KnownTechniques enum
Techniques of the assessment
Fields
| AbuseElevationControlMechanism | Abuse Elevation Control Mechanism |
| AccessTokenManipulation | Access Token Manipulation |
| AccountDiscovery | Account Discovery |
| AccountManipulation | Account Manipulation |
| ActiveScanning | Active Scanning |
| ApplicationLayerProtocol | Application Layer Protocol |
| AudioCapture | Audio Capture |
| BootOrLogonAutostartExecution | Boot or Logon Autostart Execution |
| BootOrLogonInitializationScripts | Boot or Logon Initialization Scripts |
| BruteForce | Brute Force |
| CloudInfrastructureDiscovery | Cloud Infrastructure Discovery |
| CloudServiceDashboard | Cloud Service Dashboard |
| CloudServiceDiscovery | Cloud Service Discovery |
| CommandAndScriptingInterpreter | Command and Scripting Interpreter |
| CompromiseClientSoftwareBinary | Compromise Client Software Binary |
| CompromiseInfrastructure | Compromise Infrastructure |
| ContainerAndResourceDiscovery | Container and Resource Discovery |
| CreateAccount | Create Account |
| CreateOrModifySystemProcess | Create or Modify System Process |
| CredentialsFromPasswordStores | Credentials from Password Stores |
| DataDestruction | Data Destruction |
| DataEncryptedForImpact | Data Encrypted for Impact |
| DataFromCloudStorageObject | Data from Cloud Storage Object |
| DataFromConfigurationRepository | Data from Configuration Repository |
| DataFromInformationRepositories | Data from Information Repositories |
| DataFromLocalSystem | Data from Local System |
| DataManipulation | Data Manipulation |
| DataStaged | Data Staged |
| Defacement | Defacement |
| DeobfuscateDecodeFilesOrInformation | Deobfuscate/Decode Files or Information |
| DiskWipe | Disk Wipe |
| DomainTrustDiscovery | Domain Trust Discovery |
| DriveByCompromise | Drive-by Compromise |
| DynamicResolution | Dynamic Resolution |
| EndpointDenialOfService | Endpoint Denial of Service |
| EventTriggeredExecution | Event Triggered Execution |
| ExfiltrationOverAlternativeProtocol | Exfiltration Over Alternative Protocol |
| ExploitationForClientExecution | Exploitation for Client Execution |
| ExploitationForCredentialAccess | Exploitation for Credential Access |
| ExploitationForDefenseEvasion | Exploitation for Defense Evasion |
| ExploitationForPrivilegeEscalation | Exploitation for Privilege Escalation |
| ExploitationOfRemoteServices | Exploitation of Remote Services |
| ExploitPublicFacingApplication | Exploit Public-Facing Application |
| ExternalRemoteServices | External Remote Services |
| FallbackChannels | Fallback Channels |
| FileAndDirectoryDiscovery | File and Directory Discovery |
| FileAndDirectoryPermissionsModification | File and Directory Permissions Modification |
| GatherVictimNetworkInformation | Gather Victim Network Information |
| HideArtifacts | Hide Artifacts |
| HijackExecutionFlow | Hijack Execution Flow |
| ImpairDefenses | Impair Defenses |
| ImplantContainerImage | Implant Container Image |
| IndicatorRemovalOnHost | Indicator Removal on Host |
| IndirectCommandExecution | Indirect Command Execution |
| IngressToolTransfer | Ingress Tool Transfer |
| InputCapture | Input Capture |
| InterProcessCommunication | Inter-Process Communication |
| LateralToolTransfer | Lateral Tool Transfer |
| ManInTheMiddle | Man-in-the-Middle |
| Masquerading | Masquerading |
| ModifyAuthenticationProcess | Modify Authentication Process |
| ModifyRegistry | Modify Registry |
| NetworkDenialOfService | Network Denial of Service |
| NetworkServiceScanning | Network Service Scanning |
| NetworkSniffing | Network Sniffing |
| NonApplicationLayerProtocol | Non-Application Layer Protocol |
| NonStandardPort | Non-Standard Port |
| ObfuscatedFilesOrInformation | Obfuscated Files or Information |
| ObtainCapabilities | Obtain Capabilities |
| OfficeApplicationStartup | Office Application Startup |
| OSCredentialDumping | OS Credential Dumping |
| PermissionGroupsDiscovery | Permission Groups Discovery |
| Phishing | Phishing |
| PreOSBoot | Pre-OS Boot |
| ProcessDiscovery | Process Discovery |
| ProcessInjection | Process Injection |
| ProtocolTunneling | Protocol Tunneling |
| Proxy | Proxy |
| QueryRegistry | Query Registry |
| RemoteAccessSoftware | Remote Access Software |
| RemoteServices | Remote Services |
| RemoteServiceSessionHijacking | Remote Service Session Hijacking |
| RemoteSystemDiscovery | Remote System Discovery |
| ResourceHijacking | Resource Hijacking |
| ScheduledTaskJob | Scheduled Task/Job |
| ScreenCapture | Screen Capture |
| SearchVictimOwnedWebsites | Search Victim-Owned Websites |
| ServerSoftwareComponent | Server Software Component |
| ServiceStop | Service Stop |
| SignedBinaryProxyExecution | Signed Binary Proxy Execution |
| SoftwareDeploymentTools | Software Deployment Tools |
| SQLStoredProcedures | SQL Stored Procedures |
| StealOrForgeKerberosTickets | Steal or Forge Kerberos Tickets |
| SubvertTrustControls | Subvert Trust Controls |
| SupplyChainCompromise | Supply Chain Compromise |
| SystemInformationDiscovery | System Information Discovery |
| TaintSharedContent | Taint Shared Content |
| TrafficSignaling | Traffic Signaling |
| TransferDataToCloudAccount | Transfer Data to Cloud Account |
| TrustedRelationship | Trusted Relationship |
| UnsecuredCredentials | Unsecured Credentials |
| UserExecution | User Execution |
| ValidAccounts | Valid Accounts |
| WindowsManagementInstrumentation | Windows Management Instrumentation |