1. Home
  2. ATT&CK Techniques
  3. T1083 File and Directory Discovery

T1083 File and Directory Discovery Mappings

Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.

Many command shell utilities can be used to obtain this information. Examples include <code>dir</code>, <code>tree</code>, <code>ls</code>, <code>find</code>, and <code>locate</code>. (Citation: Windows Commands JPCERT) Custom tools may also be used to gather file and directory information and interact with the Native API.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2018-10590 WebAccess primary_impact T1083 File and Directory Discovery
CVE-2013-0629 n/a uncategorized T1083 File and Directory Discovery
CVE-2016-3298 n/a uncategorized T1083 File and Directory Discovery
CVE-2017-6922 Drupal Core uncategorized T1083 File and Directory Discovery
CVE-2019-11510 n/a uncategorized T1083 File and Directory Discovery
CVE-2017-12637 n/a uncategorized T1083 File and Directory Discovery
CVE-2013-1904 n/a uncategorized T1083 File and Directory Discovery
CVE-2019-3396 Confluence Server uncategorized T1083 File and Directory Discovery
action.malware.variety.Capture stored data Capture data stored on system disk related-to T1083 File and Directory Discovery