1. Home
  2. ATT&CK Techniques
  3. T1059.006 Python

T1059.006 Python Mappings

Adversaries may abuse Python commands and scripts for execution. Python is a very popular scripting/programming language, with capabilities to perform many functions. Python can be executed interactively from the command-line (via the <code>python.exe</code> interpreter) or via scripts (.py) that can be written and distributed to different systems. Python code can also be compiled into binary executables.

Python comes with many built-in packages to interact with the underlying system, such as file operations and device I/O. Adversaries can use these libraries to download and execute commands or other scripts as well as perform various malicious behaviors.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-17 Remote Access Protects T1059.006 Python
AC-2 Account Management Protects T1059.006 Python
AC-3 Access Enforcement Protects T1059.006 Python
AC-6 Least Privilege Protects T1059.006 Python
CM-11 User-installed Software Protects T1059.006 Python
CM-2 Baseline Configuration Protects T1059.006 Python
CM-3 Configuration Change Control Protects T1059.006 Python
CM-5 Access Restrictions for Change Protects T1059.006 Python
CM-6 Configuration Settings Protects T1059.006 Python
SI-10 Information Input Validation Protects T1059.006 Python
SI-16 Memory Protection Protects T1059.006 Python
SI-2 Flaw Remediation Protects T1059.006 Python
SI-3 Malicious Code Protection Protects T1059.006 Python
SI-4 System Monitoring Protects T1059.006 Python
SI-7 Software, Firmware, and Information Integrity Protects T1059.006 Python
action.hacking.variety.Abuse of functionality Abuse of functionality. related-to T1059.006 Command and Scripting Interpreter: Python
action.hacking.vector.Command shell Remote shell related-to T1059.006 Command and Scripting Interpreter: Python