Adversaries may search freely available websites and/or domains for information about victims that can be used during targeting. Information about victims may be available in various online sites, such as social media, new sites, or those hosting information about business operations such as hiring or requested/rewarded contracts.(Citation: Cyware Social Media)(Citation: SecurityTrails Google Hacking)(Citation: ExploitDB GoogleHacking)
Adversaries may search in different online sites depending on what information they seek to gather. Information from these sources may reveal opportunities for other forms of reconnaissance (ex: Phishing for Information or Search Open Technical Databases), establishing operational resources (ex: Establish Accounts or Compromise Accounts), and/or initial access (ex: External Remote Services or Phishing).
View in MITRE ATT&CK®| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.PS-06.01 | Secure SDLC process | Mitigates | T1593 | Search Open Websites/Domains |
Comments
This diagnostic statement provides for the use of secure development processes and procedures. This includes avoiding publishing sensitive information such as credentials and API keys when uploading to public code repositories.
References
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1593 | Search Open Websites/Domains |
Comments
This diagnostic statement protects against Search Open Websites/Domains through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
References
|
| Technique ID | Technique Name | Number of Mappings |
|---|---|---|
| T1593.003 | Code Repositories | 5 |