615 indexed
CAPECCAPEC attack patterns
615 MITRE CAPEC entries — attack patterns at meta, standard, and detailed abstraction levels. Filter by abstraction. Authored by Adam Lundqvist.
Showing 51–100 of 615 · page 2 of 13
| ID | Title | Summary |
|---|---|---|
| CAPEC-146 | XML Schema Poisoning | An adversary corrupts or modifies the content of XML schema information passed between a client and server for the purpose of undermining the security of the t… |
| CAPEC-147 | XML Ping of the Death | An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of se… |
| CAPEC-148 | Content Spoofing | An adversary modifies content to make it contain something other than what the original content producer intended while keeping the apparent source of the cont… |
| CAPEC-149 | Explore for Predictable Temporary File Names | An attacker explores a target to identify the names and locations of predictable temporary files for the purpose of launching further attacks against the targe… |
| CAPEC-15 | Command Delimiters | An attack of this type exploits a programs' vulnerabilities that allows an attacker's commands to be concatenated onto a legitimate command with the intent of … |
| CAPEC-150 | Collect Data from Common Resource Locations | An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and re… |
| CAPEC-151 | Identity Spoofing | Identity Spoofing refers to the action of assuming (i.e., taking on) the identity of some other entity (human or non-human) and then using that identity to acc… |
| CAPEC-153 | Input Data Manipulation | An attacker exploits a weakness in input validation by controlling the format, structure, and composition of data to an input-processing interface. By supplyin… |
| CAPEC-154 | Resource Location Spoofing | An adversary deceives an application or user and convinces them to request a resource from an unintended location. By spoofing the location, the adversary can … |
| CAPEC-155 | Screen Temporary Files for Sensitive Information | An adversary exploits the temporary, insecure storage of information by monitoring the content of files used to store temp data during an application's routine… |
| CAPEC-157 | Sniffing Attacks | In this attack pattern, the adversary intercepts information transmitted between two third parties. The adversary must be able to observe, read, and/or hear th… |
| CAPEC-158 | Sniffing Network Traffic | In this attack pattern, the adversary monitors network traffic between nodes of a public or multicast network in an attempt to capture sensitive information at… |
| CAPEC-159 | Redirect Access to Libraries | An adversary exploits a weakness in the way an application searches for external libraries to manipulate the execution flow to point to an adversary supplied l… |
| CAPEC-16 | Dictionary-based Password Attack | Metadata: detailed CAPEC pattern, status draft, likelihood medium, severity high. Underlying weaknesses: CWE-521, CWE-262, CWE-263, CWE-654, CWE-307 (and 2 mor… |
| CAPEC-160 | Exploit Script-Based APIs | Some APIs support scripting instructions as arguments. Methods that take scripted instructions (or references to scripted instructions) can be very flexible an… |
| CAPEC-161 | Infrastructure Manipulation | An attacker exploits characteristics of the infrastructure of a network entity in order to perpetrate attacks or information gathering on network objects or ef… |
| CAPEC-162 | Manipulating Hidden Fields | An adversary exploits a weakness in the server's trust of client-side processing by modifying data on the client-side, such as price information, and then subm… |
| CAPEC-163 | Spear Phishing | An adversary targets a specific user or group with a Phishing (CAPEC-98) attack tailored to a category of users in order to have maximum relevance and deceptiv… |
| CAPEC-164 | Mobile Phishing | An adversary targets mobile phone users with a phishing attack for the purpose of soliciting account passwords or sensitive information from the user. Mobile P… |
| CAPEC-165 | File Manipulation | An attacker modifies file contents or attributes (such as extensions or names) of files in a manner to cause incorrect processing by an application. Attackers … |
| CAPEC-166 | Force the System to Reset Values | An attacker forces the target into a previous state in order to leverage potential weaknesses in the target dependent upon a prior configuration or state-depen… |
| CAPEC-167 | White Box Reverse Engineering | An attacker discovers the structure, function, and composition of a type of computer software through white box analysis techniques. White box techniques invol… |
| CAPEC-168 | Windows ::DATA Alternate Data Stream | An attacker exploits the functionality of Microsoft NTFS Alternate Data Streams (ADS) to undermine system security. ADS allows multiple "files" to be stored in… |
| CAPEC-169 | Footprinting | An adversary engages in probing and exploration activities to identify constituents and properties of the target. Metadata: meta CAPEC pattern, status stable,… |
| CAPEC-17 | Using Malicious Files | An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell acces… |
| CAPEC-170 | Web Application Fingerprinting | An attacker sends a series of probes to a web application in order to elicit version-dependent and type-dependent behavior that assists in identifying the targ… |
| CAPEC-171 | DEPRECATED: Variable Manipulation | This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-77 : Manipulating User-Controlled Variables". Please refer t… |
| CAPEC-173 | Action Spoofing | An adversary is able to disguise one action for another and therefore trick a user into initiating one type of action when they intend to initiate a different … |
| CAPEC-174 | Flash Parameter Injection | An adversary takes advantage of improper data validation to inject malicious global parameters into a Flash file embedded within an HTML document. Flash files … |
| CAPEC-175 | Code Inclusion | An adversary exploits a weakness on the target to force arbitrary code to be retrieved locally or from a remote location and executed. This differs from code i… |
| CAPEC-176 | Configuration/Environment Manipulation | An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use ex… |
| CAPEC-177 | Create files with the same name as files protected with a higher classification | An attacker exploits file location algorithms in an operating system or application by creating a file with the same name as a protected or privileged file. Th… |
| CAPEC-178 | Cross-Site Flashing | An attacker is able to trick the victim into executing a Flash document that passes commands or calls to a Flash player browser plugin, allowing the attacker t… |
| CAPEC-179 | Calling Micro-Services Directly | An attacker is able to discover and query Micro-services at a web location and thereby expose the Micro-services to further exploitation by gathering informati… |
| CAPEC-18 | XSS Targeting Non-Script Elements | This attack is a form of Cross-Site Scripting (XSS) where malicious scripts are embedded in elements that are not expected to host scripts such as image tags (… |
| CAPEC-180 | Exploiting Incorrectly Configured Access Control Security Levels | An attacker exploits a weakness in the configuration of access controls and is able to bypass the intended protection that these measures guard against and the… |
| CAPEC-181 | Flash File Overlay | An attacker creates a transparent overlay using flash in order to intercept user actions for the purpose of performing a clickjacking attack. In this technique… |
| CAPEC-182 | Flash Injection | An attacker tricks a victim to execute malicious flash content that executes commands or makes flash calls specified by the attacker. One example of this attac… |
| CAPEC-183 | IMAP/SMTP Command Injection | An adversary exploits weaknesses in input validation on web-mail servers to execute commands on the IMAP/SMTP server. Web-mail servers often sit between the In… |
| CAPEC-184 | Software Integrity Attack | An attacker initiates a series of events designed to cause a user, program, server, or device to perform actions which undermine the integrity of software code… |
| CAPEC-185 | Malicious Software Download | An attacker uses deceptive methods to cause a user or an automated process to download and install dangerous code that originates from an attacker controlled s… |
| CAPEC-186 | Malicious Software Update | An adversary uses deceptive methods to cause a user or an automated process to download and install dangerous code believed to be a valid update that originate… |
| CAPEC-187 | Malicious Automated Software Update via Redirection | An attacker exploits two layers of weaknesses in server or client software for automated update mechanisms to undermine the integrity of the target code-base. … |
| CAPEC-188 | Reverse Engineering | An adversary discovers the structure, function, and composition of an object, resource, or system by using a variety of analysis techniques to effectively dete… |
| CAPEC-189 | Black Box Reverse Engineering | An adversary discovers the structure, function, and composition of a type of computer software through black box analysis techniques. 'Black Box' methods invol… |
| CAPEC-19 | Embedding Scripts within Scripts | An adversary leverages the capability to execute their own script by embedding it within other scripts that the target software is likely to execute due to pro… |
| CAPEC-190 | Reverse Engineer an Executable to Expose Assumed Hidden Functionality | An attacker analyzes a binary file or executable for the purpose of discovering the structure, function, and possibly source-code of the file by using a variet… |
| CAPEC-191 | Read Sensitive Constants Within an Executable | Metadata: detailed CAPEC pattern, status draft, severity low. Underlying weakness: CWE-798. Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [o… |
| CAPEC-192 | Protocol Analysis | An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting inf… |
| CAPEC-193 | PHP Remote File Inclusion | In this pattern the adversary is able to load and execute arbitrary code remotely available from the application. This is usually accomplished through an insec… |