Created
October 30, 2017 06:26
-
-
Save yu-yang/4624624829aa92c0dae8e3dd8bc8dea8 to your computer and use it in GitHub Desktop.
MITRE ATT&CK Whitelisting
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| T1103 - AppInitDlls | |
| T1017 - Application Deployment Software | |
| T1131 - Authentication Package | |
| T1009 - Binary Padding | |
| T1042 - Change Default Association | |
| T1116 - Code Signing | |
| T1122 - Component Object Model Hijacking | |
| T1003 - Credential Access | |
| T1055 - DLL Injection | |
| T1038 - DLL Search Order Hijacking | |
| T1073 - DLL Side-Loading | |
| T1106 - Execution through API | |
| T1129 - Execution through Module Load | |
| T1118 - InstallUtil | |
| T1013 - Local Port Monitor | |
| T1031 - Modify Existing Service | |
| T1128 - Netsh Helper DLL | |
| T1050 - New Service | |
| T1137 - Office Application Startup | |
| T1034 - Path Interception | |
| T1093 - Process Hollowing | |
| T1060 - Registry Run Keys / Start Folder | |
| T1121 - RegSvcs/RegAsm | |
| T1117 - RegSvr32 | |
| T1085 - Rundll32 | |
| T1053 - Scheduled Task | |
| T1101 - Security Support Provider | |
| T1023 - Shortcut Modification | |
| T1080 - Taint Shared Content | |
| T1072 - Third-party Software | |
| T1154 - Trap | |
| T1127 - Trusted Developer Utilities | |
| T1004 - Winlogon Helper DLL |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment