MITRE ATT&CK

Check out the documentation for the MITRE ATT&CK report as well.

The Monkey maps its actions to the MITRE ATT&CK knowledge base and based on this, provides a report detailing the techniques it used and recommended mitigations. The idea is to help you simulate an APT attack on your network and mitigate real attack paths intelligently.

In the following table we provide the list of all the ATT&CK techniques the Monkey provides info about, categorized by tactic. You can follow any of the links to learn more about a specific technique or tactic.

TACTIC TECHNIQUES
Execution Command-line Interface
Execution Through Module Load
Execution Through API
Powershell
Scripting
Service Execution
Trap
Persistence .bash_profile & .bashrc
Create Account
Hidden Files & Directories
Local Job Scheduling
Powershell Profile
Scheduled Task
Setuid & Setgid
Defence Evasion BITS Job
Clear Command History
File Deletion
File Permissions Modification
Timestomping
Signed Script Proxy Execution
Credential Access Brute Force
Credential Dumping
Private Keys
Discovery Account Discovery
Remote System Discovery
System Information Discovery
System Network Configuration Discovery
Lateral Movement Exploitation Of Remote Services
Pass The Hash
Remote File Copy
Remote Services
Collection Data From Local System
Command And Control Connection Proxy
Uncommonly Used Port
Multi-hop Proxy
Exfiltration Exfiltration Over Command And Control Channel