T1595.002 Vulnerability Scanning Mappings

Adversaries may scan victims for vulnerabilities that can be used during targeting. Vulnerability scans typically check if the configuration of a target host/application (ex: software and version) potentially aligns with the target of a specific exploit the adversary may seek to use.

These scans may also include more broad attempts to Gather Victim Host Information that can be used to identify more commonly known, exploitable vulnerabilities. Vulnerability scans typically harvest running software and version numbers via server banners, listening ports, or other network artifacts.(Citation: OWASP Vuln Scanning) Information from these scans may reveal opportunities for other forms of reconnaissance (ex: Search Open Websites/Domains or Search Open Technical Databases), establishing operational resources (ex: Develop Capabilities or Obtain Capabilities), and/or initial access (ex: Exploit Public-Facing Application).

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
action.hacking.variety.Exploit vuln Exploit vulnerability in code (vs misconfig or weakness). This can be used with other hacking enumerations, (such as XSS when an XSS vuln exists.). Parent of many hacking varieties. related-to T1595.002 Active Scanning: Vulnerability Scanning
action.malware.variety.Exploit vuln Exploit vulnerability in code (vs misconfig or weakness). This can be used with other malware enumerations, (such as Remote injection when a Remote injection vuln exists.) related-to T1595.002 Active Scanning: Vulnerability Scanning
action.malware.variety.Scan network Scan or footprint network related-to T1595.002 Active Scanning: Vulnerability Scanning
value_chain.targeting.variety.Organizational Information Information on an organization such as org chart, technologies in use, financial assets, etc, used to pick them as a target related-to T1595.002 Active Scanning: Vulnerability Scanning
amazon_guardduty Amazon GuardDuty technique_scores T1595.002 Vulnerability Scanning
amazon_inspector Amazon Inspector technique_scores T1595.002 Vulnerability Scanning
amazon_virtual_private_cloud Amazon Virtual Private Cloud technique_scores T1595.002 Vulnerability Scanning
aws_web_application_firewall AWS Web Application Firewall technique_scores T1595.002 Vulnerability Scanning
aws_network_firewall AWS Network Firewall technique_scores T1595.002 Vulnerability Scanning