Attack path: Endpoint Denial of Service
Kill-chain expansion via actor co-occurrence analysis ·
14 techniques ·
3 detectable
·
11 detection gaps
Entry point: CVE-2006-4616
T1499
Reconnaissance
Impact
T1499
Endpoint Denial of Service
✓ sigma
999.0x lift
T1499.004
Application or System Exploita…
✓ sigma
7.4x lift
T1498.002
Reflection Amplification
× no rule
7.4x lift
T1499.003
Application Exhaustion Flood
× no rule
7.4x lift
T1499.001
OS Exhaustion Flood
✓ sigma
7.4x lift
T1498.001
Direct Network Flood
× no rule
7.4x lift
T1488
Disk Content Wipe
× no rule
7.4x lift
T1499.002
Service Exhaustion Flood
× no rule
7.4x lift
Entry point (from CVE)
Detection rule available
Detection gap - potential blind spot
Lift = how strongly this technique co-occurs with the entry point across shared threat actors (1x = expected, 5x = highly distinctive)
Hunt package
All 14 techniques in this chain - Sigma rules, Atomic tests, and detection gaps in one view.