Matrix

Объект Matrix содержит данные о матрице MITRE ATT&CK.

Ключ	Тип	Описание
id	string	Идентификатор тактики.
name	string	Название тактики.
url	string	Адрес веб-страницы на сайте https://attack.mitre.org, где можно найти описание тактики и другую дополнительную информацию.
techniques	array [Technique]	Список техник.

"id": "TA0005",

"name": "Defense Evasion",

"url": "https://attack.mitre.org/tactics/TA0005",

"techniques": [

{

"rules": null,

"id": "T1070",

"name": "Indicator Removal",

"url": "https://attack.mitre.org/techniques/T1070",

"subtechniques": [

{

"rules": {

"neutral": ["Changes the time when the file was created, accessed, or modified"]

"id": "T1070.006",

"name": "Timestomp",

"url": "https://attack.mitre.org/techniques/T1070/006"

}

]

{

"rules": null,

"id": "T1222",

"name": "File and Directory Permissions Modification",

"url": "https://attack.mitre.org/techniques/T1222",

"subtechniques": [

{

"rules": {

"neutral": ["Sets a written file as executable"]

"id": "T1222.002",

"name": "Linux and Mac File and Directory Permissions Modification",

"url": "https://attack.mitre.org/techniques/T1222/002"

}

]

{

"rules": {

"suspicious": ["Writes files to system directory"]

"id": "T1574",

"name": "Hijack Execution Flow",

"url": "https://attack.mitre.org/techniques/T1574"

{

"rules": null,

"id": "T1036",

"name": "Masquerading",

"url": "https://attack.mitre.org/techniques/T1036",

"subtechniques": [

{

"rules": {

"suspicious": ["Substitutes an application name"]

"id": "T1036.004",

"name": "Masquerade Task or Service",

"url": "https://attack.mitre.org/techniques/T1036/004"

}

]

}

]