FortiTester ATT&CK DB Ver

Name ATT&CK Tactics & Techniques Status Update
log4j_attack_simulation Execution:
Exploitation for Client Execution


Add
This step uses Apache Log4j security vulnerabilities(CVE-2021-44832) to try to establish a reverse connection.
dump_LSASS_with_Net5 Credential Access:
Credential Dumping


Add
This step uses createdump.exe to dump LSASS.
exfiltrate_data_via_HTTPS Exfiltration:
Exfiltration Over Alternative Protocol


Add
This step creates a test file on the target machine and uploads it to file share website file.io.
steganography Defense Evasion:
Obfuscated Files or Information


Add
This step embeds a PowerShell script in an image.
bits_download_using_desktopimgdownldr Defense Evasion:
BITS Jobs


Add
This step simulates using destopimgdwnldr.exe to download a file.
enumerate_credentials_via_vaultcmd Credential Access:
Credentials in Files


Add
This step will enumerate credentials stored in Windows&Web Credentials vault of Windows Credential Manager using builtin utility vaultcmd.exe.