Common Attack Pattern Enumeration and Classification : CAPEC
CAPEC™ helps by providing a comprehensive dictionary of known patterns of attack employed by adversaries to
exploit known weaknesses in cyber-enabled capabilities. It can be used by analysts, developers, testers, and
educators to advance community understanding and enhance defenses.
ID
Name
Action
CAPEC-635
Alternative Execution Due to Deceptive Filenames
CAPEC-636
Hiding Malicious Data or Code within Files
CAPEC-637
Collect Data from Clipboard
CAPEC-638
Altered Component Firmware
CAPEC-639
Probe System Files
CAPEC-640
Inclusion of Code in Existing Process
CAPEC-641
DLL Side-Loading
CAPEC-642
Replace Binaries
CAPEC-643
Identify Shared Files/Directories on System
CAPEC-644
Use of Captured Hashes (Pass The Hash)
CAPEC-645
Use of Captured Tickets (Pass The Ticket)
CAPEC-646
Peripheral Footprinting
CAPEC-647
Collect Data from Registries
CAPEC-648
Collect Data from Screen Capture
CAPEC-649
Adding a Space to a File Extension
CAPEC-650
Upload a Web Shell to a Web Server
CAPEC-651
Eavesdropping
CAPEC-652
Use of Known Kerberos Credentials
CAPEC-653
Use of Known Operating System Credentials
CAPEC-654
Credential Prompt Impersonation
CAPEC-655
Avoid Security Tool Identification by Adding Data
CAPEC-656
Voice Phishing
CAPEC-657
Malicious Automated Software Update via Spoofing
CAPEC-660
Root/Jailbreak Detection Evasion via Hooking
CAPEC-661
Root/Jailbreak Detection Evasion via Debugging
CAPEC-662
Adversary in the Browser (AiTB)
CAPEC-663
Exploitation of Transient Instruction Execution
CAPEC-664
Server Side Request Forgery
CAPEC-665
Exploitation of Thunderbolt Protection Flaws
CAPEC-666
BlueSmacking
CAPEC-667
Bluetooth Impersonation AttackS (BIAS)
CAPEC-668
Key Negotiation of Bluetooth Attack (KNOB)
CAPEC-669
Alteration of a Software Update
CAPEC-670
Software Development Tools Maliciously Altered
CAPEC-671
Requirements for ASIC Functionality Maliciously Altered
CAPEC-672
Malicious Code Implanted During Chip Programming
CAPEC-673
Developer Signing Maliciously Altered Software
CAPEC-674
Design for FPGA Maliciously Altered
CAPEC-675
Retrieve Data from Decommissioned Devices
CAPEC-676
NoSQL Injection
CAPEC-677
Server Motherboard Compromise
CAPEC-678
System Build Data Maliciously Altered
CAPEC-679
Exploitation of Improperly Configured or Implemented Memory Protections
CAPEC-680
Exploitation of Improperly Controlled Registers
CAPEC-681
Exploitation of Improperly Controlled Hardware Security Identifiers
CAPEC-682
Exploitation of Firmware or ROM Code with Unpatchable Vulnerabilities
