Common Weakness Enumeration: capec

Common Attack Pattern Enumeration and Classification : CAPEC

CAPEC™ helps by providing a comprehensive dictionary of known patterns of attack employed by adversaries to exploit known weaknesses in cyber-enabled capabilities. It can be used by analysts, developers, testers, and educators to advance community understanding and enhance defenses.

ID	Name	Action
CAPEC-51	Poison Web Service Registry
CAPEC-52	Embedding NULL Bytes
CAPEC-53	Postfix, Null Terminate, and Backslash
CAPEC-54	Query System for Information
CAPEC-55	Rainbow Table Password Cracking
CAPEC-57	Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
CAPEC-58	Restful Privilege Elevation
CAPEC-59	Session Credential Falsification through Prediction
CAPEC-60	Reusing Session IDs (aka Session Replay)
CAPEC-61	Session Fixation
CAPEC-62	Cross Site Request Forgery
CAPEC-63	Cross-Site Scripting (XSS)
CAPEC-64	Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-65	Sniff Application Code
CAPEC-66	SQL Injection
CAPEC-67	String Format Overflow in syslog()
CAPEC-68	Subvert Code-signing Facilities
CAPEC-69	Target Programs with Elevated Privileges
CAPEC-70	Try Common or Default Usernames and Passwords
CAPEC-71	Using Unicode Encoding to Bypass Validation Logic
CAPEC-72	URL Encoding
CAPEC-73	User-Controlled Filename
CAPEC-74	Manipulating State
CAPEC-75	Manipulating Writeable Configuration Files
CAPEC-76	Manipulating Web Input to File System Calls
CAPEC-77	Manipulating User-Controlled Variables
CAPEC-78	Using Escaped Slashes in Alternate Encoding
CAPEC-79	Using Slashes in Alternate Encoding
CAPEC-80	Using UTF-8 Encoding to Bypass Validation Logic
CAPEC-81	Web Server Logs Tampering
CAPEC-83	XPath Injection
CAPEC-84	XQuery Injection
CAPEC-85	AJAX Footprinting
CAPEC-86	XSS Through HTTP Headers
CAPEC-87	Forceful Browsing
CAPEC-88	OS Command Injection
CAPEC-89	Pharming
CAPEC-90	Reflection Attack in Authentication Protocol
CAPEC-92	Forced Integer Overflow
CAPEC-93	Log Injection-Tampering-Forging
CAPEC-94	Adversary in the Middle (AiTM)
CAPEC-95	WSDL Scanning
CAPEC-96	Block Access to Libraries
CAPEC-97	Cryptanalysis
CAPEC-98	Phishing
CAPEC-100	Overflow Buffers
CAPEC-101	Server Side Include (SSI) Injection
CAPEC-102	Session Sidejacking
CAPEC-103	Clickjacking
CAPEC-104	Cross Zone Scripting

Showing 50 of 559 Results

Common Attack Pattern Enumeration and Classification : CAPEC

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable