From 4ba2e52cffcf6ab4bb5c112e1214839485df9741 Mon Sep 17 00:00:00 2001
From: matthijsvp <matthijs.v.polen@northwave.nl>
Date: Thu, 23 Dec 2021 14:07:30 +0100
Subject: [PATCH] Initial commit of Unified Kill Chain.

---
 unified-kill-chain/machinetag.json | 113 +++++++++++++++++++++++++++++
 1 file changed, 113 insertions(+)
 create mode 100644 unified-kill-chain/machinetag.json

diff --git a/unified-kill-chain/machinetag.json b/unified-kill-chain/machinetag.json
new file mode 100644
index 0000000..86e8e0a
--- /dev/null
+++ b/unified-kill-chain/machinetag.json
@@ -0,0 +1,113 @@
+{
+  "namespace": "unified-kill-chain",
+  "expanded": "Unified Kill Chain",
+  "description": "The Unified Kill Chain is a refinement to the Kill Chain.",
+  "version": 1,
+  "predicates": [
+    {
+      "value": "Initial Foothold",
+      "expanded": "Initial Foothold"
+    },
+    {
+      "value": "Network Propagation",
+      "expanded": "Network Propagation"
+    },
+    {
+      "value": "Action on Objectives",
+      "expanded": "Action on Objectives"
+    }
+  ],
+  "values": [
+    {
+      "predicate": "Initial Foothold",
+      "entry": [
+        {
+          "expanded": "Reconnaissance",
+          "value": "reconnaissance"
+        },
+        {
+          "expanded": "Weaponization",
+          "value": "weaponization"
+        },
+        {
+          "expanded": "Delivery",
+          "value": "delivery"
+        },
+        {
+          "expanded": "Social Engineering",
+          "value": "social-engineering"
+        },
+        {
+          "expanded": "Exploitation",
+          "value": "exploitation"
+        },
+        {
+          "expanded": "Persistence",
+          "value": "persistence"
+        },
+        {
+          "expanded": "Defense Evasion",
+          "value": "defense-evasion"
+        },
+        {
+          "expanded": "Command & Control",
+          "value": "command-control"
+        }
+      ]
+    },
+    {
+      "predicate": "Network Propagation",
+      "entry": [
+        {
+          "expanded": "Pivoting",
+          "value": "pivoting"
+        },
+        {
+          "expanded": "Discovery",
+          "value": "discovery"
+        },
+        {
+          "expanded": "Privilege Escalation",
+          "value": "privilege-escalation"
+        },
+        {
+          "expanded": "Execution",
+          "value": "execution"
+        },
+        {
+          "expanded": "Credential Access",
+          "value": "credential-access"
+        },
+        {
+          "expanded": "Lateral Movement",
+          "value": "lateral-movement"
+        }
+      ]
+    },
+    {
+      "predicate": "Action on Objectives",
+      "entry": [
+        {
+          "expanded": "Access",
+          "value": "access"
+        },
+        {
+          "expanded": "Collection",
+          "value": "collection"
+        },
+        {
+          "expanded": "Exfiltration",
+          "value": "exfiltration"
+        },
+        {
+          "expanded": "Impact",
+          "value": "impact"
+        },
+        {
+          "expanded": "Objectives",
+          "value": "objectives"
+        }
+      ]
+  }
+  ]
+}