Prophet Spider

T1003 - OS Credential Dumping T1016 - System Network Configuration Discovery T1018 - Remote System Discovery T1021 - Remote Services T1027 T1033 - System Owner/User Discovery T1036 - Masquerading T1046 - Network Service Scanning T1047 - Windows Management Instrumentation T1048 - Exfiltration Over Alternative Protocol T1049 - System Network Connections Discovery T1053 - Scheduled Task/Job T1057 - Process Discovery T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation T1069 - Permission Groups Discovery T1070 - Indicator Removal on Host T1070.004 T1071 - Application Layer Protocol T1071.001 T1078 - Valid Accounts T1082 - System Information Discovery T1083 - File and Directory Discovery T1087 - Account Discovery T1090 - Proxy T1095 - Non-Application Layer Protocol T1098 - Account Manipulation T1105 - Ingress Tool Transfer T1112 - Modify Registry T1134 - Access Token Manipulation T1135 - Network Share Discovery T1136 - Create Account T1140 - Deobfuscate/Decode Files or Information T1187 - Forced Authentication T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application T1197 - BITS Jobs T1210 - Exploitation of Remote Services T1217 - Browser Bookmark Discovery T1482 - Domain Trust Discovery T1486 T1490 - Inhibit System Recovery T1505 - Server Software Component T1543 - Create or Modify System Process T1560 - Archive Collected Data T1566 T1567 - Exfiltration Over Web Service T1569 - System Services T1572 - Protocol Tunneling T1587 - Develop Capabilities