Common Attack Pattern Enumeration and Classification : CAPEC

CAPEC™ helps by providing a comprehensive dictionary of known patterns of attack employed by adversaries to exploit known weaknesses in cyber-enabled capabilities. It can be used by analysts, developers, testers, and educators to advance community understanding and enhance defenses.
ID Name Action
CAPEC-469 HTTP DoS
CAPEC-470 Expanding Control over the Operating System from the Database
CAPEC-471 Search Order Hijacking
CAPEC-472 Browser Fingerprinting
CAPEC-473 Signature Spoof
CAPEC-474 Signature Spoofing by Key Theft
CAPEC-475 Signature Spoofing by Improper Validation
CAPEC-476 Signature Spoofing by Misrepresentation
CAPEC-477 Signature Spoofing by Mixing Signed and Unsigned Content
CAPEC-478 Modification of Windows Service Configuration
CAPEC-479 Malicious Root Certificate
CAPEC-480 Escaping Virtualization
CAPEC-481 Contradictory Destinations in Traffic Routing Schemes
CAPEC-482 TCP Flood
CAPEC-485 Signature Spoofing by Key Recreation
CAPEC-486 UDP Flood
CAPEC-487 ICMP Flood
CAPEC-488 HTTP Flood
CAPEC-489 SSL Flood
CAPEC-490 Amplification
CAPEC-491 Quadratic Data Expansion
CAPEC-492 Regular Expression Exponential Blowup
CAPEC-493 SOAP Array Blowup
CAPEC-494 TCP Fragmentation
CAPEC-495 UDP Fragmentation
CAPEC-496 ICMP Fragmentation
CAPEC-497 File Discovery
CAPEC-498 Probe iOS Screenshots
CAPEC-499 Android Intent Intercept
CAPEC-500 WebView Injection
CAPEC-501 Android Activity Hijack
CAPEC-502 Intent Spoof
CAPEC-503 WebView Exposure
CAPEC-504 Task Impersonation
CAPEC-505 Scheme Squatting
CAPEC-506 Tapjacking
CAPEC-507 Physical Theft
CAPEC-508 Shoulder Surfing
CAPEC-509 Kerberoasting
CAPEC-510 SaaS User Request Forgery
CAPEC-511 Infiltration of Software Development Environment
CAPEC-516 Hardware Component Substitution During Baselining
CAPEC-517 Documentation Alteration to Circumvent Dial-down
CAPEC-518 Documentation Alteration to Produce Under-performing Systems
CAPEC-519 Documentation Alteration to Cause Errors in System Design
CAPEC-520 Counterfeit Hardware Component Inserted During Product Assembly
CAPEC-521 Hardware Design Specifications Are Altered
CAPEC-522 Malicious Hardware Component Replacement
CAPEC-523 Malicious Software Implanted
CAPEC-524 Rogue Integration Procedures
Showing 50 of 559 Results