Exploit Public-Facing Application
Rootkit
Obfuscated Files or Information
Web Service
Unix Shell
System Information Discovery
Application Layer Protocol
Ingress Tool Transfer
Compute Hijacking
Compile After Delivery
Dynamic Linker Hijacking
Hidden Files and Directories
Cron
Python
Network Service Discovery
Portable Executable Injection
Dead Drop Resolver
Boot or Logon Initialization Scripts
Software Packing
Registry Run Keys / Startup Folder
Linux and Mac Permissions
Process Discovery
Systemd Service
Remote System Discovery
Disable or Modify System Firewall
Deobfuscate/Decode Files or Information
Clear Linux or Mac System Logs
Private Keys
File Deletion
Web Protocols
Disable or Modify Tools
Non-Standard Port
SSH
Timestomp
Match Legitimate Resource Name or Location
Security Software Discovery