{ "values": [ { "value": "Android Trojan" }, { "value": "Backdoor" }, { "value": "Banking Trojan" }, { "value": "Bot" }, { "value": "DDoS malware" }, { "value": "Espionage malware" }, { "value": "Exploit kit" }, { "value": "Keylogger" }, { "value": "Mac Backdoor" }, { "value": "Mac Trojan" }, { "value": "Malware site" }, { "value": "RAT" }, { "value": "Rootkit" }, { "value": "SQLI malware" }, { "value": "Toolkit" }, { "value": "Trojan" }, { "value": "Other" }, { "value": "Unknown" }, { "value": "Ransomware" }, { "value": "Dark Net Market" }, { "value": "Destructive" }, { "value": "Forums" }, { "value": "Domain Registration" }, { "value": "POS malware" }, { "value": "Hosting" }, { "value": "ICS" }, { "value": "Android app" }, { "value": "Privacy" }, { "value": "Safe browsing" }, { "value": "Safe internet search" }, { "value": "Peer-to-peer" }, { "value": "Crypto" }, { "value": "Social media" }, { "value": "Identity Theft" }, { "value": "VPN" }, { "value": "Speech recognition software" }, { "value": "Encrypted email" }, { "value": "Messaging" }, { "value": "ATM malware" }, { "value": "Network mapper" }, { "value": "Pentest tool" }, { "value": "Authentication bypass" }, { "value": "Phishing infra" }, { "value": "Dox and ransom" }, { "value": "Hot patching" }, { "value": "Arsenal" }, { "value": "CVE" }, { "value": "Fake website" }, { "value": "Information stealer" }, { "value": "DoS" }, { "value": "Worm" }, { "value": "Downloader" }, { "value": "Loader" }, { "value": "Infostealer" }, { "value": "RF Signals Intercepter" }, { "value": "Wireless Keystroke Logger" }, { "value": "Recon tool" }, { "value": "Website" }, { "value": "Website recon" }, { "value": "Malware features" }, { "value": "URL shortener service" }, { "value": "Information Warfare" }, { "value": "Programming language" }, { "value": "Port scanner" }, { "value": "Installer" }, { "value": "CMS exploitation" }, { "value": "Remote execution tool" }, { "value": "Service" }, { "value": "Money miner" }, { "value": "Remote administration tool" }, { "value": "First-stage" }, { "value": "Dropper" }, { "value": "Virtual server penetration" }, { "value": "Scripting language" }, { "value": "Adware" }, { "value": "Obfuscation technique" }, { "value": "Drive-by attack" }, { "value": "PLC worm" }, { "value": "Blog" }, { "value": "Account checker" }, { "value": "Internet Control" }, { "value": "C2" }, { "value": "Scanning routers" }, { "value": "Take over" }, { "value": "Credit Card Fraud" }, { "value": "DDoS Tool" }, { "value": "IoT bot" }, { "value": "Targeting" }, { "value": "cryptocurrency" }, { "value": "Anti-analysis" }, { "value": "persistence" }, { "value": "Anti-detection" }, { "value": "Phishing-theme" }, { "value": "OpSec" }, { "value": "Automatic phone calls" }, { "value": "Selling" }, { "value": "Extortion" }, { "value": "Watering hole" }, { "value": "Sharing platform" }, { "value": "Sideloading" }, {"value": "Operating System" }, {"value": "Sample" }, {"value": "Buffer overflow" }, { "value": "Online magazine" }, { "value": "Spoofing" }, { "value": "Ransomware-as-a-Service" }, { "value": "Spambot" }, { "value": "HTTP bot" }, { "value": "Shop" }, { "value": "Password recovery" }, { "value": "Password manager" }, { "value": "Certificate exploit" }, { "value": "Mailer" }, { "value": "Card" }, { "value": "Powershell agent" }, { "value": "Skimmer" }, { "value": "Exploit" }, { "value": "Medical device tampering" }, { "value": "App store" }, { "value": "Scareware" }, { "value": "Payment platform" }, { "value": "Man-in-the-middle" }, { "value": "Switch ttack" }, { "value": "Switch attack" }, { "value": "Browser hijacker" }, { "value": "Supply chain attack" }, { "value": "Powershell scripts" }, { "value": "Malicious iFrame injects" }, { "value": "Dumps grabber" }, { "value": "Exfiltration tool" }, { "value": "Code injection" }, { "value": "Mobile malware" }, { "value": "Zero-Day" }, { "value": "Multi-stage implant framework" }, { "value": "Second-stage" }, { "value": "IRC" }, { "value": "Administration" }, { "value": "XSS tool" }, { "value": "Tracking program" }, { "value": "HTTP loader" }, { "value": "Spyware" }, { "value": "Bitcoin stealer" }, { "value": "Phone bot" }, { "value": "Video editor" }, { "value": "URL shortening service" }, { "value": "Fraud" }, { "value": "Spreading mechanisms" }, { "value": "Android bot" }, { "value": "Disinformation" }, { "value": "Mineware" }, { "value": "CWE" }, { "value": "SCADA malware" }, { "value": "Crypter" }, { "value": "Phishing" }, { "value": "Template injection" }, { "value": "Credential stealer" }, { "value": "Crypto currency exchange and trading platform" }, { "value": "cryptocurrency mining malware" }, { "value": "Card shop" }, { "value": "Evasion" }, { "value": "Browser" }, { "value": "Wiper" }, { "value": "cryptocurrency cloud mining" }, { "value": "Distribution vector" }, { "value": "Postscript Abuse" }, { "value": "Bolware" }, { "value": "Software" }, { "value": "Proxy malware" } ], "version" : 1, "description": "ttp type vocab as defined by Cert EU.", "source": "Cert EU", "author": ["Cert EU"], "uuid": "55224678-b017-11e7-874d-971b517d8cba", "type": "ttp-type-vocabulary" }