MITRE ATT&CK Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Drive-by Compromise	User Execution	.bash_profile and .bashrc	Hooking	Hidden Files and Directories	Account Manipulation	Account Discovery	AppleScript	Audio Capture	Commonly Used Port	Standard Application Layer Protocol	Data Destruction
Exploit Public-Facing Application	CMSTP	Accessibility Features	Accessibility Features	File Deletion	Bash History	Application Window Discovery	Application Deployment Software	Automated Collection	Communication Through Removable Media	Data Compressed	Data Encrypted for Impact
External Remote Services	Command-Line Interface	Account Manipulation	AppCert DLLs	Hidden Window	Brute Force	Browser Bookmark Discovery	Distributed Component Object Model	Clipboard Data	Connection Proxy	Data Encrypted	Defacement
Hardware Additions	PowerShell	Component Firmware	AppInit DLLs	Process Injection	Credential Dumping	Domain Trust Discovery	Exploitation of Remote Services	Data Staged	Custom Command and Control Protocol	Data Transfer Size Limits	Disk Content Wipe
Replication Through Removable Media	Execution through API	Registry Run Keys	Application Shimming	Modify Registry	Credentials in Files	File and Directory Discovery	Logon Scripts	Data from Information Repositories	Custom Cryptographic Protocol	Exfiltration Over Alternative Protocol	Disk Structure Wipe
		Bootkit	DLL Search Order Hijacking	Disabling Security Tools		Security Software Discovery	Replication Through Removable Media		Uncommonly Used Port
		New Service		Masquerading					Remote File Copy
		Modify Existing Service		Indicator Removal from Tools
				Software Packing