To respond effectively to today’s attacks, the community needs to think outside of the box and have a firm grasp of the attacker’s perspective and the approaches used to exploit cyber-enabled capabilities. CAPEC™ provides this information to the community to enhance security throughout a capabilities' lifecycle and to support the needs of developers, testers, and educators.

International in scope and free for public use, CAPEC is a publicly available, community-developed list of common attack patterns along with a comprehensive schema and classification taxonomy. Each attack pattern captures knowledge about how specific parts of an attack are designed and executed, providing the attacker’s perspective on the problem and the solution, and gives guidance on ways to mitigate the attack’s effectiveness. Attack patterns help those trying to defend against attacks better understand the specific elements of an attack and how to stop them from succeeding.


What are Attack Patterns?
An "attack pattern" is an abstraction mechanism to assist in understanding how an attack against vulnerable cyber-enabled capabilities is executed. Each pattern defines a challenge that an adversary may face, provides a description of the common technique(s) used to meet the challenge, and presents recommended methods for mitigating an actual attack. Attack patterns help categorize attacks in a meaningful way in an effort to provide a coherent way of teaching designers and developers how their systems may be attacked and how they can effectively defend them.
Example Attack Patterns
CAPEC-34: HTTP Response Splitting CAPEC-66: SQL Injection
CAPEC-55: Rainbow Tables CAPEC-100: Buffer Overflow
CAPEC-61: Session Fixation CAPEC-103: Clickjacking
CAPEC-62: Cross Site Request Forgery CAPEC-139: Relative Path Traversal
CAPEC-63: Simple Script Injection CAPEC-229: XML Attribute Blowup

Page Last Updated: July 23, 2014