diff --git a/index.html b/index.html new file mode 100644 index 0000000..5ff6990 --- /dev/null +++ b/index.html @@ -0,0 +1,38 @@ + +

Tactics List

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpactFraud
+ \ No newline at end of file diff --git a/tactic-TA0001.html b/tactic-TA0001.html new file mode 100644 index 0000000..eb72ba7 --- /dev/null +++ b/tactic-TA0001.html @@ -0,0 +1,85 @@ + +

Tactic:Initial Access

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
MNO Roaming Partnersno +
Unauthorized access to Network Exposure Function (NEF) via token fraudno +
Supply Chain Compromiseno +
Cloud Accountsno +
SIM Credential Theftno +
Protocol Tunnelingno +
Exploit Public-Facing Applicationno +
Compromise Service Supply Chainno +
Exploit Semi-public Facing Applicationno +
UE Access via GTP-Uno +
Radio control manipulation via rogue xAppsno +
Compromise Software Supply Chainno +
Compromise Hardware Supply Chainno +
Trusted Relationshipno +
Valid Accountsno +
+ \ No newline at end of file diff --git a/tactic-TA0002.html b/tactic-TA0002.html new file mode 100644 index 0000000..38412be --- /dev/null +++ b/tactic-TA0002.html @@ -0,0 +1,55 @@ + +

Tactic:Execution

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Registration of malicious network functionsno +
Software Deployment Toolsno +
gNodeB Component Manipulationno +
RAN Intelligent Controller (RIC)no +
xAppno +
rAppno +
Over-the-Air Inputno +
Baseband APIno +
Exploitation for Client Executionno +
+ \ No newline at end of file diff --git a/tactic-TA0003.html b/tactic-TA0003.html new file mode 100644 index 0000000..ddc137f --- /dev/null +++ b/tactic-TA0003.html @@ -0,0 +1,40 @@ + +

Tactic:Persistence

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Implant Internal Imageno +
Local Accountsno +
Unauthorized software in NFVIno +
Cloud Accountsno +
Valid Accountsno +
Pre-OS Bootno +
+ \ No newline at end of file diff --git a/tactic-TA0004.html b/tactic-TA0004.html new file mode 100644 index 0000000..ed6016b --- /dev/null +++ b/tactic-TA0004.html @@ -0,0 +1,30 @@ + +

Tactic:Privilege Escalation

+ + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Escape to Hostyes +
Cloud Accountsno +
Malicious privileged container VNF Shared Resource Accessno +
Valid Accountsno +
+ \ No newline at end of file diff --git a/tactic-TA0005.html b/tactic-TA0005.html new file mode 100644 index 0000000..366f108 --- /dev/null +++ b/tactic-TA0005.html @@ -0,0 +1,110 @@ + +

Tactic:Defense Evasion

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Bypass home routingno +
Bid down UEno +
Manipulate Virtual Network Function (VNF) Configurationno +
Rootkitno +
Unauthorized software in NFVIno +
Radio Interfaceno +
Cloud Accountsno +
Malicious co-tenancy exploit of NFVI (Network Slice)no +
Network Slice infrastructure resource hijackingno +
Network Boundary Bridgingno +
Spoof network slice identifierno +
Weaken Integrityno +
Radio Interfaceno +
Network Interfacesno +
Network Interfacesno +
GTP-U Abuseno +
Impair Defensesno +
Valid Accountsno +
Pre-OS Bootno +
Weaken Encryptionno +
+ \ No newline at end of file diff --git a/tactic-TA0006.html b/tactic-TA0006.html new file mode 100644 index 0000000..2de1d77 --- /dev/null +++ b/tactic-TA0006.html @@ -0,0 +1,75 @@ + +

Tactic:Credential Access

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Supply Chain Compromiseno +
Accessing Terminated VNFno +
Network Sniffingno +
Hardware Security Module Key Signingno +
Roaming and Interconnection no +
Radio interfaceno +
SIM cloningno +
Non-SBI no +
Service Based Interface no +
SIM Credential Theftno +
Container Administration Commandno +
Credentials from Password Storesno +
Adversary-in-the-Middleno +
+ \ No newline at end of file diff --git a/tactic-TA0007.html b/tactic-TA0007.html new file mode 100644 index 0000000..5767017 --- /dev/null +++ b/tactic-TA0007.html @@ -0,0 +1,175 @@ + +

Tactic:Discovery

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Network Function Service Discoveryno +
Network Flow Manipulationno +
Controller no +
vSwitchno +
5G-GUTI reuseno +
Remote Servicesno +
Malicious VNF Instantiationno +
Accessing Terminated VNFno +
Shared resource discoveryno +
Network Sniffingno +
Traffic Duplicationno +
Remote System Discoveryno +
Network Service Discoveryno +
Core Network Function Signalingno +
Subscriber Profile Identifier Discoveryno +
Intercept Home Network via SUCIno +
Intercept bid-down SUPIno +
Passive radio signals observationno +
Self Location Measurementno +
Discover network slice identifier no +
Locate UEno +
Shared Network Function in sliceno +
Charging Data Record (CDR) collection no +
NAS Exploitno +
Obtain subscriber identifier via NFno +
Intercept unencrypted SUPIno +
Discover TEIDno +
Diameter signalingno +
Diameter signalingno +
Silent SMSno +
Silent or spoofed pagingno +
Container Administration Commandno +
Automated Exfiltrationno +
+ \ No newline at end of file diff --git a/tactic-TA0008.html b/tactic-TA0008.html new file mode 100644 index 0000000..b0a3133 --- /dev/null +++ b/tactic-TA0008.html @@ -0,0 +1,35 @@ + +

Tactic:Lateral Movement

+ + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Escape to Hostyes +
Unauthorized access to Network Exposure Function (NEF) via token fraudno +
Remote Servicesno +
Software Deployment Toolsno +
Radio control manipulation via rogue xAppsno +
+ \ No newline at end of file diff --git a/tactic-TA0009.html b/tactic-TA0009.html new file mode 100644 index 0000000..507be10 --- /dev/null +++ b/tactic-TA0009.html @@ -0,0 +1,205 @@ + +

Tactic:Collection

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Network Flow Manipulationno +
Controller no +
vSwitchno +
Memory Scrapingno +
Redirection of traffic via user plane network function no +
Fraudulent AMF registration for UE in UDMno +
5G-GUTI reuseno +
Malicious VNF Instantiationno +
Network Sniffingno +
Abuse of Inter-operator Interfacesno +
Core Network Function Signalingno +
Roaming and Interconnection no +
Subscriber Profile Identifier Discoveryno +
Intercept Home Network via SUCIno +
Intercept bid-down SUPIno +
Passive radio signals observationno +
Self Location Measurementno +
Radio interfaceno +
Radio interfaceno +
Spoof network slice identifierno +
Non-SBI no +
Transmitted Data Manipulationno +
Locate UEno +
Shared Network Function in sliceno +
Service Based Interface no +
Retrieve UE subscription datano +
Network-side SMS collectionno +
Charging Data Record (CDR) collection no +
NAS Exploitno +
Obtain subscriber identifier via NFno +
Exploit Public-Facing Applicationno +
Intercept unencrypted SUPIno +
Exploit Semi-public Facing Applicationno +
Diameter signalingno +
Diameter signalingno +
Silent SMSno +
Silent or spoofed pagingno +
Adversary-in-the-Middleno +
Data Manipulationno +
+ \ No newline at end of file diff --git a/tactic-TA0010.html b/tactic-TA0010.html new file mode 100644 index 0000000..07939e1 --- /dev/null +++ b/tactic-TA0010.html @@ -0,0 +1,40 @@ + +

Tactic:Exfiltration

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Traffic Duplicationno +
Protocol Tunnelingno +
Exfiltration Over Unencrypted Non-C2 Protocolno +
Exfiltration Over Alternative Protocolno +
Covert Exfiltration of Data Via DNS Request no +
Automated Exfiltrationno +
+ \ No newline at end of file diff --git a/tactic-TA0011.html b/tactic-TA0011.html new file mode 100644 index 0000000..458edfa --- /dev/null +++ b/tactic-TA0011.html @@ -0,0 +1,30 @@ + +

Tactic:Command and Control

+ + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Application Layer Protocolno +
Protocol Tunnelingno +
Exfiltration Over Alternative Protocolno +
Covert Exfiltration of Data Via DNS Request no +
+ \ No newline at end of file diff --git a/tactic-TA0040.html b/tactic-TA0040.html new file mode 100644 index 0000000..270dbd8 --- /dev/null +++ b/tactic-TA0040.html @@ -0,0 +1,160 @@ + +

Tactic:Impact

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
MNO Roaming Partnersno +
Service Exhaustion Floodno +
Radio Jammingno +
Redirection of traffic via user plane network function no +
Tunnel Endpoint ID (TEID) uniqueness failureno +
Network Slice application resource hijackingno +
Device Database Manipulationno +
Flooding of core network componentno +
Vandalism of Network Infrastructureno +
Cabling and junction boxesno +
Radio Access Hardwareno +
Edge serversno +
Theft of Assetsno +
Consume data allocation to deny or degrade serviceno +
Trigger fraud alert to deny serviceno +
Transmitted Data Manipulationno +
DOS a UE via gNB or NF signalingno +
Exploit Public-Facing Applicationno +
Endpoint Denial of Serviceno +
Shared slice common control network function resource exhaustionno +
UE DoS to AMFno +
IAB Denial of Serviceno +
Alter ML Modelno +
AI/ML training data and prediction poisoningno +
Hardware Additionsno +
Transmit Spoofed Broadcast Messageno +
Trusted Relationshipno +
Network Denial of Serviceno +
Data Manipulationno +
Endpoint Denial of Serviceno +
+ \ No newline at end of file diff --git a/tactic-TA0042.html b/tactic-TA0042.html new file mode 100644 index 0000000..c8c478e --- /dev/null +++ b/tactic-TA0042.html @@ -0,0 +1,75 @@ + +

Tactic:Resource Development

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
False Base Station or Access Pointno +
Obtain Capabilitiesno +
Programable UE devicesno +
Configurability of Fake Base Station or Access Pointno +
Acquire Infrastructureno +
Exploitsno +
Operator Networkno +
Network Accessno +
Develop Capabilitiesno +
Stage Capabilitiesno +
Configure Operator Core Networkno +
Toolno +
Radio Network Functionsno +
+ \ No newline at end of file diff --git a/tactic-TA0043.html b/tactic-TA0043.html new file mode 100644 index 0000000..65e0fea --- /dev/null +++ b/tactic-TA0043.html @@ -0,0 +1,20 @@ + +

Tactic:Reconnaissance

+ + + + + + + + + + + + + + +
Technique NameAccuknox Support
Internal resource searchno +
Gather Victim Host Informationno +
+ \ No newline at end of file diff --git a/tactic-TA5001.html b/tactic-TA5001.html new file mode 100644 index 0000000..67c7e03 --- /dev/null +++ b/tactic-TA5001.html @@ -0,0 +1,35 @@ + +

Tactic:Fraud

+ + + + + + + + + + + + + + + + + + + + + + + + + + +
Technique NameAccuknox Support
Abuse of Inter-operator Interfacesno +
Alter Subscriber Profileno +
Falsify interconnect invoiceno +
SIM cloningno +
Charging fraud via NF controlno +
+ \ No newline at end of file