Confucius

T1003.001 T1005 - Data from Local System T1016 - System Network Configuration Discovery T1027 - Obfuscated Files or Information T1033 - System Owner/User Discovery T1036 - Masquerading T1041 - Exfiltration Over C2 Channel T1053 - Scheduled Task/Job T1053.005 - Scheduled Task T1055 - Process Injection T1057 - Process Discovery T1059 - Command and Scripting Interpreter T1059.001 - PowerShell T1059.003 T1059.005 T1059.006 - Python T1068 - Exploitation for Privilege Escalation T1071 T1071.001 - Web Protocols T1074 - Data Staged T1078 - Valid Accounts T1082 - System Information Discovery T1083 - File and Directory Discovery T1102 - Web Service T1105 - Ingress Tool Transfer T1112 - Modify Registry T1113 - Screen Capture T1119 T1162 - Login Item T1190 - Exploit Public-Facing Application T1195 - Supply Chain Compromise T1203 T1204 - User Execution T1204.001 T1204.002 - Malicious File T1213 - Data from Information Repositories T1218 - Signed Binary Proxy Execution T1218.005 - Mshta T1218.011 - Rundll32 T1221 T1486 - Data Encrypted for Impact T1490 - Inhibit System Recovery T1497.001 - System Checks T1547 - Boot or Logon Autostart Execution T1547.001 - Registry Run Keys / Startup Folder T1550.002 - Pass the Hash T1553.002 - Code Signing T1555 - Credentials from Password Stores T1555.003 - Credentials from Web Browsers T1557 - Man-in-the-Middle T1562.001 - Disable or Modify Tools T1566 - Phishing T1566.001 - Spearphishing Attachment T1566.002 - Spearphishing Link T1567 T1567.002 T1568.002 - Domain Generation Algorithms T1569 - System Services T1573.001 - Symmetric Cryptography T1574.001 - DLL Search Order Hijacking T1574.002 - DLL Side-Loading T1583 T1583.006 T1680