Standardseverity: LowDraft

CAPEC-309Network Topology Mapping

Abstraction
Standard
Status
Draft
Severity
Low

Description

An adversary engages in scanning activities to map network nodes, hosts, devices, and routes. Adversaries usually perform this type of network reconnaissance during the early stages of attack against an external network. Many types of scanning utilities are typically employed, including ICMP tools, network mappers, port scanners, and route testing utilities such as traceroute.

Related weaknesses· 1

CWE-200

MITRE ATT&CK crosswalk· 3

T1016: System Network Configuration DiscoveryT1049: System Network Connections DiscoveryT1590: Gather Victim Network Information

Related attack patterns· 2

CAPEC-169 (ChildOf)CAPEC-664 (CanPrecede)

Exploits1

TypeTargetConfidenceTier
WeaknessExposure of Sensitive Information to an Unauthorized Actorcwe-200100%live

Related to3

TypeTargetConfidenceTier
TechniqueSystem Network Configuration Discoveryt1016100%live
TechniqueGather Victim Network Informationt1590100%live
TechniqueSystem Network Connections Discoveryt1049100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Traceroute Route Enumeration
CAPEC
Host Discovery
CAPEC
Protocol Analysis
CAPEC
Sniffing Network Traffic
CAPEC
Port Scanning
CAPEC
UDP Scan
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.