Obfuscated Files or Information
Web Shell
Exploit Public-Facing Application
Tool
Match Legitimate Resource Name or Location
Dynamic-link Library Injection
Ingress Tool Transfer
Local Data Staging
Network Service Discovery
System Network Connections Discovery
Peripheral Device Discovery
Non-Application Layer Protocol
DLL
Malware
Masquerade Task or Service