Standardlikelihood: Lowseverity: LowStable

CAPEC-575Account Footprinting

Abstraction
Standard
Status
Stable
Likelihood
Low
Severity
Low

Description

An adversary exploits functionality meant to identify information about the domain accounts and their permissions on the target system to an authorized user. By knowing what accounts are registered on the target system, the adversary can inform further and more targeted malicious behavior. Example Windows commands which can acquire this information are: "net user" and "dsquery".

Related weaknesses· 1

CWE-200

MITRE ATT&CK crosswalk· 1

T1087: Account Discovery

Related attack patterns· 1

CAPEC-169 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessExposure of Sensitive Information to an Unauthorized Actorcwe-200100%live

Related to1

TypeTargetConfidenceTier
TechniqueAccount Discoveryt1087100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Group Permission Footprinting
CAPEC
Owner Footprinting
CAPEC
Process Footprinting
CAPEC
Services Footprinting
Sub-technique
Domain Account
CAPEC
System Footprinting
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.