mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
chg: [cmtmf-attack-pattern] various fixes to make JSON ok
This commit is contained in:
parent
7b587710b1
commit
ae7b7bd47d
2 changed files with 105 additions and 132 deletions
|
@ -21,7 +21,7 @@
|
|||
"external_id": "T0001",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:reconnaissance"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "92ac46f5-4356-427a-8863-2de3f974713f",
|
||||
"value": "Active Scanning"
|
||||
|
@ -32,7 +32,7 @@
|
|||
"external_id": "T0002",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:reconnaissance"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "dd601586-1102-4084-80ad-a6776d8e46b0",
|
||||
"value": "Gather UE Identity Information"
|
||||
|
@ -43,7 +43,7 @@
|
|||
"external_id": "T0003",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:reconnaissance"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "f43b9606-aa17-4c51-a26c-6bdba0440e4a",
|
||||
"value": "Gather UE Network Information"
|
||||
|
@ -54,7 +54,7 @@
|
|||
"external_id": "T0004",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:reconnaissance"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "668a9ba5-9bd2-4e51-ad7d-0846d992723b",
|
||||
"value": "Phishing for Information"
|
||||
|
@ -65,7 +65,7 @@
|
|||
"external_id": "T0005",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:reconnaissance"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "d0140441-ebe0-4508-8572-ab91aa237980",
|
||||
"value": "Social Media Reports"
|
||||
|
@ -76,7 +76,7 @@
|
|||
"external_id": "T0006",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:resource-development"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "a0224c49-b049-40eb-8012-e723c76aa841",
|
||||
"value": "Develop Capabilities"
|
||||
|
@ -87,7 +87,7 @@
|
|||
"external_id": "T0007",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:resource-development"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "37fc2d12-0e65-4e6c-a55f-0a24f818c6cb",
|
||||
"value": "Obtain Capabilities"
|
||||
|
@ -98,7 +98,7 @@
|
|||
"external_id": "T0008",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:resource-development"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "71f1f231-f14b-417d-aa5b-dd0bcb76eefb",
|
||||
"value": "Stage Capabilities"
|
||||
|
@ -109,7 +109,7 @@
|
|||
"external_id": "T0009",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:resource-development"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "eb793a3a-ca08-43ea-bf56-da4d06d5f273",
|
||||
"value": "Compromise Accounts"
|
||||
|
@ -120,10 +120,10 @@
|
|||
"external_id": "T0010",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:resource-development"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "51060d01-ef29-40ab-8965-8031d0941811",
|
||||
"value": "Aquire Infrastructure"
|
||||
"value": "Acquire Infrastructure"
|
||||
},
|
||||
{
|
||||
"description": "TBD",
|
||||
|
@ -131,7 +131,7 @@
|
|||
"external_id": "T0011",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:resource-development"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "53e344f4-fa6c-4d42-9c65-1ffe1e093120",
|
||||
"value": "Compromise Infrastructure"
|
||||
|
@ -142,7 +142,7 @@
|
|||
"external_id": "T0012",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "92ac46f5-4356-427a-8863-2de3f974713f",
|
||||
"value": "Exploit Public-Facing Application"
|
||||
|
@ -153,7 +153,7 @@
|
|||
"external_id": "T0013",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "dd601586-1102-4084-80ad-a6776d8e46b0",
|
||||
"value": "Malicious App from App Store"
|
||||
|
@ -164,7 +164,7 @@
|
|||
"external_id": "T0014",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "f43b9606-aa17-4c51-a26c-6bdba0440e4a",
|
||||
"value": "Malicious App from Third Party"
|
||||
|
@ -175,7 +175,7 @@
|
|||
"external_id": "T0015",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "668a9ba5-9bd2-4e51-ad7d-0846d992723b",
|
||||
"value": "Install Insecure or Malicious Configuration"
|
||||
|
@ -186,7 +186,7 @@
|
|||
"external_id": "T0016",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "d0140441-ebe0-4508-8572-ab91aa237980",
|
||||
"value": "Masquerade as Legitimate Application"
|
||||
|
@ -197,7 +197,7 @@
|
|||
"external_id": "T0017",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "a0224c49-b049-40eb-8012-e723c76aa841",
|
||||
"value": "Exploit via Charging Station or PC"
|
||||
|
@ -208,7 +208,7 @@
|
|||
"external_id": "T0018",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "37fc2d12-0e65-4e6c-a55f-0a24f818c6cb",
|
||||
"value": "Exploit via Radio Interfaces"
|
||||
|
@ -219,7 +219,7 @@
|
|||
"external_id": "T0019",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "71f1f231-f14b-417d-aa5b-dd0bcb76eefb",
|
||||
"value": "Rogue Cellular Base Station"
|
||||
|
@ -230,7 +230,7 @@
|
|||
"external_id": "T0020",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "eb793a3a-ca08-43ea-bf56-da4d06d5f273",
|
||||
"value": "Insider attacks and human errors"
|
||||
|
@ -241,7 +241,7 @@
|
|||
"external_id": "T0021",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "2781ceb6-fff9-4e0e-8e58-4c970911f87a",
|
||||
"value": "Trusted Relationship"
|
||||
|
@ -252,7 +252,7 @@
|
|||
"external_id": "T0022",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:initial-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "fa6f94a8-d5f9-462a-883c-f5e4317a54dd",
|
||||
"value": "Supply Chain Compromise"
|
||||
|
@ -263,7 +263,7 @@
|
|||
"external_id": "T0023",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:execution"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "870e8141-ad9a-435e-bf10-835d96348973",
|
||||
"value": "Native Code"
|
||||
|
@ -274,7 +274,7 @@
|
|||
"external_id": "T0024",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:execution"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "7ac81844-d442-4d93-b922-59a44ca79454",
|
||||
"value": "Scheduled Task/Job"
|
||||
|
@ -285,7 +285,7 @@
|
|||
"external_id": "T0025",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:execution"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "c1cffc56-217e-42cb-8330-49269dde8054",
|
||||
"value": "Command-Line Interface"
|
||||
|
@ -296,7 +296,7 @@
|
|||
"external_id": "T0026",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:execution"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "a47e9e97-87f9-450e-84f0-ca628a33d0ce",
|
||||
"value": "Command and Scripting Interpreter"
|
||||
|
@ -307,7 +307,7 @@
|
|||
"external_id": "T0027",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:persistence"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "3b3c1a0b-512c-44a7-93ea-1f64501acb4d",
|
||||
"value": "Boot or Logon Autostart Execution"
|
||||
|
@ -318,7 +318,7 @@
|
|||
"external_id": "T0028",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:persistence"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "2cb0bb08-0ded-410d-b0de-baa5b6e65bf7",
|
||||
"value": "Foreground Persistence"
|
||||
|
@ -329,7 +329,7 @@
|
|||
"external_id": "T0029",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:persistence"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "8f908951-f95f-4c23-bda1-124030df1478",
|
||||
"value": "Modify Cached Executable Code"
|
||||
|
@ -340,7 +340,7 @@
|
|||
"external_id": "T0030",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:persistence"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "5dfc5ad7-ee6b-462b-ad51-4656c2f75003",
|
||||
"value": "Modify Trusted Execution Environment"
|
||||
|
@ -351,7 +351,7 @@
|
|||
"external_id": "T0031",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:persistence"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "387d2448-73de-4d17-a236-1264c7d4b4d5",
|
||||
"value": "Schedule Task/Job"
|
||||
|
@ -362,7 +362,7 @@
|
|||
"external_id": "T0032",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:persistence"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "981fc4a0-f704-42d5-b938-e6d0428177d3",
|
||||
"value": "Compromise Application Executable"
|
||||
|
@ -373,7 +373,7 @@
|
|||
"external_id": "T0033",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:persistence"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "ad487281-8e08-432e-ac8c-1012c1bd15e3",
|
||||
"value": "Modify OS Kernel or Boot Partition"
|
||||
|
@ -384,7 +384,7 @@
|
|||
"external_id": "T0034",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:persistence"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "885fb448-33de-4223-b1ec-1c03a2e2f599",
|
||||
"value": "Event Triggered Execution"
|
||||
|
@ -395,7 +395,7 @@
|
|||
"external_id": "T0035",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:persistence"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "de82ce3e-bbaf-4bbb-aa93-5a67d476c867",
|
||||
"value": "Spoofed radio network"
|
||||
|
@ -406,7 +406,7 @@
|
|||
"external_id": "T0036",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:persistence"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "e999a2f8-96cc-41b4-8199-66afc4e19919",
|
||||
"value": "Infecting network nodes"
|
||||
|
@ -417,7 +417,7 @@
|
|||
"external_id": "T0037",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:privilege-escalation"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "7b487a20-faa0-441d-8e31-44d872d12b3d",
|
||||
"value": "Code Injection"
|
||||
|
@ -428,7 +428,7 @@
|
|||
"external_id": "T0038",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:privilege-escalation"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "5ce17e6a-44aa-415a-864e-c7b45409350e",
|
||||
"value": "Process Injection"
|
||||
|
@ -439,7 +439,7 @@
|
|||
"external_id": "T0039",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:privilege-escalation"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "ba7ec530-57d1-42ea-94ce-32922d3a82b8",
|
||||
"value": "Schedule Task/Job"
|
||||
|
@ -450,7 +450,7 @@
|
|||
"external_id": "T0040",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "546cf539-733a-45d2-b112-297e920bdfe5",
|
||||
"value": "Masquerading"
|
||||
|
@ -461,7 +461,7 @@
|
|||
"external_id": "T0041",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "59111ac3-8f51-4974-b72d-51ae64902b3d",
|
||||
"value": "Disguise Root/Jailbreak Indicators"
|
||||
|
@ -472,7 +472,7 @@
|
|||
"external_id": "T0042",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "20b446a7-214f-4709-80d3-6c1426b57a00",
|
||||
"value": "Evade Analysis Environment"
|
||||
|
@ -483,7 +483,7 @@
|
|||
"external_id": "T0043",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "2ce9d395-501f-4b7c-9106-14ac33c27765",
|
||||
"value": "Modify Trusted Execution Environment"
|
||||
|
@ -494,7 +494,7 @@
|
|||
"external_id": "T0044",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "2e04955b-296a-43cd-8994-ccd7ae882230",
|
||||
"value": "Obfuscated Files or Information"
|
||||
|
@ -505,7 +505,7 @@
|
|||
"external_id": "T0045",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "9b6de21d-8583-4efd-bcbc-3aa66b9dbf68",
|
||||
"value": "Suppress Application Icon"
|
||||
|
@ -516,7 +516,7 @@
|
|||
"external_id": "T0046",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "d166bb9a-63d0-4555-a571-eeaef97a39d1",
|
||||
"value": "Uninstall Malicious Application"
|
||||
|
@ -527,7 +527,7 @@
|
|||
"external_id": "T0047",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "173d8221-a5b4-4efa-b3aa-902c6e7b7ead",
|
||||
"value": "Install Insecure or Malicious Configuration"
|
||||
|
@ -538,7 +538,7 @@
|
|||
"external_id": "T0048",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "a0ffe349-849b-4c6e-9f4c-10eef819d124",
|
||||
"value": "Geofencing"
|
||||
|
@ -549,7 +549,7 @@
|
|||
"external_id": "T0049",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "8b204308-e643-4fdb-a337-92d372bd917a",
|
||||
"value": "Shutdown Remote Device"
|
||||
|
@ -560,7 +560,7 @@
|
|||
"external_id": "T0050",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "f301abc6-6590-4ab2-93ef-d8ca435179c4",
|
||||
"value": "Exploitation for Defense Evasion"
|
||||
|
@ -571,7 +571,7 @@
|
|||
"external_id": "T0051",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "cf685f28-fc43-4cf6-b91c-9dbcc42ddc02",
|
||||
"value": "Security Audit Camouflage"
|
||||
|
@ -582,7 +582,7 @@
|
|||
"external_id": "T0052",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "30e03f2f-ae68-436f-b677-e41457def8ac",
|
||||
"value": "Overload Avoidance"
|
||||
|
@ -593,7 +593,7 @@
|
|||
"external_id": "T0053",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:defense-evasion"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "36d3aadd-48e6-49e3-89b7-894074179059",
|
||||
"value": "Traffic Distribution"
|
||||
|
@ -604,7 +604,7 @@
|
|||
"external_id": "T0054",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:credential-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "e26c80cd-6c94-4a17-bef6-272d5fdeec0d",
|
||||
"value": "URI Hijacking"
|
||||
|
@ -615,7 +615,7 @@
|
|||
"external_id": "T0055",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:credential-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "c32c2fb2-056d-4b4f-a44d-1728858f6aeb",
|
||||
"value": "Access Sensitive Data in Device Logs"
|
||||
|
@ -626,7 +626,7 @@
|
|||
"external_id": "T0056",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:credential-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "eed66957-03d7-472e-bfce-7fbc833295af",
|
||||
"value": "Modify Authentication Process"
|
||||
|
@ -637,7 +637,7 @@
|
|||
"external_id": "T0057",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:credential-access"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "5f26a03f-b603-46b1-a8ee-91eb02023059",
|
||||
"value": "Forced Authentication"
|
||||
|
@ -648,7 +648,7 @@
|
|||
"external_id": "T0058",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:discovery"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "941608a1-3058-465f-91f0-ee4f2a40f81e",
|
||||
"value": "System Network Connections Discovery"
|
||||
|
@ -659,7 +659,7 @@
|
|||
"external_id": "T0059",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:discovery"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "6e9807b1-2505-4ebe-a6f9-3348d3d60a2c",
|
||||
"value": "UE knocking"
|
||||
|
@ -670,7 +670,7 @@
|
|||
"external_id": "T0060",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:discovery"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "eb40555d-aa7b-42d3-b998-b613460818b1",
|
||||
"value": "Internal Resource Search"
|
||||
|
@ -681,7 +681,7 @@
|
|||
"external_id": "T0061",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:discovery"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "0753376d-1027-451a-b398-35e2700722d4",
|
||||
"value": "Network Sniffing"
|
||||
|
@ -692,7 +692,7 @@
|
|||
"external_id": "T0062",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:lateral-movement"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "c026638d-2c10-45f2-a52b-3c82e06f3355",
|
||||
"value": "Rogue Cellular Base Station"
|
||||
|
@ -703,7 +703,7 @@
|
|||
"external_id": "T0063",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:lateral-movement"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "3a40f88e-bcf8-4b6e-919f-229ee48b5a1a",
|
||||
"value": "Abusing Inter-working Functionalities"
|
||||
|
@ -714,7 +714,7 @@
|
|||
"external_id": "T0064",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:lateral-movement"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "5210f87e-7111-4f42-a941-de7649378670",
|
||||
"value": "Replication Through SMS"
|
||||
|
@ -725,7 +725,7 @@
|
|||
"external_id": "T0065",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:lateral-movement"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "ef3eb056-73fa-405b-aa8c-f1777454c1c5",
|
||||
"value": "Replication Through Bluetooth"
|
||||
|
@ -736,7 +736,7 @@
|
|||
"external_id": "T0066",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:lateral-movement"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "87ced388-2de0-4a71-b4b7-18de07d7aab7",
|
||||
"value": "Replication Through WLAN"
|
||||
|
@ -747,7 +747,7 @@
|
|||
"external_id": "T0067",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:lateral-movement"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "c27db767-e8fa-4ff6-afe2-2b311bf6401d",
|
||||
"value": "Replication Through IP"
|
||||
|
@ -758,7 +758,7 @@
|
|||
"external_id": "T0068",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:lateral-movement"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "063e1ff2-0af8-4431-b886-83463c5880a8",
|
||||
"value": "Exploit platform & service specific vulnerabilites"
|
||||
|
@ -769,7 +769,7 @@
|
|||
"external_id": "T0069",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:collection"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "2b5fd58f-09b6-4af9-a3d5-21e65617bf6f",
|
||||
"value": "Access Sensitive Data in Device Logs"
|
||||
|
@ -780,7 +780,7 @@
|
|||
"external_id": "T0070",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:collection"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "831eb5b3-bcd9-4a1e-b587-bc0b4dc42059",
|
||||
"value": "Network Traffic Capture or Redirection"
|
||||
|
@ -791,7 +791,7 @@
|
|||
"external_id": "T0071",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:collection"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "39aff570-7266-40d3-975e-a63838404a67",
|
||||
"value": "Network-specific identifiers"
|
||||
|
@ -802,7 +802,7 @@
|
|||
"external_id": "T0072",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:collection"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "b706e308-6c75-457f-9d9f-fff37c60e1db",
|
||||
"value": "Network-specific data"
|
||||
|
@ -813,7 +813,7 @@
|
|||
"external_id": "T0073",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "17983470-8ddb-47d2-9675-e25371a1b1ad",
|
||||
"value": "Application Layer Protocol"
|
||||
|
@ -824,7 +824,7 @@
|
|||
"external_id": "T0074",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "0e114cd1-0f0e-4d5d-88e6-e7e31bb6040f",
|
||||
"value": "Communication via SMS"
|
||||
|
@ -835,7 +835,7 @@
|
|||
"external_id": "T0075",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "6581316b-abab-4791-8821-92837688ec7f",
|
||||
"value": "Communication via Bluetooth"
|
||||
|
@ -846,7 +846,7 @@
|
|||
"external_id": "T0076",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "99743297-6bd4-467e-8fca-841b43c88dd2",
|
||||
"value": "Communication via WLAN"
|
||||
|
@ -857,7 +857,7 @@
|
|||
"external_id": "T0077",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "284abb74-49be-4a51-85a0-a1f68286bca7",
|
||||
"value": "Exploit SS7 to Redirect Phone Calls/SMS"
|
||||
|
@ -868,7 +868,7 @@
|
|||
"external_id": "T0078",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "e6e16b6f-c692-4b21-8eb0-6c2890d6e28a",
|
||||
"value": "Exploit SS7 to Track Device Location"
|
||||
|
@ -879,7 +879,7 @@
|
|||
"external_id": "T0079",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "85e2973b-8b37-4811-9406-f0c4db9fe44d",
|
||||
"value": "SS7-based attacks"
|
||||
|
@ -890,7 +890,7 @@
|
|||
"external_id": "T0080",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "89005def-29bc-44cf-8002-e781b1596b1f",
|
||||
"value": "Diameter-based attacks"
|
||||
|
@ -901,7 +901,7 @@
|
|||
"external_id": "T0081",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "3d4c4144-9a7e-4e92-9a10-731a31013628",
|
||||
"value": "GTP-based attacks"
|
||||
|
@ -912,7 +912,7 @@
|
|||
"external_id": "T0082",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "47a84cf2-839e-4ff1-9de5-ee3314a5e173",
|
||||
"value": "NAS-based attacks"
|
||||
|
@ -923,7 +923,7 @@
|
|||
"external_id": "T0083",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "c474ff9d-92e5-47c3-af19-4fcb85827fa1",
|
||||
"value": "MEC-based attacks"
|
||||
|
@ -934,7 +934,7 @@
|
|||
"external_id": "T0084",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:command-and-control"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "3f76efaa-8881-4dab-ae50-d298206301ab",
|
||||
"value": "Network Slice"
|
||||
|
@ -945,7 +945,7 @@
|
|||
"external_id": "T0085",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:exfiltration"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "670cd16f-50a3-4fd3-8ca5-31bfaa1fd5ff",
|
||||
"value": "Automated Exfiltration"
|
||||
|
@ -956,7 +956,7 @@
|
|||
"external_id": "T0086",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:exfiltration"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "d5f814f7-a53c-4747-b780-bd8e43364648",
|
||||
"value": "Data Encrypted"
|
||||
|
@ -967,7 +967,7 @@
|
|||
"external_id": "T0087",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:exfiltration"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "ab3f1c6a-2b14-44e4-b27b-3b482204977f",
|
||||
"value": "Alternate Network Mediums"
|
||||
|
@ -978,7 +978,7 @@
|
|||
"external_id": "T0088",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "ae23f6b2-5c3a-4d0c-9fd7-cacffcc0f08b",
|
||||
"value": "Data Manipulation"
|
||||
|
@ -989,7 +989,7 @@
|
|||
"external_id": "T0089",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "b82d3bbc-7fa0-4e48-8075-76bc22f80503",
|
||||
"value": "Endpoint Denial of Service"
|
||||
|
@ -1000,7 +1000,7 @@
|
|||
"external_id": "T0090",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "ba42942b-7f37-4ff2-8fc8-0b640add131e",
|
||||
"value": "Carrier Billing Fraud"
|
||||
|
@ -1011,7 +1011,7 @@
|
|||
"external_id": "T0091",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "8f9ca72c-757c-4691-a779-921605c88a46",
|
||||
"value": "SMS Fraud"
|
||||
|
@ -1022,7 +1022,7 @@
|
|||
"external_id": "T0092",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "73b37857-106b-40cc-b539-00fe1b8aefe3",
|
||||
"value": "Manipulate Device Communication"
|
||||
|
@ -1033,7 +1033,7 @@
|
|||
"external_id": "T0093",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "b4682597-2daf-4ab2-b333-6af83de0771b",
|
||||
"value": "Jamming or Denial of Service"
|
||||
|
@ -1044,7 +1044,7 @@
|
|||
"external_id": "T0094",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "93ead55c-9397-4a5b-aa37-2bf93fa9e1d0",
|
||||
"value": "Rogue Cellular Base Station"
|
||||
|
@ -1055,7 +1055,7 @@
|
|||
"external_id": "T0095",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "9df725d7-fe97-42da-9be8-da248393a5fa",
|
||||
"value": "Location Tracking"
|
||||
|
@ -1066,7 +1066,7 @@
|
|||
"external_id": "T0096",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "7d89bb73-00e6-436c-96d6-f444b8f2ac15",
|
||||
"value": "Identity Exploit"
|
||||
|
@ -1077,7 +1077,7 @@
|
|||
"external_id": "T0097",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "1ca0fa6e-0484-4e4f-a10e-857225bd4819",
|
||||
"value": "Network Denial of Service"
|
||||
|
@ -1088,7 +1088,7 @@
|
|||
"external_id": "T0098",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "0b6e114b-2ded-4bc5-84d2-25cc81e8724a",
|
||||
"value": "Resource Hijacking"
|
||||
|
@ -1099,7 +1099,7 @@
|
|||
"external_id": "T0099",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "939f6c9d-bdb4-4877-89f0-716e346ef012",
|
||||
"value": "SLA Breach"
|
||||
|
@ -1110,11 +1110,11 @@
|
|||
"external_id": "T0100",
|
||||
"kill_chain": [
|
||||
"cmtmf-attack:impact"
|
||||
],
|
||||
]
|
||||
},
|
||||
"uuid": "75c4e3c7-8501-446d-b362-4134d035f7fa",
|
||||
"value": "Customer Churn"
|
||||
},
|
||||
],
|
||||
"version": 4
|
||||
}
|
||||
],
|
||||
"version": 5
|
||||
}
|
||||
|
|
|
@ -1,27 +0,0 @@
|
|||
{
|
||||
"description": "CONCORDIA Mobile Threat Modeling Framework - Tactics",
|
||||
"icon": "",
|
||||
"kill_chain_order": {
|
||||
"cmtmf-attack": [
|
||||
"reconnaissance",
|
||||
"resource-development"
|
||||
"initial-access",
|
||||
"execution",
|
||||
"persistence",
|
||||
"privilege-escalation",
|
||||
"defense-evasion",
|
||||
"credential-access",
|
||||
"discovery",
|
||||
"lateral-movement",
|
||||
"collection",
|
||||
"command-and-control",
|
||||
"exfiltration",
|
||||
"impact"
|
||||
]
|
||||
},
|
||||
"name": "CONCORDIA Mobile Threat Modelling Framework - Attack Pattern",
|
||||
"namespace": "cmtmf-attack",
|
||||
"type": "cmtmf-attack-pattern",
|
||||
"uuid": "51060d01-ef29-40ab-8965-8031d0941811",
|
||||
"version": 1
|
||||
}
|
Loading…
Reference in a new issue