615 indexed
CAPECCAPEC attack patterns
615 MITRE CAPEC entries — attack patterns at meta, standard, and detailed abstraction levels. Filter by abstraction. Authored by Adam Lundqvist.
Showing 451–500 of 615 · page 10 of 13
| ID | Title | Summary |
|---|---|---|
| CAPEC-575 | Account Footprinting | An adversary exploits functionality meant to identify information about the domain accounts and their permissions on the target system to an authorized user. B… |
| CAPEC-576 | Group Permission Footprinting | An adversary exploits functionality meant to identify information about user groups and their permissions on the target system to an authorized user. By knowin… |
| CAPEC-577 | Owner Footprinting | An adversary exploits functionality meant to identify information about the primary users on the target system to an authorized user. They may do this, for exa… |
| CAPEC-578 | Disable Security Software | An adversary exploits a weakness in access control to disable security tools so that detection does not occur. This can take the form of killing processes, del… |
| CAPEC-579 | Replace Winlogon Helper DLL | Winlogon is a part of Windows that performs logon actions. In Windows systems prior to Windows Vista, a registry key can be modified that causes Winlogon to lo… |
| CAPEC-58 | Restful Privilege Elevation | An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack … |
| CAPEC-580 | System Footprinting | An adversary engages in active probing and exploration activities to determine security information about a remote target system. Often times adversaries will … |
| CAPEC-581 | Security Software Footprinting | Adversaries may attempt to get a listing of security tools that are installed on the system and their configurations. This may include security related system … |
| CAPEC-582 | Route Disabling | An adversary disables the network route between two targets. The goal is to completely sever the communications channel between two entities. This is often the… |
| CAPEC-583 | Disabling Network Hardware | In this attack pattern, an adversary physically disables networking hardware by powering it down or disconnecting critical equipment. Disabling or shutting off… |
| CAPEC-584 | BGP Route Disabling | An adversary suppresses the Border Gateway Protocol (BGP) advertisement for a route so as to render the underlying network inaccessible. The BGP protocol helps… |
| CAPEC-585 | DNS Domain Seizure | In this attack pattern, an adversary influences a target's web-hosting company to disable a target domain. The goal is to prevent access to the targeted servic… |
| CAPEC-586 | Object Injection | An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage ser… |
| CAPEC-587 | Cross Frame Scripting (XFS) | This attack pattern combines malicious Javascript and a legitimate webpage loaded into a concealed iframe. The malicious Javascript is then able to interact wi… |
| CAPEC-588 | DOM-Based XSS | This type of attack is a form of Cross-Site Scripting (XSS) where a malicious script is inserted into the client-side HTML being parsed by a web browser. Conte… |
| CAPEC-589 | DNS Blocking | An adversary intercepts traffic and intentionally drops DNS requests based on content in the request. In this way, the adversary can deny the availability of s… |
| CAPEC-59 | Session Credential Falsification through Prediction | This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing a… |
| CAPEC-590 | IP Address Blocking | An adversary performing this type of attack drops packets destined for a target IP address. The aim is to prevent access to the service hosted at the target IP… |
| CAPEC-591 | Reflected XSS | This type of attack is a form of Cross-Site Scripting (XSS) where a malicious script is "reflected" off a vulnerable web application and then executed by a vic… |
| CAPEC-592 | Stored XSS | An adversary utilizes a form of Cross-site Scripting (XSS) where a malicious script is persistently "stored" within the data storage of a vulnerable web applic… |
| CAPEC-593 | Session Hijacking | This type of attack involves an adversary that exploits weaknesses in an application's use of sessions in performing authentication. The adversary is able to s… |
| CAPEC-594 | Traffic Injection | An adversary injects traffic into the target's network connection. The adversary is therefore able to degrade or disrupt the connection, and potentially modify… |
| CAPEC-595 | Connection Reset | In this attack pattern, an adversary injects a connection reset packet to one or both ends of a target's connection. The attacker is therefore able to have the… |
| CAPEC-596 | TCP RST Injection | An adversary injects one or more TCP RST packets to a target after the target has made a HTTP GET request. The goal of this attack is to have the target and/or… |
| CAPEC-597 | Absolute Path Traversal | An adversary with access to file system resources, either directly or via application logic, will use various file absolute paths and navigation mechanisms suc… |
| CAPEC-598 | DNS Spoofing | An adversary sends a malicious ("NXDOMAIN" ("No such domain") code, or DNS A record) response to a target's route request before a legitimate resolver can. Thi… |
| CAPEC-599 | Terrestrial Jamming | In this attack pattern, the adversary transmits disruptive signals in the direction of the target's consumer-level satellite dish (as opposed to the satellite … |
| CAPEC-6 | Argument Injection | An attacker changes the behavior or state of a targeted application through injecting data or command syntax through the targets use of non-validated and non-f… |
| CAPEC-60 | Reusing Session IDs (aka Session Replay) | This attack targets the reuse of valid session ID to spoof the target system in order to gain privileges. The attacker tries to reuse a stolen session ID used … |
| CAPEC-600 | Credential Stuffing | Metadata: standard CAPEC pattern, status stable, likelihood high, severity high. Underlying weaknesses: CWE-522, CWE-307, CWE-308, CWE-309, CWE-262 (and 2 more… |
| CAPEC-601 | Jamming | An adversary uses radio noise or signals in an attempt to disrupt communications. By intentionally overwhelming system resources with illegitimate traffic, ser… |
| CAPEC-602 | DEPRECATED: Degradation | This attack pattern has been deprecated. Metadata: meta CAPEC pattern, status deprecated. Metadata: meta CAPEC pattern, status deprecated. |
| CAPEC-603 | Blockage | An adversary blocks the delivery of an important system resource causing the system to fail or stop working. Metadata: standard CAPEC pattern, status draft, l… |
| CAPEC-604 | Wi-Fi Jamming | In this attack scenario, the attacker actively transmits on the Wi-Fi channel to prevent users from transmitting or receiving data from the targeted Wi-Fi netw… |
| CAPEC-605 | Cellular Jamming | In this attack scenario, the attacker actively transmits signals to overpower and disrupt the communication between a cellular user device and a cell tower. Se… |
| CAPEC-606 | Weakening of Cellular Encryption | An attacker, with control of a Cellular Rogue Base Station or through cooperation with a Malicious Mobile Network Operator can force the mobile device (e.g., t… |
| CAPEC-607 | Obstruction | An attacker obstructs the interactions between system components. By interrupting or disabling these interactions, an adversary can often force the system into… |
| CAPEC-608 | Cryptanalysis of Cellular Encryption | The use of cryptanalytic techniques to derive cryptographic keys or otherwise effectively defeat cellular encryption to reveal traffic content. Some cellular e… |
| CAPEC-609 | Cellular Traffic Intercept | Cellular traffic for voice and data from mobile devices and retransmission devices can be intercepted via numerous methods. Malicious actors can deploy their o… |
| CAPEC-61 | Session Fixation | The attacker induces a client to establish a session with the target software using a session identifier provided by the attacker. Once the user successfully a… |
| CAPEC-610 | Cellular Data Injection | Adversaries inject data into mobile technology traffic (data flows or signaling data) to disrupt communications or conduct additional surveillance operations. … |
| CAPEC-611 | BitSquatting | An adversary registers a domain name one bit different than a trusted domain. A BitSquatting attack leverages random errors in memory to direct Internet traffi… |
| CAPEC-612 | WiFi MAC Address Tracking | In this attack scenario, the attacker passively listens for WiFi messages and logs the associated Media Access Control (MAC) addresses. These addresses are int… |
| CAPEC-613 | WiFi SSID Tracking | In this attack scenario, the attacker passively listens for WiFi management frame messages containing the Service Set Identifier (SSID) for the WiFi network. T… |
| CAPEC-614 | Rooting SIM Cards | SIM cards are the de facto trust anchor of mobile devices worldwide. The cards protect the mobile identity of subscribers, associate devices with phone numbers… |
| CAPEC-615 | Evil Twin Wi-Fi Attack | Adversaries install Wi-Fi equipment that acts as a legitimate Wi-Fi network access point. When a device connects to this access point, Wi-Fi data traffic is in… |
| CAPEC-616 | Establish Rogue Location | An adversary provides a malicious version of a resource at a location that is similar to the expected location of a legitimate resource. After establishing the… |
| CAPEC-617 | Cellular Rogue Base Station | In this attack scenario, the attacker imitates a cellular base station with their own "rogue" base station equipment. Since cellular devices connect to whateve… |
| CAPEC-618 | Cellular Broadcast Message Request | In this attack scenario, the attacker uses knowledge of the target’s mobile phone number (i.e., the number associated with the SIM used in the retransmission d… |
| CAPEC-619 | Signal Strength Tracking | In this attack scenario, the attacker passively monitors the signal strength of the target’s cellular RF signal or WiFi RF signal and uses the strength of the … |