Reconnaissance
Techniques for information gathering and target profiling.
Resource Development
Building resources and assets used to support operations.
Initial Access
Methods for gaining initial foothold inside target environment.
Execution
Techniques that execute adversary-controlled code on a system.
Persistence
Ways adversaries maintain persistent access to victim systems.
Privilege Escalation
Techniques used to gain higher-level permissions.
Defense Evasion
Methods to avoid detection by security tools and defenders.
Credential Access
Techniques to obtain credentials from systems and users.
Discovery
Techniques used to map and discover networks and resources.
Lateral Movement
Ways attackers move through a network after initial access.
Collection
Gathering data of interest from target systems.
Command and Control
Infrastructure and methods to control compromised hosts.
Exfiltration
Techniques for removing data from a target environment.
Impact
Techniques that manipulate, disrupt or destroy systems and data.