Standardlikelihood: Highseverity: Very LowDraft

CAPEC-497File Discovery

Abstraction
Standard
Status
Draft
Likelihood
High
Severity
Very Low

Description

An adversary engages in probing and exploration activities to determine if common key files exists. Such files often contain configuration and security parameters of the targeted application, system or network. Using this knowledge may often pave the way for more damaging attacks. Metadata: standard CAPEC pattern, status draft, likelihood high, severity very low. Underlying weakness: CWE-200. Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Object].

Related weaknesses· 1

CWE-200

MITRE ATT&CK crosswalk· 1

T1083: File and Directory Discovery

Related attack patterns· 1

CAPEC-169 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessExposure of Sensitive Information to an Unauthorized Actorcwe-200100%live

Related to1

TypeTargetConfidenceTier
TechniqueFile and Directory Discoveryt1083100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Probe System Files
CAPEC
Identify Shared Files/Directories on System
CAPEC
System Location Discovery
CAPEC
Excavation
CAPEC
Footprinting
CAPEC
Explore for Predictable Temporary File Names
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.