Software

Access Control Configuration

Access Control List

Access Token

Administrative Network Traffic

Alias

Application

Application Configuration

Application Configuration Database

Application Configuration Database Record

Application Configuration File

Application Layer Firewall

Application Process

Application Process Configuration

Application Rule

Application Shim

Archive File

Artifact Server

Asymmetric Key

Audio Input Device

Authenticate User

Authentication

Authentication Log

Authentication Server

Authentication Service

Authorization

Authorization Log

Authorization Service

Barcode Scanner Input Device

Binary Large Object

Binary Segment

Blob

Block Device

Boot Loader

Boot Record

Boot Sector

Browser

Browser Extension

Build Tool

Business Communication Platform Client

CA Certificate File

Call Stack

Certificate

Certificate File

Certificate Trust Store

Chatroom Client

Child Process

Client Application

Client Computer

Clipboard

Cloud Configuration

Cloud Instance Metadata

Cloud Service Authentication

Cloud Service Authorization

Cloud Storage

Cloud User Account

Code Analyzer

Code Repository

Collaborative Software

Command

Command History Log

Command History Log File

Command Line Interface

Compiler

Compiler Configuration File

Computing Server

Configuration Bearing Entity

Configuration File

Connect Socket

Container Build Tool

Container Image

Container Orchestration Software

Container Process

Container Runtime

Copy Token

Create File

Create Process

Create Socket

Create Thread

Credential

Credential Management System

Cryptographic Key

Custom Archive File

DNS Lookup

DNS Network Traffic

DNS Record

DNS Server

Data Artifact Server

Database

Database Query

Database Server

Decoy Artifact

Default User Account

Desktop Computer

Developer Application

Dial Up Modem

Digital Artifact

Digital System

Object Properties

name: Software
abbreviated IRI: d3f:Software
definition: Computer software, or simply software, is that part of a computer system that consists of encoded information or computer instructions, in contrast to the physical hardware from which the system is built.
defined by: http://dbpedia.org/resource/Software

Neighbors

Inferred Relationships

This page is experimental and may change significantly in future releases.

Hierarchy

(filtered)

Related Countermeasure Techniques

graph LR; FirmwareBehaviorAnalysis["Firmware Behavior Analysis"] --> | analyzes | Firmware["Firmware"]; class FirmwareBehaviorAnalysis DefensiveTechniqueNode; class Firmware ArtifactNode; click FirmwareBehaviorAnalysis href "/technique/d3f:FirmwareBehaviorAnalysis"; click Firmware href "/dao/artifact/d3f:Firmware";FirmwareEmbeddedMonitoringCode["Firmware Embedded Monitoring Code"] --> | analyzes | Firmware["Firmware"]; class FirmwareEmbeddedMonitoringCode DefensiveTechniqueNode; class Firmware ArtifactNode; click FirmwareEmbeddedMonitoringCode href "/technique/d3f:FirmwareEmbeddedMonitoringCode"; click Firmware href "/dao/artifact/d3f:Firmware";FirmwareVerification["Firmware Verification"] --> | verifies | Firmware["Firmware"]; class FirmwareVerification DefensiveTechniqueNode; class Firmware ArtifactNode; click FirmwareVerification href "/technique/d3f:FirmwareVerification"; click Firmware href "/dao/artifact/d3f:Firmware";PeripheralFirmwareVerification["Peripheral Firmware Verification"] --> | verifies | PeripheralFirmware["Peripheral Firmware"]; class PeripheralFirmwareVerification DefensiveTechniqueNode; class PeripheralFirmware ArtifactNode; click PeripheralFirmwareVerification href "/technique/d3f:PeripheralFirmwareVerification"; click PeripheralFirmware href "/dao/artifact/d3f:PeripheralFirmware";ServiceBinaryVerification["Service Binary Verification"] --> | verifies | ServiceApplication["Service Application"]; class ServiceBinaryVerification DefensiveTechniqueNode; class ServiceApplication ArtifactNode; click ServiceBinaryVerification href "/technique/d3f:ServiceBinaryVerification"; click ServiceApplication href "/dao/artifact/d3f:ServiceApplication";SoftwareUpdate["Software Update"] --> | updates | Software["Software"]; class SoftwareUpdate DefensiveTechniqueNode; class Software ArtifactNode; click SoftwareUpdate href "/technique/d3f:SoftwareUpdate"; click Software href "/dao/artifact/d3f:Software";SystemFirmwareVerification["System Firmware Verification"] --> | verifies | SystemFirmware["System Firmware"]; class SystemFirmwareVerification DefensiveTechniqueNode; class SystemFirmware ArtifactNode; click SystemFirmwareVerification href "/technique/d3f:SystemFirmwareVerification"; click SystemFirmware href "/dao/artifact/d3f:SystemFirmware";

Related Offensive Techniques

graph LR; T1212["Exploitation for Credential Access"] --> |may-access| AuthenticationService["Authentication Service"]; class T1212 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1212 href "/offensive-technique/attack/T1212/"; click AuthenticationService href "/dao/artifact/d3f:AuthenticationService";T1556["Modify Authentication Process"] --> |modifies| AuthenticationService["Authentication Service"]; class T1556 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1556 href "/offensive-technique/attack/T1556/"; click AuthenticationService href "/dao/artifact/d3f:AuthenticationService";T1003001["LSASS Memory"] --> |accesses| AuthenticationService["Authentication Service"]; class T1003001 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1003001 href "/offensive-technique/attack/T1003.001/"; click AuthenticationService href "/dao/artifact/d3f:AuthenticationService";T1003002["Security Account Manager"] --> |may-access| AuthenticationService["Authentication Service"]; class T1003002 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1003002 href "/offensive-technique/attack/T1003.002/"; click AuthenticationService href "/dao/artifact/d3f:AuthenticationService";T1550["Use Alternate Authentication Material"] --> |accesses| AuthenticationService["Authentication Service"]; class T1550 OffensiveTechniqueNode; class AuthenticationService ArtifactNode; click T1550 href "/offensive-technique/attack/T1550/"; click AuthenticationService href "/dao/artifact/d3f:AuthenticationService";T1176["Browser Extensions"] --> |modifies| BrowserExtension["Browser Extension"]; class T1176 OffensiveTechniqueNode; class BrowserExtension ArtifactNode; click T1176 href "/offensive-technique/attack/T1176/"; click BrowserExtension href "/dao/artifact/d3f:BrowserExtension";T1554["Compromise Client Software Binary"] --> |modifies| ClientApplication["Client Application"]; class T1554 OffensiveTechniqueNode; class ClientApplication ArtifactNode; click T1554 href "/offensive-technique/attack/T1554/"; click ClientApplication href "/dao/artifact/d3f:ClientApplication";T1127001["MSBuild"] --> |runs| Compiler["Compiler"]; class T1127001 OffensiveTechniqueNode; class Compiler ArtifactNode; click T1127001 href "/offensive-technique/attack/T1127.001/"; click Compiler href "/dao/artifact/d3f:Compiler";T1212["Exploitation for Credential Access"] --> |may-access| CredentialManagementSystem["Credential Management System"]; class T1212 OffensiveTechniqueNode; class CredentialManagementSystem ArtifactNode; click T1212 href "/offensive-technique/attack/T1212/"; click CredentialManagementSystem href "/dao/artifact/d3f:CredentialManagementSystem";T1014["Rootkit"] --> |may-modify| Firmware["Firmware"]; class T1014 OffensiveTechniqueNode; class Firmware ArtifactNode; click T1014 href "/offensive-technique/attack/T1014/"; click Firmware href "/dao/artifact/d3f:Firmware";T1542002["Component Firmware"] --> |modifies| Firmware["Firmware"]; class T1542002 OffensiveTechniqueNode; class Firmware ArtifactNode; click T1542002 href "/offensive-technique/attack/T1542.002/"; click Firmware href "/dao/artifact/d3f:Firmware";T1014["Rootkit"] --> |may-modify| Kernel["Kernel"]; class T1014 OffensiveTechniqueNode; class Kernel ArtifactNode; click T1014 href "/offensive-technique/attack/T1014/"; click Kernel href "/dao/artifact/d3f:Kernel";T1505002["Transport Agent"] --> |adds| MessageTransferAgent["Message Transfer Agent"]; class T1505002 OffensiveTechniqueNode; class MessageTransferAgent ArtifactNode; click T1505002 href "/offensive-technique/attack/T1505.002/"; click MessageTransferAgent href "/dao/artifact/d3f:MessageTransferAgent";T1137006["Add-ins"] --> |modifies| OfficeApplication["Office Application"]; class T1137006 OffensiveTechniqueNode; class OfficeApplication ArtifactNode; click T1137006 href "/offensive-technique/attack/T1137.006/"; click OfficeApplication href "/dao/artifact/d3f:OfficeApplication";T1574005["Executable Installer File Permissions Weakness"] --> |modifies| ServiceApplication["Service Application"]; class T1574005 OffensiveTechniqueNode; class ServiceApplication ArtifactNode; click T1574005 href "/offensive-technique/attack/T1574.005/"; click ServiceApplication href "/dao/artifact/d3f:ServiceApplication";T1574010["Services File Permissions Weakness"] --> |modifies| ServiceApplication["Service Application"]; class T1574010 OffensiveTechniqueNode; class ServiceApplication ArtifactNode; click T1574010 href "/offensive-technique/attack/T1574.010/"; click ServiceApplication href "/dao/artifact/d3f:ServiceApplication";T1546011["Application Shimming"] --> |creates| Shim["Shim"]; class T1546011 OffensiveTechniqueNode; class Shim ArtifactNode; click T1546011 href "/offensive-technique/attack/T1546.011/"; click Shim href "/dao/artifact/d3f:Shim";T1218014["MMC"] --> |may-add| Software["Software"]; class T1218014 OffensiveTechniqueNode; class Software ArtifactNode; click T1218014 href "/offensive-technique/attack/T1218.014/"; click Software href "/dao/artifact/d3f:Software";T1072["Software Deployment Tools Execution"] --> |installs| Software["Software"]; class T1072 OffensiveTechniqueNode; class Software ArtifactNode; click T1072 href "/offensive-technique/attack/T1072/"; click Software href "/dao/artifact/d3f:Software";T1195001["Compromise Software Dependencies and Development Tools"] --> |modifies| Software["Software"]; class T1195001 OffensiveTechniqueNode; class Software ArtifactNode; click T1195001 href "/offensive-technique/attack/T1195.001/"; click Software href "/dao/artifact/d3f:Software";T1195002["Compromise Software Supply Chain"] --> |modifies| Software["Software"]; class T1195002 OffensiveTechniqueNode; class Software ArtifactNode; click T1195002 href "/offensive-technique/attack/T1195.002/"; click Software href "/dao/artifact/d3f:Software";T1137006["Add-ins"] --> |adds| Software["Software"]; class T1137006 OffensiveTechniqueNode; class Software ArtifactNode; click T1137006 href "/offensive-technique/attack/T1137.006/"; click Software href "/dao/artifact/d3f:Software";T1505004["IIS Components"] --> |adds| Software["Software"]; class T1505004 OffensiveTechniqueNode; class Software ArtifactNode; click T1505004 href "/offensive-technique/attack/T1505.004/"; click Software href "/dao/artifact/d3f:Software";T1072["Software Deployment Tools Execution"] --> |executes| SoftwareDeploymentTool["Software Deployment Tool"]; class T1072 OffensiveTechniqueNode; class SoftwareDeploymentTool ArtifactNode; click T1072 href "/offensive-technique/attack/T1072/"; click SoftwareDeploymentTool href "/dao/artifact/d3f:SoftwareDeploymentTool";T1505001["SQL Stored Procedures"] --> |creates| StoredProcedure["Stored Procedure"]; class T1505001 OffensiveTechniqueNode; class StoredProcedure ArtifactNode; click T1505001 href "/offensive-technique/attack/T1505.001/"; click StoredProcedure href "/dao/artifact/d3f:StoredProcedure";T1542001["System Firmware"] --> |modifies| SystemFirmware["System Firmware"]; class T1542001 OffensiveTechniqueNode; class SystemFirmware ArtifactNode; click T1542001 href "/offensive-technique/attack/T1542.001/"; click SystemFirmware href "/dao/artifact/d3f:SystemFirmware";T1547008["LSASS Driver"] --> |modifies| SystemServiceSoftware["System Service Software"]; class T1547008 OffensiveTechniqueNode; class SystemServiceSoftware ArtifactNode; click T1547008 href "/offensive-technique/attack/T1547.008/"; click SystemServiceSoftware href "/dao/artifact/d3f:SystemServiceSoftware";T1497003["Time Based Evasion"] --> |may-run| SystemTimeApplication["System Time Application"]; class T1497003 OffensiveTechniqueNode; class SystemTimeApplication ArtifactNode; click T1497003 href "/offensive-technique/attack/T1497.003/"; click SystemTimeApplication href "/dao/artifact/d3f:SystemTimeApplication";T1564006["Run Virtual Instance"] --> |executes| VirtualizationSoftware["Virtualization Software"]; class T1564006 OffensiveTechniqueNode; class VirtualizationSoftware ArtifactNode; click T1564006 href "/offensive-technique/attack/T1564.006/"; click VirtualizationSoftware href "/dao/artifact/d3f:VirtualizationSoftware";T1564006["Run Virtual Instance"] --> |may-add| VirtualizationSoftware["Virtualization Software"]; class T1564006 OffensiveTechniqueNode; class VirtualizationSoftware ArtifactNode; click T1564006 href "/offensive-technique/attack/T1564.006/"; click VirtualizationSoftware href "/dao/artifact/d3f:VirtualizationSoftware";T1056003["Web Portal Capture"] --> |modifies| WebServerApplication["Web Server Application"]; class T1056003 OffensiveTechniqueNode; class WebServerApplication ArtifactNode; click T1056003 href "/offensive-technique/attack/T1056.003/"; click WebServerApplication href "/dao/artifact/d3f:WebServerApplication";