AC-2 |
Account Management |
Protects |
T1212 |
Exploitation for Credential Access |
AC-4 |
Information Flow Enforcement |
Protects |
T1212 |
Exploitation for Credential Access |
AC-6 |
Least Privilege |
Protects |
T1212 |
Exploitation for Credential Access |
CA-7 |
Continuous Monitoring |
Protects |
T1212 |
Exploitation for Credential Access |
CA-8 |
Penetration Testing |
Protects |
T1212 |
Exploitation for Credential Access |
CM-2 |
Baseline Configuration |
Protects |
T1212 |
Exploitation for Credential Access |
CM-6 |
Configuration Settings |
Protects |
T1212 |
Exploitation for Credential Access |
CM-8 |
System Component Inventory |
Protects |
T1212 |
Exploitation for Credential Access |
RA-10 |
Threat Hunting |
Protects |
T1212 |
Exploitation for Credential Access |
RA-5 |
Vulnerability Monitoring and Scanning |
Protects |
T1212 |
Exploitation for Credential Access |
SC-18 |
Mobile Code |
Protects |
T1212 |
Exploitation for Credential Access |
SC-2 |
Separation of System and User Functionality |
Protects |
T1212 |
Exploitation for Credential Access |
SC-26 |
Decoys |
Protects |
T1212 |
Exploitation for Credential Access |
SC-29 |
Heterogeneity |
Protects |
T1212 |
Exploitation for Credential Access |
SC-3 |
Security Function Isolation |
Protects |
T1212 |
Exploitation for Credential Access |
SC-30 |
Concealment and Misdirection |
Protects |
T1212 |
Exploitation for Credential Access |
SC-35 |
External Malicious Code Identification |
Protects |
T1212 |
Exploitation for Credential Access |
SC-39 |
Process Isolation |
Protects |
T1212 |
Exploitation for Credential Access |
SC-7 |
Boundary Protection |
Protects |
T1212 |
Exploitation for Credential Access |
SI-2 |
Flaw Remediation |
Protects |
T1212 |
Exploitation for Credential Access |
SI-3 |
Malicious Code Protection |
Protects |
T1212 |
Exploitation for Credential Access |
SI-4 |
System Monitoring |
Protects |
T1212 |
Exploitation for Credential Access |
SI-5 |
Security Alerts, Advisories, and Directives |
Protects |
T1212 |
Exploitation for Credential Access |
SI-7 |
Software, Firmware, and Information Integrity |
Protects |
T1212 |
Exploitation for Credential Access |
action.hacking.variety.Exploit misconfig |
Exploit a misconfiguration (vs vuln or weakness) |
related-to |
T1212 |
Exploitation for Credential Access |
action.hacking.variety.Exploit vuln |
Exploit vulnerability in code (vs misconfig or weakness). This can be used with other hacking enumerations, (such as XSS when an XSS vuln exists.). Parent of many hacking varieties. |
related-to |
T1212 |
Exploitation for Credential Access |
action.hacking.variety.Session fixation |
Session fixation. Child of 'Exploit vuln'. |
related-to |
T1212 |
Exploitation for Credential Access |
action.malware.variety.Disable controls |
Disable or interfere with security controls |
related-to |
T1212 |
Exploitation for Credential Access |
action.malware.variety.Password dumper |
Password dumper (extract credential hashes) |
related-to |
T1212 |
Exploitation for Credential Access |
action.malware.vector.Web application - drive-by |
Web via auto-executed or "drive-by" infection. Child of 'Web application'. |
related-to |
T1212 |
Exploitation for Credential Access |
attribute.confidentiality.data_disclosure |
|
related-to |
T1212 |
Exploitation for Credential Access |