Curly COMrades

T1003 - OS Credential Dumping T1021 - Remote Services T1021.002 - SMB/Windows Admin Shares T1021.004 - SSH T1027 - Obfuscated Files or Information T1036 - Masquerading T1053.003 - Cron T1055 - Process Injection T1059 - Command and Scripting Interpreter T1059.001 - PowerShell T1059.003 T1069.002 - Domain Groups T1078 - Valid Accounts T1090 - Proxy T1098 - Account Manipulation T1102 - Web Service T1105 - Ingress Tool Transfer T1133 - External Remote Services T1136 - Create Account T1136.001 - Local Account T1204 - User Execution T1204.001 T1212 - Exploitation for Credential Access T1213 - Data from Information Repositories T1482 - Domain Trust Discovery T1505.003 - Web Shell T1543.003 - Windows Service T1547.006 - Kernel Modules and Extensions T1550.003 - Pass the Ticket T1553.003 - SIP and Trust Provider Hijacking T1554 - Compromise Client Software Binary T1566.002 T1569.002 - Service Execution T1571 - Non-Standard Port T1572 - Protocol Tunneling