Add MITRE ATT&CK mapping to findings

## Summary
Systematically map all findings to MITRE ATT&CK techniques (Enterprise + ICS matrices).

## Requirements
- Create a mapping table/enum of relevant ATT&CK technique IDs
- Ensure every Finding produced by analyzers includes `mitre_technique` when applicable
- Support both Enterprise and ICS ATT&CK matrices
- Add a `--mitre` CLI flag to show ATT&CK technique details in terminal output
- Group findings by tactic in the report (Reconnaissance, Lateral Movement, C2, etc.)

## Key Mappings
- Port scanning → T1046 (Network Service Discovery)
- DNS tunneling → T1071.004 (DNS Protocol)
- Beaconing → T1071/T1573
- Credential sniffing → T1040 (Network Sniffing)
- Modbus writes → T0855 (Unauthorized Command Message)

## Acceptance Criteria
- [ ] ATT&CK technique enum/constants with descriptions
- [ ] All analyzers populate `mitre_technique` field
- [ ] Terminal reporter groups by tactic when `--mitre` is set
- [ ] JSON/CSV include technique IDs

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add MITRE ATT&CK mapping to findings #5

Summary

Requirements

Key Mappings

Acceptance Criteria

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Add MITRE ATT&CK mapping to findings #5

Description

Summary

Requirements

Key Mappings

Acceptance Criteria

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions