To respond effectively to today’s attacks, the community needs to think outside of the box and have a firm grasp of the attacker’s perspective and the approaches used to exploit software systems. CAPEC™ provides this information to the community to enhance security throughout the software development lifecycle and to support the needs of developers, testers, and educators.

International in scope and free for public use, CAPEC is a publicly available, community-developed list of common attack patterns along with a comprehensive schema and classification taxonomy. Each attack pattern captures knowledge about how specific parts of an attack are designed and executed, providing the attacker’s perspective on the problem and the solution, and gives guidance on ways to mitigate the attack’s effectiveness. Attack patterns help those trying to defend against attacks better understand the specific elements of an attack and how to stop them from succeeding.


What are Attack Patterns?
An "attack pattern" is an abstraction mechanism for helping describe how an attack against vulnerable systems or networks is executed. Each pattern defines a challenge that an attacker may face, provides a description of the common technique(s) used to meet the challenge, and presents recommended methods for mitigating an actual attack. Attack patterns help categorize attacks in a meaningful way in an effort to provide a coherent way of teaching designers and developers how their systems may be attacked and how they can effectively defend them.
Example Attack Patterns
CAPEC-34: HTTP Response Splitting CAPEC-66: SQL Injection
CAPEC-55: Rainbow Tables CAPEC-100: Buffer Overflow
CAPEC-61: Session Fixation CAPEC-103: Clickjacking
CAPEC-62: Cross Site Request Forgery CAPEC-139: Relative Path Traversal
CAPEC-63: Simple Script Injection CAPEC-229: XML Attribute Blowup

Page Last Updated: April 10, 2014