Home > CAPEC List > CAPEC-1000: Mechanisms of Attack (Version 2.11)  

CAPEC VIEW: Mechanisms of Attack

 
Mechanisms of Attack
Definition in a New Window Definition in a New Window
View ID: 1000
Structure: Graph
Status: Stable
+ View Objective

This view organizes attack patterns hierarchically based on mechanisms that are frequently employed when exploiting a vulnerability. The categories that are members of this view represent the different techniques used to attack a system. They do not, however, represent the consequences or goals of the attacks. There exists the potential for some attack patterns to align with more than one category depending on one’s perspective. To counter this, emphasis was placed such that attack patterns as presented within each category use a technique not sometimes, but without exception.

+ Relationships
1000 - Mechanisms of Attack
+CategoryCategoryCollect and Analyze Information - (118)Collect and Analyze Information - (118)
+Meta Attack PatternMeta Attack PatternExcavation - (116)Excavation - (116)
*Standard Attack PatternStandard Attack PatternDumpster Diving - (406)Dumpster Diving - (406)
+Standard Attack PatternStandard Attack PatternQuery System for Information - (54)Query System for Information - (54)
+Standard Attack PatternStandard Attack PatternPull Data from System Resources - (545)Pull Data from System Resources - (545)
*Detailed Attack PatternDetailed Attack PatternProbe iOS Screenshots - (498)Probe iOS Screenshots - (498)
*Detailed Attack PatternDetailed Attack PatternProbe Application Memory - (546)Probe Application Memory - (546)
+Standard Attack PatternStandard Attack PatternObtain Data via Utilities - (567)Obtain Data via Utilities - (567)
*Detailed Attack PatternDetailed Attack PatternDump Password Hashes - (566)Dump Password Hashes - (566)
+Meta Attack PatternMeta Attack PatternInterception - (117)Interception - (117)
+Meta Attack PatternMeta Attack PatternFootprinting - (169)Footprinting - (169)
+Standard Attack PatternStandard Attack PatternHost Discovery - (292)Host Discovery - (292)
*Detailed Attack PatternDetailed Attack PatternICMP Echo Request Ping - (285)ICMP Echo Request Ping - (285)
*Detailed Attack PatternDetailed Attack PatternICMP Address Mask Request - (294)ICMP Address Mask Request - (294)
*Detailed Attack PatternDetailed Attack PatternICMP Timestamp Request - (295)ICMP Timestamp Request - (295)
*Detailed Attack PatternDetailed Attack PatternICMP Information Request - (296)ICMP Information Request - (296)
*Detailed Attack PatternDetailed Attack PatternTCP ACK Ping - (297)TCP ACK Ping - (297)
*Detailed Attack PatternDetailed Attack PatternUDP Ping - (298)UDP Ping - (298)
*Detailed Attack PatternDetailed Attack PatternTCP SYN Ping - (299)TCP SYN Ping - (299)
*Detailed Attack PatternDetailed Attack PatternWiFi MAC Address Tracking - (612)WiFi MAC Address Tracking - (612)
*Detailed Attack PatternDetailed Attack PatternWiFi SSID Tracking - (613)WiFi SSID Tracking - (613)
*Detailed Attack PatternDetailed Attack PatternSignal Strength Tracking - (619)Signal Strength Tracking - (619)
+Standard Attack PatternStandard Attack PatternPort Scanning - (300)Port Scanning - (300)
*Detailed Attack PatternDetailed Attack PatternTCP SYN Scan - (287)TCP SYN Scan - (287)
*Detailed Attack PatternDetailed Attack PatternTCP Connect Scan - (301)TCP Connect Scan - (301)
*Detailed Attack PatternDetailed Attack PatternTCP FIN scan - (302)TCP FIN scan - (302)
*Detailed Attack PatternDetailed Attack PatternTCP Xmas Scan - (303)TCP Xmas Scan - (303)
*Detailed Attack PatternDetailed Attack PatternTCP Null Scan - (304)TCP Null Scan - (304)
*Detailed Attack PatternDetailed Attack PatternTCP ACK Scan - (305)TCP ACK Scan - (305)
*Detailed Attack PatternDetailed Attack PatternTCP Window Scan - (306)TCP Window Scan - (306)
*Detailed Attack PatternDetailed Attack PatternTCP RPC Scan - (307)TCP RPC Scan - (307)
*Detailed Attack PatternDetailed Attack PatternUDP Scan - (308)UDP Scan - (308)
+Standard Attack PatternStandard Attack PatternNetwork Topology Mapping - (309)Network Topology Mapping - (309)
*Detailed Attack PatternDetailed Attack PatternDNS Zone Transfers - (291)DNS Zone Transfers - (291)
*Detailed Attack PatternDetailed Attack PatternTraceroute Route Enumeration - (293)Traceroute Route Enumeration - (293)
*Detailed Attack PatternDetailed Attack PatternProcess Footprinting - (573)Process Footprinting - (573)
*Detailed Attack PatternDetailed Attack PatternServices Footprinting - (574)Services Footprinting - (574)
*Detailed Attack PatternDetailed Attack PatternAccount Footprinting - (575)Account Footprinting - (575)
*Detailed Attack PatternDetailed Attack PatternGroup Permission Footprinting - (576)Group Permission Footprinting - (576)
*Detailed Attack PatternDetailed Attack PatternOwner Footprinting - (577)Owner Footprinting - (577)
+Standard Attack PatternStandard Attack PatternApplication Footprinting - (580)Application Footprinting - (580)
+Meta Attack PatternMeta Attack PatternReverse Engineering - (188)Reverse Engineering - (188)
+Meta Attack PatternMeta Attack PatternProtocol Analysis - (192)Protocol Analysis - (192)
+Standard Attack PatternStandard Attack PatternCryptanalysis - (97)Cryptanalysis - (97)
+Meta Attack PatternMeta Attack PatternFingerprinting - (224)Fingerprinting - (224)
+Standard Attack PatternStandard Attack PatternActive OS Fingerprinting - (312)Active OS Fingerprinting - (312)
*Detailed Attack PatternDetailed Attack PatternIP ID Sequencing Probe - (317)IP ID Sequencing Probe - (317)
*Detailed Attack PatternDetailed Attack PatternTCP Timestamp Probe - (320)TCP Timestamp Probe - (320)
*Detailed Attack PatternDetailed Attack PatternTCP Sequence Number Probe - (321)TCP Sequence Number Probe - (321)
*Detailed Attack PatternDetailed Attack PatternTCP (ISN) Counter Rate Probe - (323)TCP (ISN) Counter Rate Probe - (323)
*Detailed Attack PatternDetailed Attack PatternTCP Initial Window Size Probe - (326)TCP Initial Window Size Probe - (326)
*Detailed Attack PatternDetailed Attack PatternTCP Options Probe - (327)TCP Options Probe - (327)
*Detailed Attack PatternDetailed Attack PatternTCP 'RST' Flag Checksum Probe - (328)TCP 'RST' Flag Checksum Probe - (328)
*Standard Attack PatternStandard Attack PatternPassive OS Fingerprinting - (313)Passive OS Fingerprinting - (313)
+Standard Attack PatternStandard Attack PatternApplication Fingerprinting - (541)Application Fingerprinting - (541)
*Detailed Attack PatternDetailed Attack PatternBrowser Fingerprinting - (472)Browser Fingerprinting - (472)
*Detailed Attack PatternDetailed Attack PatternAJAX Fingerprinting - (85)AJAX Fingerprinting - (85)
+Meta Attack PatternMeta Attack PatternInformation Elicitation - (410)Information Elicitation - (410)
+Standard Attack PatternStandard Attack PatternPretexting - (407)Pretexting - (407)
*Detailed Attack PatternDetailed Attack PatternPretexting via Tech Support - (413)Pretexting via Tech Support - (413)
*Detailed Attack PatternDetailed Attack PatternPretexting via Phone - (415)Pretexting via Phone - (415)
+CategoryCategoryInject Unexpected Items - (152)Inject Unexpected Items - (152)
+Meta Attack PatternMeta Attack PatternParameter Injection - (137)Parameter Injection - (137)
*Standard Attack PatternStandard Attack PatternFormat String Injection - (135)Format String Injection - (135)
*Standard Attack PatternStandard Attack PatternReflection Injection - (138)Reflection Injection - (138)
+Standard Attack PatternStandard Attack PatternCommand Delimiters - (15)Command Delimiters - (15)
*Detailed Attack PatternDetailed Attack PatternFlash Parameter Injection - (174)Flash Parameter Injection - (174)
+Standard Attack PatternStandard Attack PatternFlash Injection - (182)Flash Injection - (182)
*Detailed Attack PatternDetailed Attack PatternCross-Site Flashing - (178)Cross-Site Flashing - (178)
*Standard Attack PatternStandard Attack PatternArgument Injection - (6)Argument Injection - (6)
+Meta Attack PatternMeta Attack PatternCode Inclusion - (175)Code Inclusion - (175)
+Standard Attack PatternStandard Attack PatternLocal Code Inclusion - (251)Local Code Inclusion - (251)
*Detailed Attack PatternDetailed Attack PatternPHP Local File Inclusion - (252)PHP Local File Inclusion - (252)
+Standard Attack PatternStandard Attack PatternRemote Code Inclusion - (253)Remote Code Inclusion - (253)
*Detailed Attack PatternDetailed Attack PatternPHP Remote File Inclusion - (193)PHP Remote File Inclusion - (193)
*Detailed Attack PatternDetailed Attack PatternWebView Injection - (500)WebView Injection - (500)
+Meta Attack PatternMeta Attack PatternResource Injection - (240)Resource Injection - (240)
*Detailed Attack PatternDetailed Attack PatternCellular Data Injection - (610)Cellular Data Injection - (610)
+Meta Attack PatternMeta Attack PatternCode Injection - (242)Code Injection - (242)
+Standard Attack PatternStandard Attack PatternFile Content Injection - (23)File Content Injection - (23)
+Standard Attack PatternStandard Attack PatternCross-Site Scripting (XSS) - (63)Cross-Site Scripting (XSS) - (63)
+Detailed Attack PatternDetailed Attack PatternDOM-Based XSS - (588)DOM-Based XSS - (588)
*Detailed Attack PatternDetailed Attack PatternXSS Targeting Error Pages - (198)XSS Targeting Error Pages - (198)
*Detailed Attack PatternDetailed Attack PatternXSS Using Alternate Syntax - (199)XSS Using Alternate Syntax - (199)
*Detailed Attack PatternDetailed Attack PatternXSS Using Doubled Characters - (245)XSS Using Doubled Characters - (245)
*Detailed Attack PatternDetailed Attack PatternXSS Using Invalid Characters - (247)XSS Using Invalid Characters - (247)
*Detailed Attack PatternDetailed Attack PatternXSS Through HTTP Headers - (86)XSS Through HTTP Headers - (86)
+Detailed Attack PatternDetailed Attack PatternReflected XSS - (591)Reflected XSS - (591)
*Detailed Attack PatternDetailed Attack PatternXSS Targeting Error Pages - (198)XSS Targeting Error Pages - (198)
*Detailed Attack PatternDetailed Attack PatternXSS Using Alternate Syntax - (199)XSS Using Alternate Syntax - (199)
*Detailed Attack PatternDetailed Attack PatternXSS Using Doubled Characters - (245)XSS Using Doubled Characters - (245)
*Detailed Attack PatternDetailed Attack PatternXSS Using Invalid Characters - (247)XSS Using Invalid Characters - (247)
*Detailed Attack PatternDetailed Attack PatternXSS Through HTTP Headers - (86)XSS Through HTTP Headers - (86)
+Detailed Attack PatternDetailed Attack PatternStored XSS - (592)Stored XSS - (592)
*Detailed Attack PatternDetailed Attack PatternXSS Targeting Error Pages - (198)XSS Targeting Error Pages - (198)
*Detailed Attack PatternDetailed Attack PatternXSS Using Alternate Syntax - (199)XSS Using Alternate Syntax - (199)
*Detailed Attack PatternDetailed Attack PatternXSS Using MIME Type Mismatch - (209)XSS Using MIME Type Mismatch - (209)
*Detailed Attack PatternDetailed Attack PatternXSS Using Doubled Characters - (245)XSS Using Doubled Characters - (245)
*Detailed Attack PatternDetailed Attack PatternXSS Using Invalid Characters - (247)XSS Using Invalid Characters - (247)
+Meta Attack PatternMeta Attack PatternCommand Injection - (248)Command Injection - (248)
*Standard Attack PatternStandard Attack PatternLDAP Injection - (136)LDAP Injection - (136)
*Standard Attack PatternStandard Attack PatternIMAP/SMTP Command Injection - (183)IMAP/SMTP Command Injection - (183)
+Standard Attack PatternStandard Attack PatternXML Injection - (250)XML Injection - (250)
*Detailed Attack PatternDetailed Attack PatternDTD Injection - (228)DTD Injection - (228)
*Detailed Attack PatternDetailed Attack PatternXPath Injection - (83)XPath Injection - (83)
*Detailed Attack PatternDetailed Attack PatternXQuery Injection - (84)XQuery Injection - (84)
*Standard Attack PatternStandard Attack PatternOS Command Injection - (88)OS Command Injection - (88)
+Meta Attack PatternMeta Attack PatternLocal Execution of Code - (549)Local Execution of Code - (549)
+Standard Attack PatternStandard Attack PatternTargeted Malware - (542)Targeted Malware - (542)
*Detailed Attack PatternDetailed Attack PatternInstall New Service - (550)Install New Service - (550)
*Detailed Attack PatternDetailed Attack PatternModify Existing Service - (551)Modify Existing Service - (551)
*Detailed Attack PatternDetailed Attack PatternInstall Rootkit - (552)Install Rootkit - (552)
*Detailed Attack PatternDetailed Attack PatternSchedule Software To Run - (557)Schedule Software To Run - (557)
*Detailed Attack PatternDetailed Attack PatternReplace Trusted Executable - (558)Replace Trusted Executable - (558)
*Detailed Attack PatternDetailed Attack PatternRun Software at Logon - (564)Run Software at Logon - (564)
*Detailed Attack PatternDetailed Attack PatternReplace Winlogon Helper DLL - (579)Replace Winlogon Helper DLL - (579)
*Meta Attack PatternMeta Attack PatternObject Injection - (586)Object Injection - (586)
+Meta Attack PatternMeta Attack PatternTraffic Injection - (594)Traffic Injection - (594)
+Standard Attack PatternStandard Attack PatternConnection Reset - (595)Connection Reset - (595)
*Detailed Attack PatternDetailed Attack PatternTCP RST Injection - (596)TCP RST Injection - (596)
+Meta Attack PatternMeta Attack PatternFault Injection - (624)Fault Injection - (624)
*Detailed Attack PatternDetailed Attack PatternMobile Device Fault Injection - (625)Mobile Device Fault Injection - (625)
+CategoryCategoryEngage in Deceptive Interactions - (156)Engage in Deceptive Interactions - (156)
+Meta Attack PatternMeta Attack PatternContent Spoofing - (148)Content Spoofing - (148)
*Detailed Attack PatternDetailed Attack PatternChecksum Spoofing - (145)Checksum Spoofing - (145)
*Standard Attack PatternStandard Attack PatternIntent Spoof - (502)Intent Spoof - (502)
*Detailed Attack PatternDetailed Attack PatternSignature-Based Avoidance - (570)Signature-Based Avoidance - (570)
+Standard Attack PatternStandard Attack PatternCounterfeit GPS Signals - (627)Counterfeit GPS Signals - (627)
*Detailed Attack PatternDetailed Attack PatternCarry-Off GPS Attack - (628)Carry-Off GPS Attack - (628)
+Meta Attack PatternMeta Attack PatternIdentity Spoofing - (151)Identity Spoofing - (151)
+Standard Attack PatternStandard Attack PatternFake the Source of Data - (194)Fake the Source of Data - (194)
+Detailed Attack PatternDetailed Attack PatternCounterfeit Websites - (543)Counterfeit Websites - (543)
+Standard Attack PatternStandard Attack PatternPhishing - (98)Phishing - (98)
*Detailed Attack PatternDetailed Attack PatternSpear Phishing - (163)Spear Phishing - (163)
*Detailed Attack PatternDetailed Attack PatternMobile Phishing - (164)Mobile Phishing - (164)
*Detailed Attack PatternDetailed Attack PatternCounterfeit Organizations - (544)Counterfeit Organizations - (544)
*Detailed Attack PatternDetailed Attack PatternDNS Spoofing - (598)DNS Spoofing - (598)
+Standard Attack PatternStandard Attack PatternPrincipal Spoof - (195)Principal Spoof - (195)
*Standard Attack PatternStandard Attack PatternCross Frame Scripting (XFS) - (587)Cross Frame Scripting (XFS) - (587)
*Detailed Attack PatternDetailed Attack PatternTerrestrial Jamming - (599)Terrestrial Jamming - (599)
+Standard Attack PatternStandard Attack PatternSignature Spoof - (473)Signature Spoof - (473)
*Standard Attack PatternStandard Attack PatternPharming - (89)Pharming - (89)
+Standard Attack PatternStandard Attack PatternPhishing - (98)Phishing - (98)
*Detailed Attack PatternDetailed Attack PatternSpear Phishing - (163)Spear Phishing - (163)
*Detailed Attack PatternDetailed Attack PatternMobile Phishing - (164)Mobile Phishing - (164)
+Meta Attack PatternMeta Attack PatternResource Location Spoofing - (154)Resource Location Spoofing - (154)
+Standard Attack PatternStandard Attack PatternEstablish Rogue Location - (616)Establish Rogue Location - (616)
*Detailed Attack PatternDetailed Attack PatternBitSquatting - (611)BitSquatting - (611)
*Detailed Attack PatternDetailed Attack PatternEvil Twin Wi-Fi Attack - (615)Evil Twin Wi-Fi Attack - (615)
*Detailed Attack PatternDetailed Attack PatternCellular Rogue Base Station - (617)Cellular Rogue Base Station - (617)
*Detailed Attack PatternDetailed Attack PatternTypoSquatting - (630)TypoSquatting - (630)
*Detailed Attack PatternDetailed Attack PatternSoundSquatting - (631)SoundSquatting - (631)
+Meta Attack PatternMeta Attack PatternAction Spoofing - (173)Action Spoofing - (173)
+Standard Attack PatternStandard Attack PatternClickjacking - (103)Clickjacking - (103)
*Detailed Attack PatternDetailed Attack PatternFlash File Overlay - (181)Flash File Overlay - (181)
*Detailed Attack PatternDetailed Attack PatterniFrame Overlay - (222)iFrame Overlay - (222)
*Detailed Attack PatternDetailed Attack PatternActivity Hijack - (501)Activity Hijack - (501)
*Detailed Attack PatternDetailed Attack PatternTask Impersonation - (504)Task Impersonation - (504)
*Detailed Attack PatternDetailed Attack PatternScheme Squatting - (505)Scheme Squatting - (505)
*Standard Attack PatternStandard Attack PatternTapjacking - (506)Tapjacking - (506)
+Meta Attack PatternMeta Attack PatternManipulate Human Behavior - (416)Manipulate Human Behavior - (416)
+Standard Attack PatternStandard Attack PatternPretexting - (407)Pretexting - (407)
*Detailed Attack PatternDetailed Attack PatternPretexting via Tech Support - (413)Pretexting via Tech Support - (413)
*Detailed Attack PatternDetailed Attack PatternPretexting via Phone - (415)Pretexting via Phone - (415)
*Standard Attack PatternStandard Attack PatternTarget Influence via Framing - (425)Target Influence via Framing - (425)
*Standard Attack PatternStandard Attack PatternInfluence via Incentives - (426)Influence via Incentives - (426)
+Standard Attack PatternStandard Attack PatternInfluence via Psychological Principles - (427)Influence via Psychological Principles - (427)
+CategoryCategoryAbuse Existing Functionality - (210)Abuse Existing Functionality - (210)
+Meta Attack PatternMeta Attack PatternAPI Manipulation - (113)API Manipulation - (113)
*Standard Attack PatternStandard Attack PatternExploit Test APIs - (121)Exploit Test APIs - (121)
*Standard Attack PatternStandard Attack PatternTry All Common Switches - (133)Try All Common Switches - (133)
*Standard Attack PatternStandard Attack PatternExploit Script-Based APIs - (160)Exploit Script-Based APIs - (160)
*Standard Attack PatternStandard Attack PatternUsing Unpublished APIs - (36)Using Unpublished APIs - (36)
+Meta Attack PatternMeta Attack PatternFlooding - (125)Flooding - (125)
*Standard Attack PatternStandard Attack PatternTCP Flood - (482)TCP Flood - (482)
*Standard Attack PatternStandard Attack PatternUDP Flood - (486)UDP Flood - (486)
*Standard Attack PatternStandard Attack PatternICMP Flood - (487)ICMP Flood - (487)
*Standard Attack PatternStandard Attack PatternHTTP Flood - (488)HTTP Flood - (488)
*Standard Attack PatternStandard Attack PatternSSL Flood - (489)SSL Flood - (489)
*Standard Attack PatternStandard Attack PatternAmplification - (490)Amplification - (490)
+Standard Attack PatternStandard Attack PatternXML Flood - (528)XML Flood - (528)
*Detailed Attack PatternDetailed Attack PatternXML Ping of the Death - (147)XML Ping of the Death - (147)
+Meta Attack PatternMeta Attack PatternExcessive Allocation - (130)Excessive Allocation - (130)
+Standard Attack PatternStandard Attack PatternXML Nested Payloads - (230)XML Nested Payloads - (230)
*Detailed Attack PatternDetailed Attack PatternXML Entity Expansion - (197)XML Entity Expansion - (197)
*Detailed Attack PatternDetailed Attack PatternXML Quadratic Expansion - (491)XML Quadratic Expansion - (491)
+Standard Attack PatternStandard Attack PatternXML Oversized Payloads - (231)XML Oversized Payloads - (231)
*Detailed Attack PatternDetailed Attack PatternXML Entity Blowup - (201)XML Entity Blowup - (201)
*Detailed Attack PatternDetailed Attack PatternXML Attribute Blowup - (229)XML Attribute Blowup - (229)
*Standard Attack PatternStandard Attack PatternSOAP Array Blowup - (493)SOAP Array Blowup - (493)
*Standard Attack PatternStandard Attack PatternTCP Fragmentation - (494)TCP Fragmentation - (494)
*Standard Attack PatternStandard Attack PatternUDP Fragmentation - (495)UDP Fragmentation - (495)
*Standard Attack PatternStandard Attack PatternICMP Fragmentation - (496)ICMP Fragmentation - (496)
*Meta Attack PatternMeta Attack PatternResource Leak Exposure - (131)Resource Leak Exposure - (131)
+Meta Attack PatternMeta Attack PatternSustained Client Engagement - (227)Sustained Client Engagement - (227)
*Standard Attack PatternStandard Attack PatternHTTP DoS - (469)HTTP DoS - (469)
+Meta Attack PatternMeta Attack PatternProtocol Manipulation - (272)Protocol Manipulation - (272)
+Standard Attack PatternStandard Attack PatternClient-Server Protocol Manipulation - (220)Client-Server Protocol Manipulation - (220)
*Standard Attack PatternStandard Attack PatternHTTP Request Splitting - (105)HTTP Request Splitting - (105)
*Detailed Attack PatternDetailed Attack PatternHTTP Response Smuggling - (273)HTTP Response Smuggling - (273)
*Detailed Attack PatternDetailed Attack PatternHTTP Verb Tampering - (274)HTTP Verb Tampering - (274)
*Detailed Attack PatternDetailed Attack PatternHTTP Request Smuggling - (33)HTTP Request Smuggling - (33)
*Detailed Attack PatternDetailed Attack PatternHTTP Response Splitting - (34)HTTP Response Splitting - (34)
*Detailed Attack PatternDetailed Attack PatternBlue Boxing - (5)Blue Boxing - (5)
*Standard Attack PatternStandard Attack PatternDNS Rebinding - (275)DNS Rebinding - (275)
+Meta Attack PatternMeta Attack PatternWeb Services Protocol Manipulation - (278)Web Services Protocol Manipulation - (278)
+Standard Attack PatternStandard Attack PatternXML External Entities - (221)XML External Entities - (221)
*Detailed Attack PatternDetailed Attack PatternXML Entity Blowup - (201)XML Entity Blowup - (201)
+Standard Attack PatternStandard Attack PatternSoap Manipulation - (279)Soap Manipulation - (279)
*Detailed Attack PatternDetailed Attack PatternSOAP Parameter Tampering - (280)SOAP Parameter Tampering - (280)
+Meta Attack PatternMeta Attack PatternFunctionality Bypass - (554)Functionality Bypass - (554)
*Standard Attack PatternStandard Attack PatternEvercookie - (464)Evercookie - (464)
*Detailed Attack PatternDetailed Attack PatternTransparent Proxy Abuse - (465)Transparent Proxy Abuse - (465)
+CategoryCategoryEmploy Probabilistic Techniques - (223)Employ Probabilistic Techniques - (223)
+Meta Attack PatternMeta Attack PatternBrute Force - (112)Brute Force - (112)
*Meta Attack PatternMeta Attack PatternFuzzing - (28)Fuzzing - (28)
+CategoryCategorySubvert Access Control - (225)Subvert Access Control - (225)
+Meta Attack PatternMeta Attack PatternPrivilege Abuse - (122)Privilege Abuse - (122)
+Meta Attack PatternMeta Attack PatternExploitation of Trusted Credentials - (21)Exploitation of Trusted Credentials - (21)
+Meta Attack PatternMeta Attack PatternExploiting Trust in Client - (22)Exploiting Trust in Client - (22)
*Standard Attack PatternStandard Attack PatternCreate Malicious Client - (202)Create Malicious Client - (202)
+Standard Attack PatternStandard Attack PatternMan in the Middle Attack - (94)Man in the Middle Attack - (94)
+Meta Attack PatternMeta Attack PatternPrivilege Escalation - (233)Privilege Escalation - (233)
*Standard Attack PatternStandard Attack PatternCross Zone Scripting - (104)Cross Zone Scripting - (104)
*Detailed Attack PatternDetailed Attack PatternRestful Privilege Elevation - (58)Restful Privilege Elevation - (58)
+Meta Attack PatternMeta Attack PatternBypassing Physical Security - (390)Bypassing Physical Security - (390)
*Meta Attack PatternMeta Attack PatternPhysical Theft - (507)Physical Theft - (507)
+CategoryCategoryManipulate Data Structures - (255)Manipulate Data Structures - (255)
+Meta Attack PatternMeta Attack PatternBuffer Manipulation - (123)Buffer Manipulation - (123)
*Meta Attack PatternMeta Attack PatternShared Data Manipulation - (124)Shared Data Manipulation - (124)
*Meta Attack PatternMeta Attack PatternPointer Manipulation - (129)Pointer Manipulation - (129)
+Meta Attack PatternMeta Attack PatternInput Data Manipulation - (153)Input Data Manipulation - (153)
+Standard Attack PatternStandard Attack PatternPath Traversal - (126)Path Traversal - (126)
+Standard Attack PatternStandard Attack PatternInteger Attacks - (128)Integer Attacks - (128)
*Detailed Attack PatternDetailed Attack PatternForced Integer Overflow - (92)Forced Integer Overflow - (92)
+Standard Attack PatternStandard Attack PatternLeverage Alternate Encoding - (267)Leverage Alternate Encoding - (267)
+CategoryCategoryManipulate System Resources - (262)Manipulate System Resources - (262)
+Meta Attack PatternMeta Attack PatternInfrastructure Manipulation - (161)Infrastructure Manipulation - (161)
+Standard Attack PatternStandard Attack PatternCache Poisoning - (141)Cache Poisoning - (141)
*Detailed Attack PatternDetailed Attack PatternDNS Cache Poisoning - (142)DNS Cache Poisoning - (142)
+Standard Attack PatternStandard Attack PatternAudit Log Manipulation - (268)Audit Log Manipulation - (268)
*Detailed Attack PatternDetailed Attack PatternWeb Logs Tampering - (81)Web Logs Tampering - (81)
+Meta Attack PatternMeta Attack PatternFile Manipulation - (165)File Manipulation - (165)
+Meta Attack PatternMeta Attack PatternConfiguration/Environment Manipulation - (176)Configuration/Environment Manipulation - (176)
+Meta Attack PatternMeta Attack PatternSoftware Integrity Attack - (184)Software Integrity Attack - (184)
*Standard Attack PatternStandard Attack PatternMalicious Software Download - (185)Malicious Software Download - (185)
+Standard Attack PatternStandard Attack PatternMalicious Software Update - (186)Malicious Software Update - (186)
*Detailed Attack PatternDetailed Attack PatternRooting SIM Cards - (614)Rooting SIM Cards - (614)
+Meta Attack PatternMeta Attack PatternModification During Manufacture - (438)Modification During Manufacture - (438)
+Standard Attack PatternStandard Attack PatternDevelopment Alteration - (444)Development Alteration - (444)
+Meta Attack PatternMeta Attack PatternHardware Integrity Attack - (440)Hardware Integrity Attack - (440)
+Standard Attack PatternStandard Attack PatternHacking Hardware - (401)Hacking Hardware - (401)
+Standard Attack PatternStandard Attack PatternMalicious Hardware Update - (534)Malicious Hardware Update - (534)
+Meta Attack PatternMeta Attack PatternMalicious Logic Insertion - (441)Malicious Logic Insertion - (441)
*Meta Attack PatternMeta Attack PatternContaminate Resource - (548)Contaminate Resource - (548)
+Meta Attack PatternMeta Attack PatternObstruction - (607)Obstruction - (607)
+Standard Attack PatternStandard Attack PatternRoute Disabling - (582)Route Disabling - (582)
*Detailed Attack PatternDetailed Attack PatternDisabling Network Hardware - (583)Disabling Network Hardware - (583)
*Detailed Attack PatternDetailed Attack PatternBGP Route Disabling - (584)BGP Route Disabling - (584)
*Detailed Attack PatternDetailed Attack PatternDNS Domain Seizure - (585)DNS Domain Seizure - (585)
+Standard Attack PatternStandard Attack PatternJamming - (601)Jamming - (601)
*Detailed Attack PatternDetailed Attack PatternOrbital Jamming - (559)Orbital Jamming - (559)
*Detailed Attack PatternDetailed Attack PatternWi-Fi Jamming - (604)Wi-Fi Jamming - (604)
*Detailed Attack PatternDetailed Attack PatternCellular Jamming - (605)Cellular Jamming - (605)
+Standard Attack PatternStandard Attack PatternBlockage - (603)Blockage - (603)
*Detailed Attack PatternDetailed Attack PatternDNS Blocking - (589)DNS Blocking - (589)
*Detailed Attack PatternDetailed Attack PatternIP Address Blocking - (590)IP Address Blocking - (590)
*Detailed Attack PatternDetailed Attack PatternBlock Access to Libraries - (96)Block Access to Libraries - (96)
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2015-11-09Updated View_ObjectiveInternal
CAPEC Content TeamThe MITRE Corporation2017-01-09Updated Relationships, View_ObjectiveInternal
CAPECs in this viewTotal CAPECs
Total517out of566
Views0out of9
Categories9out of49
Attack Patterns508out of508

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2017