The response data from the utility command.
SAMPLE DATA
JSON
[
{
"TacticMid": "TA0003",
"TacticName": "Persistence",
"TechniqueMid": "T1078.002",
"TechniqueName": "Valid Accounts: Domain Accounts"
},
{
"TacticMid": "TA0003",
"TacticName": "Persistence",
"TechniqueMid": "T1037.001",
"TechniqueName": "Logon Scripts: Logon Script (Windows)"
},
{
"TacticMid": "TA0004",
"TacticName": "Privilege Escalation",
"TechniqueMid": "T1078.002",
"TechniqueName": "Valid Accounts: Domain Accounts"
},
{
"TacticMid": "TA0004",
"TacticName": "Privilege Escalation",
"TechniqueMid": "T1037.001",
"TechniqueName": "Logon Scripts: Logon Script (Windows)"
},
{
"TacticMid": "TA0005",
"TacticName": "Defense Evasion",
"TechniqueMid": "T1078.002",
"TechniqueName": "Valid Accounts: Domain Accounts"
},
{
"TacticMid": "TA0042",
"TacticName": "Resource Development",
"TechniqueMid": "",
"TechniqueName": "Unmapped"
},
{
"TacticMid": "TA0043",
"TacticName": "Reconnaissance",
"TechniqueMid": "",
"TechniqueName": "Unmapped"
},
{
"TacticMid": "TA0040",
"TacticName": "Impact",
"TechniqueMid": "T1565.001",
"TechniqueName": "Data Manipulation: Stored Data Manipulation"
},
{
"TacticMid": "TA0006",
"TacticName": "Credential Access",
"TechniqueMid": "T1056.003",
"TechniqueName": "Input Capture: Web Portal Capture"
},
{
"TacticMid": "TA0009",
"TacticName": "Collection",
"TechniqueMid": "T1056.004",
"TechniqueName": "Input Capture: Credential API Hooking"
},
{
"TacticMid": "TA0006",
"TacticName": "Credential Access",
"TechniqueMid": "T1056.004",
"TechniqueName": "Input Capture: Credential API Hooking"
},
{
"TacticMid": "TA0009",
"TacticName": "Collection",
"TechniqueMid": "T1056.003",
"TechniqueName": "Input Capture: Web Portal Capture"
}
]
.png)
