t1055/t1055.009.md): Proc Memory \[T1055.009]
- [Extra Window Memory Injection](/mitre/mitre/ta0005/t1055/t1055.011.md): Extra Window Memory Injection \[T1055.011]
- [Process Hollowing](/mitre/mitre/ta0005/t1055/t1055.012.md): Process Hollowing \[T1055.012]
- [Process Doppelgänging](/mitre/mitre/ta0005/t1055/t1055.013.md): Process Doppelgänging \[T1055.013]
- [VDSO Hijacking](/mitre/mitre/ta0005/t1055/t1055.014.md): VDSO Hijacking \[T1055.014]
- [ListPlanting](/mitre/mitre/ta0005/t1055/t1055.015.md): ListPlanting \[T1055.015]
- [Indicator Removal](/mitre/mitre/ta0005/t1070.md): Indicator Removal \[T1070]
- [Clear Windows Event Logs](/mitre/mitre/ta0005/t1070/t1070.001.md): Clear Windows Event Logs \[T1070.001]
- [Clear Command History](/mitre/mitre/ta0005/t1070/t1070.003.md): Clear Command History \[T1070.003]
- [File Deletion](/mitre/mitre/ta0005/t1070/t1070.004.md): File Deletion \[T1070.004]
- [Timestomp](/mitre/mitre/ta0005/t1070/t1070.006.md): Timestomp \[T1070.006]
- [Clear Network Connection History and Configurations](/mitre/mitre/ta0005/t1070/t1070.007.md): Clear Network Connection History and Logs \[T1070.007]
- [Valid Accounts](/mitre/mitre/ta0005/t1078.md): Valid Accounts \[T1078]
- [Default Accounts](/mitre/mitre/ta0005/t1078/t1078.001.md): Default Accounts \[T1078.001]
- [Domain Accounts](/mitre/mitre/ta0005/t1078/t1078.002.md): Domain Accounts \[T1078.002]
- [Local Accounts](/mitre/mitre/ta0005/t1078/t1078.003.md): Local Accounts \[T1078.003]
- [Cloud Accounts](/mitre/mitre/ta0005/t1078/t1078.004.md): Cloud Accounts \[T1078.004]
- [Modify Registry](/mitre/mitre/ta0005/t1112.md): Modify Registry \[T1112]
- [Access Token Manipulation](/mitre/mitre/ta0005/t1134.md): Access Token Manipulation \[T1134]
- [Token Impersonation/Theft](/mitre/mitre/ta0005/t1134/t1134.001.md): Token Impersonation/Theft \[T1134.001]
- [Create Process with Token](/mitre/mitre/ta0005/t1134/t1134.002.md): Create Process with Token \[T1134.002]
- [Make and Impersonate Token](/mitre/mitre/ta0005/t1134/t1134.003.md): Make and Impersonate Token \[T1134.003]
- [Parent PID Spoofing](/mitre/mitre/ta0005/t1134/t1134.004.md): Parent PID Spoofing \[T1134.004]
- [SID-History Injection](/mitre/mitre/ta0005/t1134/t1134.005.md): SID-History Injection \[T1134.005]
- [Deobfuscate/Decode Files or Information](/mitre/mitre/ta0005/t1140.md): Deobfuscate/Decode Files or Information \[T1140]
- [BITS Jobs](/mitre/mitre/ta0005/t1197.md): BITS Jobs \[T1197]
- [Indirect Command Execution](/mitre/mitre/ta0005/t1202.md): Indirect Command Execution \[T1202]
- [Traffic Signaling](/mitre/mitre/ta0005/t1205.md): Traffic Signaling \[T1205]
- [Port Knocking](/mitre/mitre/ta0005/t1205/t1205.001.md): Port Knocking \[T1205.001]
- [Socket Filters](/mitre/mitre/ta0005/t1205/t1205.002.md): Socket Filters \[T1205.002]
- [Rogue Domain Controller](/mitre/mitre/ta0005/t1207.md): Rogue Domain Controller \[T1207]
- [Exploitation for Defense Evasion](/mitre/mitre/ta0005/t1211.md): Exploitation for Defense Evasion \[T1211]
- [System Script Proxy Execution](/mitre/mitre/ta0005/t1216.md): System Script Proxy Execution \[T1216]
- [PubPrn](/mitre/mitre/ta0005/t1216/t1216.001.md): PubPrn \[T1216.001]
- [System Binary Proxy Execution](/mitre/mitre/ta0005/t1218.md): System Binary Proxy Execution \[T1218]
- [Compiled HTML File](/mitre/mitre/ta0005/t1218/t1218.001.md): Compiled HTML File \[T1218.001]
- [Control Panel](/mitre/mitre/ta0005/t1218/t1218.002.md): Control Panel \[T1218.002]
- [CMSTP](/mitre/mitre/ta0005/t1218/t1218.003.md): CMSTP \[T1218.003]
- [InstallUtil](/mitre/mitre/ta0005/t1218/t1218.004.md): InstallUtil \[T1218.004]
- [Mshta](/mitre/mitre/ta0005/t1218/t1218.005.md): Mshta \[T1218.005]
- [Msiexec](/mitre/mitre/ta0005/t1218/t1218.007.md): Msiexec \[T1218.007]
- [Odbcconf](/mitre/mitre/ta0005/t1218/t1218.008.md): Odbcconf \[T1218.008]
- [Regsvcs/Regasm](/mitre/mitre/ta0005/t1218/t1218.009.md): Regsvcs/Regasm \[T1218.009]
- [Regsvr32](/mitre/mitre/ta0005/t1218/t1218.010.md): Regsvr32 \[T1218.010]
- [Rundll32](/mitre/mitre/ta0005/t1218/t1218.011.md): Rundll32 \[T1218.011]
- [Verclsid](/mitre/mitre/ta0005/t1218/t1218.012.md): Verclsid \[T1218.012]
- [Mavinject](/mitre/mitre/ta0005/t1218/t1218.013.md): Mavinject \[T1218.013]
- [MMC](/mitre/mitre/ta0005/t1218/t1218.014.md): MMC \[T1218.014]
- [XSL Script Processing](/mitre/mitre/ta0005/t1220.md): XSL Script Processing \[T1220]
- [Template Injection](/mitre/mitre/ta0005/t1221.md): Template Injection \[T1221]
- [File and Directory Permissions Modification](/mitre/mitre/ta0005/t1222.md): File and Directory Permissions Modification \[T1222]
- [Windows File and Directory Permissions Modification](/mitre/mitre/ta0005/t1222/t1222.001.md): Windows File and Directory Permissions Modification \[T1222.001]
- [Linux and Mac File and Directory Permissions Modification](/mitre/mitre/ta0005/t1222/t1222.002.md): Linux and Mac File and Directory Permissions Modification \[T1222.002]
- [Execution Guardrails](/mitre/mitre/ta0005/t1480.md): Execution Guardrails \[T1480]
- [Environmental Keying](/mitre/mitre/ta0005/t1480/t1480.001.md): Environmental Keying \[T1480.001]
- [Mutual Exclusion](/mitre/mitre/ta0005/t1480/t1480.002.md): Geofencing \[T1480.002]
- [Time Based Evasion](/mitre/mitre/ta0005/t1480/t1480.003.md): Time Based Evasion \[T1480.003]
- [Domain or Tenant Policy Modification](/mitre/mitre/ta0005/t1484.md): Domain or Group Policy Modification \[T1484]
- [Group Policy Modification](/mitre/mitre/ta0005/t1484/t1484.001.md): Group Policy Modification \[T1484.001]
- [Trust Modification](/mitre/mitre/ta0005/t1484/t1484.002.md): Trust Modification \[T1484.002]
- [Virtualization/Sandbox Evasion](/mitre/mitre/ta0005/t1497.md): Virtualization/Sandbox Evasion \[T1497]
- [System Checks](/mitre/mitre/ta0005/t1497/t1497.001.md): System Checks \[T1497.001]
- [User Activity Based Checks](/mitre/mitre/ta0005/t1497/t1497.002.md): User Activity Based Checks \[T1497.002]
- [Time Based Evasion](/mitre/mitre/ta0005/t1497/t1497.003.md): Time Based Evasion \[T1497.003]
- [Pre-OS Boot](/mitre/mitre/ta0005/t1542.md): Pre-OS Boot \[T1542]
- [System Firmware](/mitre/mitre/ta0005/t1542/t1542.001.md): System Firmware \[T1542.001]
- [Component Firmware](/mitre/mitre/ta0005/t1542/t1542.002.md): Component Firmware \[T1542.002]
- [Bootkit](/mitre/mitre/ta0005/t1542/t1542.003.md): Bootkit \[T1542.003]
- [ROMMONkit](/mitre/mitre/ta0005/t1542/t1542.004.md): ROMMONkit \[T1542.004]
- [TFTP Boot](/mitre/mitre/ta0005/t1542/t1542.005.md): TFTP Boot \[T1542.005]
- [Abuse Elevation Control Mechanism](/mitre/mitre/ta0005/t1548.md): Abuse Elevation Control Mechanism \[T1548]
- [Setuid and Setgid](/mitre/mitre/ta0005/t1548/t1548.001.md): Setuid and Setgid \[T1548.001]
- [Bypass User Account Control](/mitre/mitre/ta0005/t1548/t1548.002.md): Bypass User Account Control \[T1548.002]
- [Sudo and Sudo Caching](/mitre/mitre/ta0005/t1548/t1548.003.md): Sudo and Sudo Caching \[T1548.003]
- [Elevated Execution with Prompt](/mitre/mitre/ta0005/t1548/t1548.004.md): Elevated Execution with Prompt \[T1548.004]
- [Temporary Elevated Cloud Access](/mitre/mitre/ta0005/t1548/t1548.005.md): Temporary Elevated Cloud Access \[T1548.005]
- [TCC Manipulation](/mitre/mitre/ta0005/t1548/t1548.006.md): TCC Manipulation \[T1548.006]
- [Use Alternate Authentication Material](/mitre/mitre/ta0005/t1550.md): Use Alternate Authentication Material \[T1550]
- [Application Access Token](/mitre/mitre/ta0005/t1550/t1550.001.md): Application Access Token \[T1550.001]
- [Pass the Hash](/mitre/mitre/ta0005/t1550/t1550.002.md): Pass the Hash \[T1550.002]
- [Pass the Ticket](/mitre/mitre/ta0005/t1550/t1550.003.md): Pass the Ticket \[T1550.003]
- [Web Session Cookie](/mitre/mitre/ta0005/t1550/t1550.004.md): Web Session Cookie \[T1550.004]
- [Subvert Trust Controls](/mitre/mitre/ta0005/t1553.md): Subvert Trust Controls \[T1553]
- [Gatekeeper Bypass](/mitre/mitre/ta0005/t1553/t1553.001.md): Gatekeeper Bypass \[T1553.001]
- [Code Signing](/mitre/mitre/ta0005/t1553/t1553.002.md): Code Signing \[T1553.002]
- [SIP and Trust Provider Hijacking](/mitre/mitre/ta0005/t1553/t1553.003.md): SIP and Trust Provider Hijacking \[T1553.003]
- [Install Root Certificate](/mitre/mitre/ta0005/t1553/t1553.004.md): Install Root Certificate \[T1553.004]
- [Mark-of-the-Web Bypass](/mitre/mitre/ta0005/t1553/t1553.005.md): Mark-of-the-Web Bypass \[T1553.005]
- [Modify Authentication Process](/mitre/mitre/ta0005/t1556.md): Modify Authentication Process \[T1556]
- [Domain Controller Authentication](/mitre/mitre/ta0005/t1556/t1556.001.md): Domain Controller Authentication \[T1556.001]
- [Password Filter DLL](/mitre/mitre/ta0005/t1556/t1556.002.md): Password Filter DLL \[T1556.002]
- [Pluggable Authentication Modules](/mitre/mitre/ta0005/t1556/t1556.003.md): Pluggable Authentication Modules \[T1556.003]
- [Network Device Authentication](/mitre/mitre/ta0005/t1556/t1556.004.md): Network Device Authentication \[T1556.004]
- [Reversible Encryption](/mitre/mitre/ta0005/t1556/t1556.005.md): Reverse Encryption \[T1556.005]
- [Multi-Factor Authentication](/mitre/mitre/ta0005/t1556/t1556.006.md): Multi-Factor Authentication \[T1556.006]
- [Hybrid Identity](/mitre/mitre/ta0005/t1556/t1556.007.md): Hybrid Identity \[T1556.007]
- [Network Provider DLL](/mitre/mitre/ta0005/t1556/t1556.008.md): Network Provider DLL \[T1556.008]
- [Conditional Access Policies](/mitre/mitre/ta0005/t1556/t1556.009.md): Conditional Access Policies \[T1556.009]
- [Impair Defenses](/mitre/mitre/ta0005/t1562.md): Impair Defenses \[T1562]
- [Disable or Modify Tools](/mitre/mitre/ta0005/t1562/t1562.001.md): Disable or Modify Tools \[T1562.001]
- [Disable Windows Event Logging](/mitre/mitre/ta0005/t1562/t1562.002.md): Disable Windows Event Logging \[T1562.002]
- [Disable or Modify System Firewall](/mitre/mitre/ta0005/t1562/t1562.004.md): Disable or Modify System Firewall \[T1562.004]
- [Disable or Modify Cloud Logs](/mitre/mitre/ta0005/t1562/t1562.008.md): Disable or Modify Cloud Logs \[T1562.008]
- [Hide Artifacts](/mitre/mitre/ta0005/t1564.md): Hide Artifacts \[T1564]
- [Hidden Files and Directories](/mitre/mitre/ta0005/t1564/t1564.001.md): Hidden Files and Directories \[T1564.001]
- [Hidden Users](/mitre/mitre/ta0005/t1564/t1564.002.md): Hidden Users \[T1564.002]
- [Hidden Window](/mitre/mitre/ta0005/t1564/t1564.003.md): Hidden Window \[T1564.003]
- [NTFS File Attributes](/mitre/mitre/ta0005/t1564/t1564.004.md): NTFS File Attributes \[T1564.004]
- [Hidden File System](/mitre/mitre/ta0005/t1564/t1564.005.md): Hidden File System \[T1564.005]
- [Hijack Execution Flow](/mitre/mitre/ta0005/t1574.md): Hijack Execution Flow \[T1574]
- [DLL Search Order Hijacking](/mitre/mitre/ta0005/t1574/t1574.001.md): DLL Search Order Hijacking \[T1574.001]
- [DLL Side-Loading](/mitre/mitre/ta0005/t1574/t1574.002.md): DLL Side-Loading \[T1574.002]
- [Dylib Hijacking](/mitre/mitre/ta0005/t1574/t1574.004.md): Dylib Hijacking \[T1574.004]
- [Executable Installer File Permissions Weakness](/mitre/mitre/ta0005/t1574/t1574.005.md): Executable Installer File Permissions Weakness \[T1574.005]
- [Dynamic Linker Hijacking](/mitre/mitre/ta0005/t1574/t1574.006.md): Dynamic Linker Hijacking \[T1574.006]
- [Path Interception by PATH Environment Variable](/mitre/mitre/ta0005/t1574/t1574.007.md): Path Interception by PATH Environment Variable \[T1574.007]
- [Path Interception by Search Order Hijacking](/mitre/mitre/ta0005/t1574/t1574.008.md): Path Interception by Search Order Hijacking \[T1574.008]
- [Path Interception by Unquoted Path](/mitre/mitre/ta0005/t1574/t1574.009.md): Path Interception by Unquoted Path \[T1574.009]
- [Services File Permissions Weakness](/mitre/mitre/ta0005/t1574/t1574.010.md): Services File Permissions Weakness \[T1574.010]
- [Services Registry Permissions Weakness](/mitre/mitre/ta0005/t1574/t1574.011.md): Services Registry Permissions Weakness \[T1574.011]
- [COR\_PROFILER](/mitre/mitre/ta0005/t1574/t1574.012.md): COR\_PROFILER \[T1574.012]
- [KernelCallbackTable](/mitre/mitre/ta0005/t1574/t1574.013.md): KernelCallbackTable \[T1574.013]
- [AppDomainManager](/mitre/mitre/ta0005/t1574/t1574.014.md): AppDomainManager \[T1574.014]
- [Modify Cloud Compute Infrastructure](/mitre/mitre/ta0005/t1578.md): Modify Cloud Environment \[T1578]
- [Create Snapshot](/mitre/mitre/ta0005/t1578/t1578.001.md): Add Resources or Services \[T1578.001]
- [Create Cloud Instance](/mitre/mitre/ta0005/t1578/t1578.002.md): Modify Permissions \[T1578.002]
- [Network Boundary Bridging](/mitre/mitre/ta0005/t1599.md): Network Boundary Bridging \[T1599]
- [Network Address Translation Traversal](/mitre/mitre/ta0005/t1599/t1599.001.md): Network Address Translation Traversal \[T1599.001]
- [Weaken Encryption](/mitre/mitre/ta0005/t1600.md): Weaken Encryption \[T1600]
- [Reduce Key Space](/mitre/mitre/ta0005/t1600/t1600.001.md): Reduce Key Space \[T1600.001]
- [Disable Crypto Hardware](/mitre/mitre/ta0005/t1600/t1600.002.md): Disable or Remove Encryption \[T1600.002]
- [Modify System Image](/mitre/mitre/ta0005/t1601.md): Modify System Image \[T1601]
- [Patch System Image](/mitre/mitre/ta0005/t1601/t1601.001.md): Patch System Image \[T1601.001]
- [Downgrade System Image](/mitre/mitre/ta0005/t1601/t1601.002.md): Downgrade System Image \[T1601.002]
- [Build Image on Host](/mitre/mitre/ta0005/t1612.md): Build Image on Host \[T1612]
- [Reflective Code Loading](/mitre/mitre/ta0005/t1620.md): Reflective Code Loading \[T1620]
- [Credential Access](/mitre/mitre/ta0006.md): Credential Access \[TA0006]
- [OS Credential Dumping](/mitre/mitre/ta0006/t1003.md): OS Credential Dumping \[T1003]
- [LSASS Memory](/mitre/mitre/ta0006/t1003/t1003.001.md): LSASS Memory \[T1003.001]
- [Security Account Manager](/mitre/mitre/ta0006/t1003/t1003.002.md): Security Account Manager \[T1003.002]
- [NTDS](/mitre/mitre/ta0006/t1003/t1003.003.md): NTDS \[T1003.003]
- [LSA Secrets](/mitre/mitre/ta0006/t1003/t1003.004.md): LSA Secrets \[T1003.004]
- [Cached Domain Credentials](/mitre/mitre/ta0006/t1003/t1003.005.md): Cached Domain Credentials \[T1003.005]
- [DCSync](/mitre/mitre/ta0006/t1003/t1003.006.md): DCSync \[T1003.006]
- [Proc Filesystem](/mitre/mitre/ta0006/t1003/t1003.007.md): Proc Filesystem \[T1003.007]
- [Network Sniffing](/mitre/mitre/ta0006/t1040.md): Network Sniffing \[T1040]
- [Input Capture](/mitre/mitre/ta0006/t1056.md): Input Capture \[T1056]
- [Keylogging](/mitre/mitre/ta0006/t1056/t1056.001.md): Keylogging \[T1056.001]
- [GUI Input Capture](/mitre/mitre/ta0006/t1056/t1056.002.md): GUI Input Capture \[T1056.002]
- [Web Portal Capture](/mitre/mitre/ta0006/t1056/t1056.003.md): Web Portal Capture \[T1056.003]
- [Brute Force](/mitre/mitre/ta0006/t1110.md): Brute Force \[T1110]
- [Password Guessing](/mitre/mitre/ta0006/t1110/t1110.001.md): Password Guessing \[T1110.001]
- [Password Cracking](/mitre/mitre/ta0006/t1110/t1110.002.md): Password Cracking \[T1110.002]
- [Password Spraying](/mitre/mitre/ta0006/t1110/t1110.003.md): Password Spraying \[T1110.003]
- [Credential Stuffing](/mitre/mitre/ta0006/t1110/t1110.004.md): Credential Stuffing \[T1110.004]
- [Multi-Factor Authentication Interception](/mitre/mitre/ta0006/t1111.md): Multi-Factor Authentication Interception \[T1111]
- [Forced Authentication](/mitre/mitre/ta0006/t1187.md): Forced Authentication \[T1187]
- [Exploitation for Credential Access](/mitre/mitre/ta0006/t1212.md): Exploitation for Credential Access \[T1212]
- [Cloud Instance Metadata API](/mitre/mitre/ta0006/t1522.md): Wireless Network Discovery \[T1522]
- [Steal Application Access Token](/mitre/mitre/ta0006/t1528.md): Steal Application Access Token \[T1528]
- [Steal Web Session Cookie](/mitre/mitre/ta0006/t1539.md): Steal Web Session Cookie \[T1539]
- [Unsecured Credentials](/mitre/mitre/ta0006/t1552.md): Unsecured Credentials \[T1552]
- [Credentials In Files](/mitre/mitre/ta0006/t1552/t1552.001.md): Credentials in Files \[T1552.001]
- [Credentials in Registry](/mitre/mitre/ta0006/t1552/t1552.002.md): Credentials in Registry \[T1552.002]
- [Bash History](/mitre/mitre/ta0006/t1552/t1552.003.md): Bash History \[T1552.003]
- [Group Policy Preferences](/mitre/mitre/ta0006/t1552/t1552.006.md): Credentials in Configuration Files \[T1552.006]
- [Credentials from Password Stores](/mitre/mitre/ta0006/t1555.md): Credentials from Password Stores \[T1555]
- [Credentials from Web Browsers](/mitre/mitre/ta0006/t1555/t1555.003.md): Credentials from Web Browsers \[T1555.003]
- [Windows Credential Manager](/mitre/mitre/ta0006/t1555/t1555.004.md): Windows Credential Manager \[T1555.004]
- [Password Managers](/mitre/mitre/ta0006/t1555/t1555.005.md): Credentials from Password Managers \[T1555.005]
- [Modify Authentication Process](/mitre/mitre/ta0006/t1556.md): Modify Authentication Process \[T1556]
- [Domain Controller Authentication](/mitre/mitre/ta0006/t1556/t1556.001.md): Domain Controller Authentication \[T1556.001]
- [Password Filter DLL](/mitre/mitre/ta0006/t1556/t1556.002.md): Password Filter DLL \[T1556.002]
- [Pluggable Authentication Modules](/mitre/mitre/ta0006/t1556/t1556.003.md): Pluggable Authentication Modules \[T1556.003]
- [Network Device Authentication](/mitre/mitre/ta0006/t1556/t1556.004.md): Network Device Authentication \[T1556.004]
- [Reversible Encryption](/mitre/mitre/ta0006/t1556/t1556.005.md): Reverse Encryption \[T1556.005]
- [Multi-Factor Authentication](/mitre/mitre/ta0006/t1556/t1556.006.md): Multi-Factor Authentication \[T1556.006]
- [Hybrid Identity](/mitre/mitre/ta0006/t1556/t1556.007.md): Hybrid Identity \[T1556.007]
- [Network Provider DLL](/mitre/mitre/ta0006/t1556/t1556.008.md): Network Provider DLL \[T1556.008]
- [Conditional Access Policies](/mitre/mitre/ta0006/t1556/t1556.009.md): Conditional Access Policies \[T1556.009]
- [Adversary-in-the-Middle](/mitre/mitre/ta0006/t1557.md): Adversary-in-the-Middle \[T1557]
- [LLMNR/NBT-NS Poisoning and SMB Relay](/mitre/mitre/ta0006/t1557/t1557.001.md): LLMNR/NBT-NS Poisoning and SMB Relay \[T1557.001]
- [ARP Cache Poisoning](/mitre/mitre/ta0006/t1557/t1557.002.md): ARP Cache Poisoning \[T1557.002]
- [DHCP Spoofing](/mitre/mitre/ta0006/t1557/t1557.003.md): DHCP Spoofing \[T1557.003]
- [Evil Twin](/mitre/mitre/ta0006/t1557/t1557.004.md): Evil Twin \[T1557.004]
- [Steal or Forge Kerberos Tickets](/mitre/mitre/ta0006/t1558.md): Steal or Forge Kerberos Tickets \[T1558]
- [Golden Ticket](/mitre/mitre/ta0006/t1558/t1558.001.md): Golden Ticket \[T1558.001]
- [Silver Ticket](/mitre/mitre/ta0006/t1558/t1558.002.md): Silver Ticket \[T1558.002]
- [Kerberoasting](/mitre/mitre/ta0006/t1558/t1558.003.md): Kerberoasting \[T1558.003]
- [Forge Web Credentials](/mitre/mitre/ta0006/t1606.md): Forge Web Credentials \[T1606]
- [Web Cookies](/mitre/mitre/ta0006/t1606/t1606.001.md): Web Cookies \[T1606.001]
- [SAML Tokens](/mitre/mitre/ta0006/t1606/t1606.002.md): SAML Tokens \[T1606.002]
- [Multi-Factor Authentication Request Generation](/mitre/mitre/ta0006/t1621.md): Multi-Factor Authentication Request Generation \[T1621]
- [Steal or Forge Authentication Certificates](/mitre/mitre/ta0006/t1649.md): Steal or Forge Authentication Certificates \[T1649]
- [Discovery](/mitre/mitre/ta0007.md): Discovery \[TA0007]
- [System Service Discovery](/mitre/mitre/ta0007/t1007.md): System Service Discovery \[T1007]
- [Application Window Discovery](/mitre/mitre/ta0007/t1010.md): Application Window Discovery \[T1010]
- [Query Registry](/mitre/mitre/ta0007/t1012.md): Query Registry \[T1012]
- [System Network Configuration Discovery](/mitre/mitre/ta0007/t1016.md): System Network Configuration Discovery \[T1016]
- [Internet Connection Discovery](/mitre/mitre/ta0007/t1016/t1016.001.md): Internet Connection Discovery \[T1016.001]
- [Remote System Discovery](/mitre/mitre/ta0007/t1018.md): Remote System Discovery \[T1018]
- [System Owner/User Discovery](/mitre/mitre/ta0007/t1033.md): System Owner/User Discovery \[T1033]
- [Network Sniffing](/mitre/mitre/ta0007/t1040.md): Network Sniffing \[T1040]
- [Network Service Discovery](/mitre/mitre/ta0007/t1046.md): Network Service Discovery \[T1046]
- [System Network Connections Discovery](/mitre/mitre/ta0007/t1049.md): System Network Connections Discovery \[T1049]
- [Process Discovery](/mitre/mitre/ta0007/t1057.md): Process Discovery \[T1057]
- [Permission Groups Discovery](/mitre/mitre/ta0007/t1069.md): Permission Groups Discovery \[T1069]
- [Local Groups](/mitre/mitre/ta0007/t1069/t1069.001.md): Local Groups \[T1069.001]
- [Domain Groups](/mitre/mitre/ta0007/t1069/t1069.002.md): Domain Groups \[T1069.002]
- [Cloud Groups](/mitre/mitre/ta0007/t1069/t1069.003.md): Cloud Groups \[T1069.003]
- [System Information Discovery](/mitre/mitre/ta0007/t1082.md): System Information Discovery \[T1082]
- [File and Directory Discovery](/mitre/mitre/ta0007/t1083.md): File and Directory Discovery \[T1083]
- [Account Discovery](/mitre/mitre/ta0007/t1087.md): Account Discovery \[T1087]
- [Local Account](/mitre/mitre/ta0007/t1087/t1087.001.md): Local Account \[T1087.001]
- [Domain Account](/mitre/mitre/ta0007/t1087/t1087.002.md): Domain Account \[T1087.002]
- [Cloud Account](/mitre/mitre/ta0007/t1087/t1087.004.md): Cloud Account \[T1087.004]
- [Peripheral Device Discovery](/mitre/mitre/ta0007/t1120.md): Peripheral Device Discovery \[T1120]
- [System Time Discovery](/mitre/mitre/ta0007/t1124.md): System Time Discovery \[T1124]
- [Network Share Discovery](/mitre/mitre/ta0007/t1135.md): Network Share Discovery \[T1135]
- [Password Policy Discovery](/mitre/mitre/ta0007/t1201.md): Password Policy Discovery \[T1201]
- [Browser Information Discovery](/mitre/mitre/ta0007/t1217.md): Browser Bookmark Discovery \[T1217]
- [Domain Trust Discovery](/mitre/mitre/ta0007/t1482.md): Domain Trust Discovery \[T1482]
- [Virtualization/Sandbox Evasion](/mitre/mitre/ta0007/t1497.md): Virtualization/Sandbox Evasion \[T1497]
- [System Checks](/mitre/mitre/ta0007/t1497/t1497.001.md): System Checks \[T1497.001]
- [User Activity Based Checks](/mitre/mitre/ta0007/t1497/t1497.002.md): User Activity Based Checks \[T1497.002]
- [Time Based Evasion](/mitre/mitre/ta0007/t1497/t1497.003.md): Time Based Evasion \[T1497.003]
- [Software Discovery](/mitre/mitre/ta0007/t1518.md): Software Discovery \[T1518]
- [Security Software Discovery](/mitre/mitre/ta0007/t1518/t1518.001.md): Security Software Discovery \[T1518.001]
- [Installed Services Discovery](/mitre/mitre/ta0007/t1518/t1518.002.md): Installed Services Discovery \[T1518.002]
- [Cloud Service Discovery](/mitre/mitre/ta0007/t1526.md): Cloud Service Discovery \[T1526]
- [Cloud Service Dashboard](/mitre/mitre/ta0007/t1538.md): Cloud Service Dashboard \[T1538]
- [Cloud Infrastructure Discovery](/mitre/mitre/ta0007/t1580.md): Cloud Infrastructure Discovery \[T1580]
- [Container and Resource Discovery](/mitre/mitre/ta0007/t1613.md): Container and Resource Discovery \[T1613]
- [System Location Discovery](/mitre/mitre/ta0007/t1614.md): System Location Discovery \[T1614]
- [System Language Discovery](/mitre/mitre/ta0007/t1614/t1614.001.md): System Language Discovery \[T1614.001]
- [Group Policy Discovery](/mitre/mitre/ta0007/t1615.md): Group Policy Discovery \[T1615]
- [Cloud Storage Object Discovery](/mitre/mitre/ta0007/t1619.md): Cloud Storage Object Discovery \[T1619]
- [Lateral Movement](/mitre/mitre/ta0008.md): Lateral Movement \[TA0008]
- [Remote Services](/mitre/mitre/ta0008/t1021.md): Remote Services \[T1021]
- [Remote Desktop Protocol](/mitre/mitre/ta0008/t1021/t1021.001.md): Remote Desktop Protocol \[T1021.001]
- [SMB/Windows Admin Shares](/mitre/mitre/ta0008/t1021/t1021.002.md): Windows Admin Shares \[T1021.002]
- [Distributed Component Object Model](/mitre/mitre/ta0008/t1021/t1021.003.md): Distributed Component Object Model \[T1021.003]
- [SSH](/mitre/mitre/ta0008/t1021/t1021.004.md): SSH \[T1021.004]
- [VNC](/mitre/mitre/ta0008/t1021/t1021.005.md): VNC \[T1021.005]
- [Windows Remote Management](/mitre/mitre/ta0008/t1021/t1021.006.md): Apple Remote Desktop \[T1021.006]
- [Cloud Services](/mitre/mitre/ta0008/t1021/t1021.007.md): Cloud Services \[T1021.007]
- [Software Deployment Tools](/mitre/mitre/ta0008/t1072.md): Software Deployment Tools \[T1072]
- [Taint Shared Content](/mitre/mitre/ta0008/t1080.md): Taint Shared Content \[T1080]
- [Replication Through Removable Media](/mitre/mitre/ta0008/t1091.md): Replication Through Removable Media \[T1091]
- [Exploitation of Remote Services](/mitre/mitre/ta0008/t1210.md): Exploitation of Remote Services \[T1210]
- [Internal Spearphishing](/mitre/mitre/ta0008/t1534.md): Internal Spearphishing \[T1534]
- [Use Alternate Authentication Material](/mitre/mitre/ta0008/t1550.md): Use Alternate Authentication Material \[T1550]
- [Application Access Token](/mitre/mitre/ta0008/t1550/t1550.001.md): Application Access Token \[T1550.001]
- [Pass the Hash](/mitre/mitre/ta0008/t1550/t1550.002.md): Pass the Hash \[T1550.002]
- [Pass the Ticket](/mitre/mitre/ta0008/t1550/t1550.003.md): Pass the Ticket \[T1550.003]
- [Web Session Cookie](/mitre/mitre/ta0008/t1550/t1550.004.md): Web Session Cookie \[T1550.004]
- [Remote Service Session Hijacking](/mitre/mitre/ta0008/t1563.md): Remote Service Session Hijacking \[T1563]
- [RDP Hijacking](/mitre/mitre/ta0008/t1563/t1563.002.md): RDP Hijacking \[T1563.002]
- [Lateral Tool Transfer](/mitre/mitre/ta0008/t1570.md): Lateral Tool Transfer \[T1570]
- [Collection](/mitre/mitre/ta0009.md): Collection \[TA0009]
- [Data from Local System](/mitre/mitre/ta0009/t1005.md): Data from Local System \[T1005]
- [Data from Removable Media](/mitre/mitre/ta0009/t1025.md): Data from Removable Media \[T1025]
- [Data from Network Shared Drive](/mitre/mitre/ta0009/t1039.md): Data from Network Shared Drive \[T1039]
- [Input Capture](/mitre/mitre/ta0009/t1056.md): Input Capture \[T1056]
- [Keylogging](/mitre/mitre/ta0009/t1056/t1056.001.md): Keylogging \[T1056.001]
- [GUI Input Capture](/mitre/mitre/ta0009/t1056/t1056.002.md): GUI Input Capture \[T1056.002]
- [Web Portal Capture](/mitre/mitre/ta0009/t1056/t1056.003.md): Web Portal Capture \[T1056.003]
- [Data Staged](/mitre/mitre/ta0009/t1074.md): Data Staged \[T1074]
- [Local Data Staging](/mitre/mitre/ta0009/t1074/t1074.001.md): Local Data Staging \[T1074.001]
- [Remote Data Staging](/mitre/mitre/ta0009/t1074/t1074.002.md): Remote Data Staging \[T1074.002]
- [Screen Capture](/mitre/mitre/ta0009/t1113.md): Screen Capture \[T1113]
- [Email Collection](/mitre/mitre/ta0009/t1114.md): Email Collection \[T1114]
- [Local Email Collection](/mitre/mitre/ta0009/t1114/t1114.001.md): Local Email Collection \[T1114.001]
- [Remote Email Collection](/mitre/mitre/ta0009/t1114/t1114.002.md): Remote Email Collection \[T1114.002]
- [Email Forwarding Rule](/mitre/mitre/ta0009/t1114/t1114.003.md): Email Forwarding Rule \[T1114.003]
- [Clipboard Data](/mitre/mitre/ta0009/t1115.md): Clipboard Data \[T1115]
- [Automated Collection](/mitre/mitre/ta0009/t1119.md): Automated Collection \[T1119]
- [Audio Capture](/mitre/mitre/ta0009/t1123.md): Audio Capture \[T1123]
- [Video Capture](/mitre/mitre/ta0009/t1125.md): Video Capture \[T1125]
- [Browser Session Hijacking](/mitre/mitre/ta0009/t1185.md): Browser Session Hijacking \[T1185]
- [Data from Information Repositories](/mitre/mitre/ta0009/t1213.md): Data from Information Repositories \[T1213]
- [Confluence](/mitre/mitre/ta0009/t1213/t1213.001.md): Customer Relationship Management Software \[T1213.001]
- [Sharepoint](/mitre/mitre/ta0009/t1213/t1213.002.md): SharePoint \[T1213.002]
- [Code Repositories](/mitre/mitre/ta0009/t1213/t1213.003.md): Code Repositories \[T1213.003]
- [Customer Relationship Management Software](/mitre/mitre/ta0009/t1213/t1213.004.md): Messaging Applications \[T1213.004]
- [Data from Cloud Storage](/mitre/mitre/ta0009/t1530.md): Data from Cloud Storage \[T1530]
- [Cloud Storage Object](/mitre/mitre/ta0009/t1530/t1530.001.md): Cloud Storage Object \[T1530.001]
- [Adversary-in-the-Middle](/mitre/mitre/ta0009/t1557.md): Adversary-in-the-Middle \[T1557]
- [LLMNR/NBT-NS Poisoning and SMB Relay](/mitre/mitre/ta0009/t1557/t1557.001.md): LLMNR/NBT-NS Poisoning and SMB Relay \[T1557.001]
- [ARP Cache Poisoning](/mitre/mitre/ta0009/t1557/t1557.002.md): ARP Cache Poisoning \[T1557.002]
- [DHCP Spoofing](/mitre/mitre/ta0009/t1557/t1557.003.md): DHCP Spoofing \[T1557.003]
- [Evil Twin](/mitre/mitre/ta0009/t1557/t1557.004.md): Evil Twin \[T1557.004]
- [Archive Collected Data](/mitre/mitre/ta0009/t1560.md): Archive Collected Data \[T1560]
- [Archive via Utility](/mitre/mitre/ta0009/t1560/t1560.001.md): Archive via Utility \[T1560.001]
- [Archive via Library](/mitre/mitre/ta0009/t1560/t1560.002.md): Archive via Library \[T1560.002]
- [Archive via Custom Method](/mitre/mitre/ta0009/t1560/t1560.003.md): Archive via Custom Method \[T1560.003]
- [Data from Configuration Repository](/mitre/mitre/ta0009/t1602.md): Data from Configuration Repository \[T1602]
- [SNMP (MIB Dump)](/mitre/mitre/ta0009/t1602/t1602.001.md): SNMP MIB Dump \[T1602.001]
- [Network Device Configuration Dump](/mitre/mitre/ta0009/t1602/t1602.002.md): Network Device Configuration Dump \[T1602.002]
- [Exfiltration](/mitre/mitre/ta0010.md): Exfiltration \[TA0010]
- [Exfiltration Over Other Network Medium](/mitre/mitre/ta0010/t1011.md): Exfiltration Over Other Network Medium \[T1011]
- [Exfiltration Over Bluetooth](/mitre/mitre/ta0010/t1011/t1011.001.md): Exfiltration Over Bluetooth \[T1011.001]
- [Automated Exfiltration](/mitre/mitre/ta0010/t1020.md): Automated Exfiltration \[T1020]
- [Traffic Duplication](/mitre/mitre/ta0010/t1020/t1020.001.md): Traffic Duplication \[T1020.001]
- [Scheduled Transfer](/mitre/mitre/ta0010/t1029.md): Scheduled Transfer \[T1029]
- [Data Transfer Size Limits](/mitre/mitre/ta0010/t1030.md): Data Transfer Size Limits \[T1030]
- [Exfiltration Over C2 Channel](/mitre/mitre/ta0010/t1041.md): Exfiltration Over C2 Channel \[T1041]
- [Exfiltration Over Alternative Protocol](/mitre/mitre/ta0010/t1048.md): Exfiltration Over Alternative Protocol \[T1048]
- [Exfiltration Over Symmetric Encrypted Non-C2 Protocol](/mitre/mitre/ta0010/t1048/t1048.001.md): Exfiltration Over Symmetric Encrypted Non-C2 Protocol \[T1048.001]
- [Exfiltration Over Asymmetric Encrypted Non-C2 Protocol](/mitre/mitre/ta0010/t1048/t1048.002.md): Exfiltration Over Asymmetric Encrypted Non-C2 Protocol \[T1048.002]
- [Exfiltration Over Unencrypted Non-C2 Protocol](/mitre/mitre/ta0010/t1048/t1048.003.md): Exfiltration Over Unencrypted Non-C2 Protocol \[T1048.003]
- [Exfiltration Over Physical Medium](/mitre/mitre/ta0010/t1052.md): Exfiltration Over Physical Medium \[T1052]
- [Exfiltration over USB](/mitre/mitre/ta0010/t1052/t1052.001.md): Exfiltration over USB \[T1052.001]
- [Exfiltration Over Web Service](/mitre/mitre/ta0010/t1567.md): Exfiltration Over Web Service \[T1567]
- [Exfiltration to Code Repository](/mitre/mitre/ta0010/t1567/t1567.001.md): Exfiltration to Code Repository \[T1567.001]
- [Exfiltration to Cloud Storage](/mitre/mitre/ta0010/t1567/t1567.002.md): Exfiltration to Cloud Storage \[T1567.002]
- [Exfiltration to Text Storage Sites](/mitre/mitre/ta0010/t1567/t1567.003.md): Exfiltration to Text Storage Sites \[T1567.003]
- [Exfiltration Over Webhook](/mitre/mitre/ta0010/t1567/t1567.004.md): Exfiltration Over Webhook \[T1567.004]
- [Command and Control](/mitre/mitre/ta0011.md): Command and Control \[TA0011]
- [Data Obfuscation](/mitre/mitre/ta0011/t1001.md): Data Obfuscation \[T1001]
- [Junk Data](/mitre/mitre/ta0011/t1001/t1001.001.md): Junk Data \[T1001.001]
- [Steganography](/mitre/mitre/ta0011/t1001/t1001.002.md): Steganography \[T1001.002]
- [Protocol or Service Impersonation](/mitre/mitre/ta0011/t1001/t1001.003.md): Protocol Impersonation \[T1001.003]
- [Fallback Channels](/mitre/mitre/ta0011/t1008.md): Fallback Channels \[T1008]
- [Application Layer Protocol](/mitre/mitre/ta0011/t1071.md): Application Layer Protocol \[T1071]
- [Web Protocols](/mitre/mitre/ta0011/t1071/t1071.001.md): Web Protocols \[T1071.001]
- [File Transfer Protocols](/mitre/mitre/ta0011/t1071/t1071.002.md): File Transfer Protocols \[T1071.002]
- [Mail Protocols](/mitre/mitre/ta0011/t1071/t1071.003.md): Mail Protocols \[T1071.003]
- [DNS](/mitre/mitre/ta0011/t1071/t1071.004.md): DNS \[T1071.004]
- [Proxy](/mitre/mitre/ta0011/t1090.md): Proxy \[T1090]
- [Internal Proxy](/mitre/mitre/ta0011/t1090/t1090.001.md): Internal Proxy \[T1090.001]
- [External Proxy](/mitre/mitre/ta0011/t1090/t1090.002.md): External Proxy \[T1090.002]
- [Multi-hop Proxy](/mitre/mitre/ta0011/t1090/t1090.003.md): Multi-hop Proxy \[T1090.003]
- [Domain Fronting](/mitre/mitre/ta0011/t1090/t1090.004.md): Domain Fronting \[T1090.004]
- [Communication Through Removable Media](/mitre/mitre/ta0011/t1092.md): Communication Through Removable Media \[T1092]
- [Non-Application Layer Protocol](/mitre/mitre/ta0011/t1095.md): Non-Application Layer Protocol \[T1095]
- [Web Service](/mitre/mitre/ta0011/t1102.md): Web Service \[T1102]
- [Dead Drop Resolver](/mitre/mitre/ta0011/t1102/t1102.001.md): Dead Drop Resolver \[T1102.001]
- [Bidirectional Communication](/mitre/mitre/ta0011/t1102/t1102.002.md): Bidirectional Communication \[T1102.002]
- [One-Way Communication](/mitre/mitre/ta0011/t1102/t1102.003.md): One-Way Communication \[T1102.003]
- [Multi-Stage Channels](/mitre/mitre/ta0011/t1104.md): Multi-Stage Channels \[T1104]
- [Ingress Tool Transfer](/mitre/mitre/ta0011/t1105.md): Ingress Tool Transfer \[T1105]
- [Data Encoding](/mitre/mitre/ta0011/t1132.md): Data Encoding \[T1132]
- [Standard Encoding](/mitre/mitre/ta0011/t1132/t1132.001.md): Standard Encoding \[T1132.001]
- [Non-Standard Encoding](/mitre/mitre/ta0011/t1132/t1132.002.md): Non-Standard Encoding \[T1132.002]
- [Traffic Signaling](/mitre/mitre/ta0011/t1205.md): Traffic Signaling \[T1205]
- [Port Knocking](/mitre/mitre/ta0011/t1205/t1205.001.md): Port Knocking \[T1205.001]
- [Socket Filters](/mitre/mitre/ta0011/t1205/t1205.002.md): Socket Filters \[T1205.002]
- [Remote Access Software](/mitre/mitre/ta0011/t1219.md): Remote Access Software \[T1219]
- [Dynamic Resolution](/mitre/mitre/ta0011/t1568.md): Dynamic Resolution \[T1568]
- [Fast Flux DNS](/mitre/mitre/ta0011/t1568/t1568.001.md): Fast Flux DNS \[T1568.001]
- [Domain Generation Algorithms](/mitre/mitre/ta0011/t1568/t1568.002.md): Domain Generation Algorithm Discovery \[T1568.002]
- [DNS Calculation](/mitre/mitre/ta0011/t1568/t1568.003.md): DNS Calculation \[T1568.003]
- [Non-Standard Port](/mitre/mitre/ta0011/t1571.md): Non-Standard Port \[T1571]
- [Protocol Tunneling](/mitre/mitre/ta0011/t1572.md): Protocol Tunneling \[T1572]
- [Encrypted Channel](/mitre/mitre/ta0011/t1573.md): Encrypted Channel \[T1573]
- [Symmetric Cryptography](/mitre/mitre/ta0011/t1573/t1573.001.md): Symmetric Cryptography \[T1573.001]
- [Asymmetric Cryptography](/mitre/mitre/ta0011/t1573/t1573.002.md): Asymmetric Cryptography \[T1573.002]
- [Impact](/mitre/mitre/ta0040.md): Impact \[TA0040]
- [Data Destruction](/mitre/mitre/ta0040/t1485.md): Data Destruction \[T1485]
- [Lifecycle-Triggered Deletion](/mitre/mitre/ta0040/t1485/t1485.001.md): Lifecycle/Trigger Deletion \[T1485.001]
- [Data Encrypted for Impact](/mitre/mitre/ta0040/t1486.md): Data Encrypted for Impact \[T1486]
- [Service Stop](/mitre/mitre/ta0040/t1489.md): Service Stop \[T1489]
- [Inhibit System Recovery](/mitre/mitre/ta0040/t1490.md): Inhibit System Recovery \[T1490]
- [Defacement](/mitre/mitre/ta0040/t1491.md): Defacement \[T1491]
- [Internal Defacement](/mitre/mitre/ta0040/t1491/t1491.001.md): Internal Defacement \[T1491.001]
- [External Defacement](/mitre/mitre/ta0040/t1491/t1491.002.md): External Defacement \[T1491.002]
- [Firmware Corruption](/mitre/mitre/ta0040/t1495.md): Firmware Corruption \[T1495]
- [Resource Hijacking](/mitre/mitre/ta0040/t1496.md): Resource Hijacking \[T1496]
- [Compute Hijacking](/mitre/mitre/ta0040/t1496/t1496.001.md): SMS Pumping \[T1496.001]
- [Network Denial of Service](/mitre/mitre/ta0040/t1498.md): Network Denial of Service \[T1498]
- [Direct Network Flood](/mitre/mitre/ta0040/t1498/t1498.001.md): Direct Network Flood \[T1498.001]
- [Reflection Amplification](/mitre/mitre/ta0040/t1498/t1498.002.md): Reflection Amplification \[T1498.002]
- [Endpoint Denial of Service](/mitre/mitre/ta0040/t1499.md): Endpoint Denial of Service \[T1499]
- [OS Exhaustion Flood](/mitre/mitre/ta0040/t1499/t1499.001.md): OS Exhaustion Flood \[T1499.001]
- [Service Exhaustion Flood](/mitre/mitre/ta0040/t1499/t1499.002.md): Service Exhaustion Flood \[T1499.002]
- [Application Exhaustion Flood](/mitre/mitre/ta0040/t1499/t1499.003.md): Application Exhaustion Flood \[T1499.003]
- [Application or System Exploitation](/mitre/mitre/ta0040/t1499/t1499.004.md): Application or System Exploitation \[T1499.004]
- [System Shutdown/Reboot](/mitre/mitre/ta0040/t1529.md): System Shutdown/Reboot \[T1529]
- [Account Access Removal](/mitre/mitre/ta0040/t1531.md): Account Access Removal \[T1531]
- [Disk Wipe](/mitre/mitre/ta0040/t1561.md): Disk Wipe \[T1561]
- [Disk Content Wipe](/mitre/mitre/ta0040/t1561/t1561.001.md): Disk Structure Wipe \[T1561.001]
- [Disk Structure Wipe](/mitre/mitre/ta0040/t1561/t1561.002.md): Disk Content Wipe \[T1561.002]
- [Data Manipulation](/mitre/mitre/ta0040/t1565.md): Data Manipulation \[T1565]
- [Stored Data Manipulation](/mitre/mitre/ta0040/t1565/t1565.001.md): Stored Data Manipulation \[T1565.001]
- [Transmitted Data Manipulation](/mitre/mitre/ta0040/t1565/t1565.002.md): Transmitted Data Manipulation \[T1565.002]
- [Runtime Data Manipulation](/mitre/mitre/ta0040/t1565/t1565.003.md): Runtime Data Manipulation \[T1565.003]
- [Resource Development](/mitre/mitre/ta0042.md): Resource Development \[TA0042]
- [Acquire Infrastructure](/mitre/mitre/ta0042/t1583.md): Acquire Infrastructure \[T1583]
- [Domains](/mitre/mitre/ta0042/t1583/t1583.001.md): Domains \[T1583.001]
- [DNS Server](/mitre/mitre/ta0042/t1583/t1583.002.md): DNS Server \[T1583.002]
- [Virtual Private Server](/mitre/mitre/ta0042/t1583/t1583.003.md): Virtual Private Server \[T1583.003]
- [Server](/mitre/mitre/ta0042/t1583/t1583.004.md): Server \[T1583.004]
- [Botnet](/mitre/mitre/ta0042/t1583/t1583.005.md): Botnet \[T1583.005]
- [Web Services](/mitre/mitre/ta0042/t1583/t1583.006.md): Web Services \[T1583.006]
- [Serverless](/mitre/mitre/ta0042/t1583/t1583.007.md): Serverless \[T1583.007]
- [Malvertising](/mitre/mitre/ta0042/t1583/t1583.008.md): Malvertising \[T1583.008]
- [Compromise Infrastructure](/mitre/mitre/ta0042/t1584.md): Compromise Infrastructure \[T1584]
- [Domains](/mitre/mitre/ta0042/t1584/t1584.001.md): Domains \[T1584.001]
- [DNS Server](/mitre/mitre/ta0042/t1584/t1584.002.md): DNS Server \[T1584.002]
- [Virtual Private Server](/mitre/mitre/ta0042/t1584/t1584.003.md): Virtual Private Server \[T1584.003]
- [Server](/mitre/mitre/ta0042/t1584/t1584.004.md): Server \[T1584.004]
- [Botnet](/mitre/mitre/ta0042/t1584/t1584.005.md): Botnet \[T1584.005]
- [Web Services](/mitre/mitre/ta0042/t1584/t1584.006.md): Web Services \[T1584.006]
- [Serverless](/mitre/mitre/ta0042/t1584/t1584.007.md): Serverless \[T1584.007]
- [Network Devices](/mitre/mitre/ta0042/t1584/t1584.008.md): Network Devices \[T1584.008]
- [Establish Accounts](/mitre/mitre/ta0042/t1585.md): Establish Accounts \[T1585]
- [Social Media Accounts](/mitre/mitre/ta0042/t1585/t1585.001.md): Social Media Accounts \[T1585.001]
- [Email Accounts](/mitre/mitre/ta0042/t1585/t1585.002.md): Email Accounts \[T1585.002]
- [Cloud Accounts](/mitre/mitre/ta0042/t1585/t1585.003.md): Cloud Accounts \[T1585.003]
- [Compromise Accounts](/mitre/mitre/ta0042/t1586.md): Compromise Accounts \[T1586]
- [Social Media Accounts](/mitre/mitre/ta0042/t1586/t1586.001.md): Social Media Accounts \[T1586.001]
- [Email Accounts](/mitre/mitre/ta0042/t1586/t1586.002.md): Email Accounts \[T1586.002]
- [Cloud Accounts](/mitre/mitre/ta0042/t1586/t1586.003.md): Cloud Accounts \[T1586.003]
- [Develop Capabilities](/mitre/mitre/ta0042/t1587.md): Develop Capabilities \[T1587]
- [Malware](/mitre/mitre/ta0042/t1587/t1587.001.md): Malware \[T1587.001]
- [Code Signing Certificates](/mitre/mitre/ta0042/t1587/t1587.002.md): Code Signing Certificates \[T1587.002]
- [Digital Certificates](/mitre/mitre/ta0042/t1587/t1587.003.md): Digital Certificates \[T1587.003]
- [Exploits](/mitre/mitre/ta0042/t1587/t1587.004.md): Exploits \[T1587.004]
- [Obtain Capabilities](/mitre/mitre/ta0042/t1588.md): Obtain Capabilities \[T1588]
- [Malware](/mitre/mitre/ta0042/t1588/t1588.001.md): Malware \[T1588.001]
- [Tool](/mitre/mitre/ta0042/t1588/t1588.002.md): Tool \[T1588.002]
- [Code Signing Certificates](/mitre/mitre/ta0042/t1588/t1588.003.md): Code Signing Certificates \[T1588.003]
- [Digital Certificates](/mitre/mitre/ta0042/t1588/t1588.004.md): Digital Certificates \[T1588.004]
- [Exploits](/mitre/mitre/ta0042/t1588/t1588.005.md): Exploits \[T1588.005]
- [Vulnerabilities](/mitre/mitre/ta0042/t1588/t1588.006.md): Vulnerabilities \[T1588.006]
- [Artificial Intelligence](/mitre/mitre/ta0042/t1588/t1588.007.md): Artificial Intelligence \[T1588.007]
- [Stage Capabilities](/mitre/mitre/ta0042/t1608.md): Stage Capabilities \[T1608]
- [Upload Malware](/mitre/mitre/ta0042/t1608/t1608.001.md): Upload Malware \[T1608.001]
- [Upload Tool](/mitre/mitre/ta0042/t1608/t1608.002.md): Upload Tool \[T1608.002]
- [Install Digital Certificate](/mitre/mitre/ta0042/t1608/t1608.003.md): Install Digital Certificate \[T1608.003]
- [Drive-by Target](/mitre/mitre/ta0042/t1608/t1608.004.md): Drive-by Target \[T1608.004]
- [Link Target](/mitre/mitre/ta0042/t1608/t1608.005.md): Link Target \[T1608.005]
- [SEO Poisoning](/mitre/mitre/ta0042/t1608/t1608.006.md): SEO Poisoning \[T1608.006]
- [Acquire Access](/mitre/mitre/ta0042/t1650.md): Acquire Access \[T1650]
- [Reconnaissance](/mitre/mitre/ta0043.md): Reconnaissance \[TA0043]
- [Gather Victim Identity Information](/mitre/mitre/ta0043/t1589.md): Gather Victim Identity Information \[T1589]
- [Credentials](/mitre/mitre/ta0043/t1589/t1589.001.md): Credentials \[T1589.001]
- [Email Addresses](/mitre/mitre/ta0043/t1589/t1589.002.md): Email Addresses \[T1589.002]
- [Employee Names](/mitre/mitre/ta0043/t1589/t1589.003.md): Employee Names \[T1589.003]
- [Gather Victim Network Information](/mitre/mitre/ta0043/t1590.md): Gather Victim Network Information \[T1590]
- [Domain Properties](/mitre/mitre/ta0043/t1590/t1590.001.md): Domain Properties \[T1590.001]
- [DNS](/mitre/mitre/ta0043/t1590/t1590.002.md): DNS \[T1590.002]
- [Network Trust Dependencies](/mitre/mitre/ta0043/t1590/t1590.003.md): Network Trust Dependencies \[T1590.003]
- [Network Topology](/mitre/mitre/ta0043/t1590/t1590.004.md): Network Topology \[T1590.004]
- [IP Addresses](/mitre/mitre/ta0043/t1590/t1590.005.md): IP Addresses \[T1590.005]
- [Network Security Appliances](/mitre/mitre/ta0043/t1590/t1590.006.md): Network Security Appliances \[T1590.006]
- [Gather Victim Org Information](/mitre/mitre/ta0043/t1591.md): Gather Victim Org Information \[T1591]
- [Determine Physical Locations](/mitre/mitre/ta0043/t1591/t1591.001.md): Determine Physical Locations \[T1591.001]
- [Business Relationships](/mitre/mitre/ta0043/t1591/t1591.002.md): Business Relationships \[T1591.002]
- [Identify Business Tempo](/mitre/mitre/ta0043/t1591/t1591.003.md): Identify Business Tempo \[T1591.003]
- [Identify Roles](/mitre/mitre/ta0043/t1591/t1591.004.md): Identify Roles \[T1591.004]
- [Gather Victim Host Information](/mitre/mitre/ta0043/t1592.md): Gather Victim Host Information \[T1592]
- [Hardware](/mitre/mitre/ta0043/t1592/t1592.001.md): Hardware \[T1592.001]
- [Software](/mitre/mitre/ta0043/t1592/t1592.002.md): Software \[T1592.002]
- [Firmware](/mitre/mitre/ta0043/t1592/t1592.003.md): Firmware \[T1592.003]
- [Client Configurations](/mitre/mitre/ta0043/t1592/t1592.004.md): Client Configurations \[T1592.004]
- [Search Open Websites/Domains](/mitre/mitre/ta0043/t1593.md): Search Open Websites/Domains \[T1593]
- [Social Media](/mitre/mitre/ta0043/t1593/t1593.001.md): Social Media \[T1593.001]
- [Search Engines](/mitre/mitre/ta0043/t1593/t1593.002.md): Search Engines \[T1593.002]
- [Code Repositories](/mitre/mitre/ta0043/t1593/t1593.003.md): Code Repositories \[T1593.003]
- [Search Victim-Owned Websites](/mitre/mitre/ta0043/t1594.md): Search Victim-Owned Websites \[T1594]
- [Active Scanning](/mitre/mitre/ta0043/t1595.md): Active Scanning \[T1595]
- [Scanning IP Blocks](/mitre/mitre/ta0043/t1595/t1595.001.md): Scanning IP Blocks \[T1595.001]
- [Vulnerability Scanning](/mitre/mitre/ta0043/t1595/t1595.002.md): Vulnerability Scanning \[T1595.002]
- [Wordlist Scanning](/mitre/mitre/ta0043/t1595/t1595.003.md): Wordlist Scanning \[T1595.003]
- [Search Open Technical Databases](/mitre/mitre/ta0043/t1596.md): Search Open Technical Databases \[T1596]
- [DNS/Passive DNS](/mitre/mitre/ta0043/t1596/t1596.001.md): DNS/Passive DNS \[T1596.001]
- [WHOIS](/mitre/mitre/ta0043/t1596/t1596.002.md): WHOIS \[T1596.002]
- [Digital Certificates](/mitre/mitre/ta0043/t1596/t1596.003.md): Digital Certificates \[T1596.003]
- [CDNs](/mitre/mitre/ta0043/t1596/t1596.004.md): CDNs \[T1596.004]
- [Scan Databases](/mitre/mitre/ta0043/t1596/t1596.005.md): Scan Databases \[T1596.005]
- [Search Closed Sources](/mitre/mitre/ta0043/t1597.md): Search Closed Sources \[T1597]
- [Threat Intel Vendors](/mitre/mitre/ta0043/t1597/t1597.001.md): Threat Intel Vendors \[T1597.001]
- [Purchase Technical Data](/mitre/mitre/ta0043/t1597/t1597.002.md): Purchase Technical Data \[T1597.002]
- [Phishing for Information](/mitre/mitre/ta0043/t1598.md): Phishing for Information \[T1598]
- [Spearphishing Service](/mitre/mitre/ta0043/t1598/t1598.001.md): Spearphishing Service \[T1598.001]
- [Spearphishing Attachment](/mitre/mitre/ta0043/t1598/t1598.002.md): Spearphishing Attachment \[T1598.002]
- [Spearphishing Link](/mitre/mitre/ta0043/t1598/t1598.003.md): Spearphishing Link \[T1598.003]
- [Spearphishing Voice](/mitre/mitre/ta0043/t1598/t1598.004.md): Spearphishing Voice \[T1598.004]