Note: the inference is not fully transitive in this release. This page is experimental and will change significantly in future releases.
Artifact Details: Software
Object Properties
Parent Classes
graph LR; d3f:Software --> |"rdfs:subClassOf" |d3f:DigitalArtifact; click d3f:Software href "/dao/artifact/d3f:Software"; click d3f:DigitalArtifact href "/dao/artifact/d3f:DigitalArtifact";
Inferred Relationships
Sub Classes:
filtered
Related Countermeasure Techniques:
graph LR; FirmwareVerification["Firmware Verification"] --> | verifies | Firmware["Firmware"]; class FirmwareVerification DefensiveTechniqueNode; class Firmware ArtifactNode; click FirmwareVerification href "technique/d3f:FirmwareVerification"; click Firmware href "dao/artifact/d3f:Firmware";ServiceBinaryVerification["Service Binary Verification"] --> | verifies | ServiceApplication["Service Application"]; class ServiceBinaryVerification DefensiveTechniqueNode; class ServiceApplication ArtifactNode; click ServiceBinaryVerification href "technique/d3f:ServiceBinaryVerification"; click ServiceApplication href "dao/artifact/d3f:ServiceApplication";SoftwareUpdate["Software Update"] --> | modifies | Software["Software"]; class SoftwareUpdate DefensiveTechniqueNode; class Software ArtifactNode; click SoftwareUpdate href "technique/d3f:SoftwareUpdate"; click Software href "dao/artifact/d3f:Software";
Related Offensive Techniques:
graph LR; T1137006["Add-ins"] --> |adds| Software["Software"]; class T1137006 OffensiveTechniqueNode; class Software ArtifactNode; click T1137006 href "/offensive-technique/attack/T1137.006/"; click Software href "dao/artifact/d3f:Software";T1137006["Add-ins"] --> |modifies| OfficeApplication["Office Application"]; class T1137006 OffensiveTechniqueNode; class OfficeApplication ArtifactNode; click T1137006 href "/offensive-technique/attack/T1137.006/"; click OfficeApplication href "dao/artifact/d3f:OfficeApplication";T1550001["Application Access Token"] --> |accesses| AuthenticationService["Authentication Service"]; class T1550001 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1550001 href "/offensive-technique/attack/T1550.001/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1546011["Application Shimming"] --> |creates| Shim["Shim"]; class T1546011 OffensiveTechniqueNode; class Shim ArtifactNode; click T1546011 href "/offensive-technique/attack/T1546.011/"; click Shim href "dao/artifact/d3f:Shim";T1176["Browser Extensions"] --> |modifies| BrowserExtension["Browser Extension"]; class T1176 OffensiveTechniqueNode; class BrowserExtension ArtifactNode; click T1176 href "/offensive-technique/attack/T1176/"; click BrowserExtension href "dao/artifact/d3f:BrowserExtension";T1542002["Component Firmware"] --> |modifies| Firmware["Firmware"]; class T1542002 OffensiveTechniqueNode; class Firmware ArtifactNode; click T1542002 href "/offensive-technique/attack/T1542.002/"; click Firmware href "dao/artifact/d3f:Firmware";T1554["Compromise Client Software Binary"] --> |modifies| ClientApplication["Client Application"]; class T1554 OffensiveTechniqueNode; class ClientApplication ArtifactNode; click T1554 href "/offensive-technique/attack/T1554/"; click ClientApplication href "dao/artifact/d3f:ClientApplication";T1195001["Compromise Software Dependencies and Development Tools"] --> |modifies| Software["Software"]; class T1195001 OffensiveTechniqueNode; class Software ArtifactNode; click T1195001 href "/offensive-technique/attack/T1195.001/"; click Software href "dao/artifact/d3f:Software";T1195002["Compromise Software Supply Chain"] --> |modifies| Software["Software"]; class T1195002 OffensiveTechniqueNode; class Software ArtifactNode; click T1195002 href "/offensive-technique/attack/T1195.002/"; click Software href "dao/artifact/d3f:Software";T1556001["Domain Controller Authentication"] --> |modifies| AuthenticationService["Authentication Service"]; class T1556001 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1556001 href "/offensive-technique/attack/T1556.001/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1574005["Executable Installer File Permissions Weakness"] --> |modifies| ServiceApplication["Service Application"]; class T1574005 OffensiveTechniqueNode; class ServiceApplication ArtifactNode; click T1574005 href "/offensive-technique/attack/T1574.005/"; click ServiceApplication href "dao/artifact/d3f:ServiceApplication";T1212["Exploitation for Credential Access"] --> |may-access| AuthenticationService["Authentication Service"]; class T1212 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1212 href "/offensive-technique/attack/T1212/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1212["Exploitation for Credential Access"] --> |may-access| CredentialManagementSystem["Credential Management System"]; class T1212 OffensiveTechniqueNode; class CredentialManagementSystem ArtifactNode; click T1212 href "/offensive-technique/attack/T1212/"; click CredentialManagementSystem href "dao/artifact/d3f:CredentialManagementSystem";T1547008["LSASS Driver"] --> |modifies| SystemServiceSoftware["System Service Software"]; class T1547008 OffensiveTechniqueNode; class SystemServiceSoftware ArtifactNode; click T1547008 href "/offensive-technique/attack/T1547.008/"; click SystemServiceSoftware href "dao/artifact/d3f:SystemServiceSoftware";T1003001["LSASS Memory"] --> |accesses| AuthenticationService["Authentication Service"]; class T1003001 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1003001 href "/offensive-technique/attack/T1003.001/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1127001["MSBuild"] --> |runs| Compiler["Compiler"]; class T1127001 OffensiveTechniqueNode; class Compiler ArtifactNode; click T1127001 href "/offensive-technique/attack/T1127.001/"; click Compiler href "dao/artifact/d3f:Compiler";T1556["Modify Authentication Process"] --> |modifies| AuthenticationService["Authentication Service"]; class T1556 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1556 href "/offensive-technique/attack/T1556/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1556004["Network Device Authentication"] --> |modifies| AuthenticationService["Authentication Service"]; class T1556004 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1556004 href "/offensive-technique/attack/T1556.004/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1550002["Pass The Hash"] --> |accesses| AuthenticationService["Authentication Service"]; class T1550002 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1550002 href "/offensive-technique/attack/T1550.002/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1550003["Pass The Ticket"] --> |accesses| AuthenticationService["Authentication Service"]; class T1550003 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1550003 href "/offensive-technique/attack/T1550.003/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1556002["Password Filter DLL"] --> |modifies| AuthenticationService["Authentication Service"]; class T1556002 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1556002 href "/offensive-technique/attack/T1556.002/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1556003["Pluggable Authentication Modules"] --> |modifies| AuthenticationService["Authentication Service"]; class T1556003 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1556003 href "/offensive-technique/attack/T1556.003/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1014["Rootkit"] --> |may-modify| Kernel["Kernel"]; class T1014 OffensiveTechniqueNode; class Kernel ArtifactNode; click T1014 href "/offensive-technique/attack/T1014/"; click Kernel href "dao/artifact/d3f:Kernel";T1014["Rootkit"] --> |may-modify| Firmware["Firmware"]; class T1014 OffensiveTechniqueNode; class Firmware ArtifactNode; click T1014 href "/offensive-technique/attack/T1014/"; click Firmware href "dao/artifact/d3f:Firmware";T1564006["Run Virtual Instance"] --> |executes| VirtualizationSoftware["Virtualization Software"]; class T1564006 OffensiveTechniqueNode; class VirtualizationSoftware ArtifactNode; click T1564006 href "/offensive-technique/attack/T1564.006/"; click VirtualizationSoftware href "dao/artifact/d3f:VirtualizationSoftware";T1564006["Run Virtual Instance"] --> |may-add| VirtualizationSoftware["Virtualization Software"]; class T1564006 OffensiveTechniqueNode; class VirtualizationSoftware ArtifactNode; click T1564006 href "/offensive-technique/attack/T1564.006/"; click VirtualizationSoftware href "dao/artifact/d3f:VirtualizationSoftware";T1505001["SQL Stored Procedures"] --> |creates| StoredProcedure["Stored Procedure"]; class T1505001 OffensiveTechniqueNode; class StoredProcedure ArtifactNode; click T1505001 href "/offensive-technique/attack/T1505.001/"; click StoredProcedure href "dao/artifact/d3f:StoredProcedure";T1003002["Security Account Manager"] --> |may-access| AuthenticationService["Authentication Service"]; class T1003002 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1003002 href "/offensive-technique/attack/T1003.002/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1574010["Services File Permissions Weakness"] --> |modifies| ServiceApplication["Service Application"]; class T1574010 OffensiveTechniqueNode; class ServiceApplication ArtifactNode; click T1574010 href "/offensive-technique/attack/T1574.010/"; click ServiceApplication href "dao/artifact/d3f:ServiceApplication";T1072["Software Deployment Tools Execution"] --> |executes| SoftwareDeploymentTool["Software Deployment Tool"]; class T1072 OffensiveTechniqueNode; class SoftwareDeploymentTool ArtifactNode; click T1072 href "/offensive-technique/attack/T1072/"; click SoftwareDeploymentTool href "dao/artifact/d3f:SoftwareDeploymentTool";T1072["Software Deployment Tools Execution"] --> |installs| Software["Software"]; class T1072 OffensiveTechniqueNode; class Software ArtifactNode; click T1072 href "/offensive-technique/attack/T1072/"; click Software href "dao/artifact/d3f:Software";T1542001["System Firmware"] --> |modifies| SystemFirmware["System Firmware"]; class T1542001 OffensiveTechniqueNode; class SystemFirmware ArtifactNode; click T1542001 href "/offensive-technique/attack/T1542.001/"; click SystemFirmware href "dao/artifact/d3f:SystemFirmware";T1497003["Time Based Evasion"] --> |may-run| SystemTimeApplication["System Time Application"]; class T1497003 OffensiveTechniqueNode; class SystemTimeApplication ArtifactNode; click T1497003 href "/offensive-technique/attack/T1497.003/"; click SystemTimeApplication href "dao/artifact/d3f:SystemTimeApplication";T1505002["Transport Agent"] --> |adds| MessageTransferAgent["Message Transfer Agent"]; class T1505002 OffensiveTechniqueNode; class MessageTransferAgent ArtifactNode; click T1505002 href "/offensive-technique/attack/T1505.002/"; click MessageTransferAgent href "dao/artifact/d3f:MessageTransferAgent";T1550["Use Alternate Authentication Material"] --> |accesses| AuthenticationService["Authentication Service"]; class T1550 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1550 href "/offensive-technique/attack/T1550/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";T1056003["Web Portal Capture"] --> |modifies| WebServerApplication["Web Server Application"]; class T1056003 OffensiveTechniqueNode; class WebServerApplication ArtifactNode; click T1056003 href "/offensive-technique/attack/T1056.003/"; click WebServerApplication href "dao/artifact/d3f:WebServerApplication";T1550004["Web Session Cookie"] --> |accesses| AuthenticationService["Authentication Service"]; class T1550004 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1550004 href "/offensive-technique/attack/T1550.004/"; click AuthenticationService href "dao/artifact/d3f:AuthenticationService";