Adversaries may attempt to get a listing of accounts on a system or within an environment. This information can help adversaries determine which accounts exist to aid in follow-on behavior.
View in MITRE ATT&CK®Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
---|---|---|---|---|
CM-6 | Configuration Settings | Protects | T1087 | Account Discovery |
CM-7 | Least Functionality | Protects | T1087 | Account Discovery |
SI-4 | System Monitoring | Protects | T1087 | Account Discovery |
CVE-2013-6129 | n/a | uncategorized | T1087 | Account Discovery |
action.hacking.variety.Footprinting | Footprinting and fingerprinting | related-to | T1087 | Account Discovery |
aws_organizations | AWS Organizations | technique_scores | T1087 | Account Discovery |
Technique ID | Technique Name | Number of Mappings |
---|---|---|
T1087.004 | Cloud Account | 8 |
T1087.002 | Domain Account | 4 |
T1087.003 | Email Account | 1 |
T1087.001 | Local Account | 4 |