ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
attribute.confidentiality.data_disclosure
VERIS
attribute.confidentiality.data_disclosure
Mappings
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
attribute.confidentiality.data_disclosure
None
related-to
T1003
OS Credential Dumping
attribute.confidentiality.data_disclosure
None
related-to
T1222
File and Directory Permissions Modification
attribute.confidentiality.data_disclosure
None
related-to
T1114
Email Collection
attribute.confidentiality.data_disclosure
None
related-to
T1587
Develop Capabilities
attribute.confidentiality.data_disclosure
None
related-to
T1547
Boot or Logon Autostart Execution
attribute.confidentiality.data_disclosure
None
related-to
T1598.004
Spearphishing Voice
attribute.confidentiality.data_disclosure
None
related-to
T1558.003
Kerberoasting
attribute.confidentiality.data_disclosure
None
related-to
T1115
Clipboard Data
attribute.confidentiality.data_disclosure
None
related-to
T1003.008
/etc/passwd and /etc/shadow
attribute.confidentiality.data_disclosure
None
related-to
T1005
Data from Local System
attribute.confidentiality.data_disclosure
None
related-to
T1011
Exfiltration Over Other Network Medium
attribute.confidentiality.data_disclosure
None
related-to
T1011.001
Exfiltration Over Bluetooth
attribute.confidentiality.data_disclosure
None
related-to
T1020
Automated Exfiltration
attribute.confidentiality.data_disclosure
None
related-to
T1020.001
Traffic Duplication
attribute.confidentiality.data_disclosure
None
related-to
T1025
Data from Removable Media
attribute.confidentiality.data_disclosure
None
related-to
T1029
Scheduled Transfer
attribute.confidentiality.data_disclosure
None
related-to
T1030
Data Transfer Size Limits
attribute.confidentiality.data_disclosure
None
related-to
T1039
Data from Network Shared Drive
attribute.confidentiality.data_disclosure
None
related-to
T1040
Network Sniffing
attribute.confidentiality.data_disclosure
None
related-to
T1041
Exfiltration Over C2 Channel
attribute.confidentiality.data_disclosure
None
related-to
T1048
Exfiltration Over Alternative Protocol
attribute.confidentiality.data_disclosure
None
related-to
T1048.001
Exfiltration Over Symmetric Encrypted Non-C2 Protocol
attribute.confidentiality.data_disclosure
None
related-to
T1048.002
Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
attribute.confidentiality.data_disclosure
None
related-to
T1048.003
Exfiltration Over Unencrypted Non-C2 Protocol
attribute.confidentiality.data_disclosure
None
related-to
T1052
Exfiltration Over Physical Medium
attribute.confidentiality.data_disclosure
None
related-to
T1052.001
Exfiltration over USB
attribute.confidentiality.data_disclosure
None
related-to
T1056
Input Capture
attribute.confidentiality.data_disclosure
None
related-to
T1056.001
Keylogging
attribute.confidentiality.data_disclosure
None
related-to
T1056.002
GUI Input Capture
attribute.confidentiality.data_disclosure
None
related-to
T1056.003
Web Portal Capture
attribute.confidentiality.data_disclosure
None
related-to
T1056.004
Credential API Hooking
attribute.confidentiality.data_disclosure
None
related-to
T1113
Screen Capture
attribute.confidentiality.data_disclosure
None
related-to
T1114
Email Collection
attribute.confidentiality.data_disclosure
None
related-to
T1114.001
Local Email Collection
attribute.confidentiality.data_disclosure
None
related-to
T1114.002
Remote Email Collection
attribute.confidentiality.data_disclosure
None
related-to
T1114.003
Email Forwarding Rule
attribute.confidentiality.data_disclosure
None
related-to
T1115
Clipboard Data
attribute.confidentiality.data_disclosure
None
related-to
T1119
Automated Collection
attribute.confidentiality.data_disclosure
None
related-to
T1123
Audio Capture
attribute.confidentiality.data_disclosure
None
related-to
T1125
Video Capture
attribute.confidentiality.data_disclosure
None
related-to
T1187
Forced Authentication
attribute.confidentiality.data_disclosure
None
related-to
T1212
Exploitation for Credential Access
attribute.confidentiality.data_disclosure
None
related-to
T1213
Data from Information Repositories
attribute.confidentiality.data_disclosure
None
related-to
T1213.001
Confluence
attribute.confidentiality.data_disclosure
None
related-to
T1213.002
Sharepoint
attribute.confidentiality.data_disclosure
None
related-to
T1213.003
Code Repositories
attribute.confidentiality.data_disclosure
None
related-to
T1213.004
Customer Relationship Management Software
attribute.confidentiality.data_disclosure
None
related-to
T1213.005
Messaging Applications
attribute.confidentiality.data_disclosure
None
related-to
T1530
Data from Cloud Storage
attribute.confidentiality.data_disclosure
None
related-to
T1537
Transfer Data to Cloud Account
attribute.confidentiality.data_disclosure
None
related-to
T1552
Unsecured Credentials
attribute.confidentiality.data_disclosure
None
related-to
T1552.001
Credentials In Files
attribute.confidentiality.data_disclosure
None
related-to
T1552.002
Credentials in Registry
attribute.confidentiality.data_disclosure
None
related-to
T1552.003
Bash History
attribute.confidentiality.data_disclosure
None
related-to
T1552.004
Private Keys
attribute.confidentiality.data_disclosure
None
related-to
T1552.005
Cloud Instance Metadata API
attribute.confidentiality.data_disclosure
None
related-to
T1552.006
Group Policy Preferences
attribute.confidentiality.data_disclosure
None
related-to
T1552.007
Container API
attribute.confidentiality.data_disclosure
None
related-to
T1552.008
Chat Messages
attribute.confidentiality.data_disclosure
None
related-to
T1555
Credentials from Password Stores
attribute.confidentiality.data_disclosure
None
related-to
T1555.001
Keychain
attribute.confidentiality.data_disclosure
None
related-to
T1555.002
Securityd Memory
attribute.confidentiality.data_disclosure
None
related-to
T1555.003
Credentials from Web Browsers
attribute.confidentiality.data_disclosure
None
related-to
T1555.004
Windows Credential Manager
attribute.confidentiality.data_disclosure
None
related-to
T1555.005
Password Managers
attribute.confidentiality.data_disclosure
None
related-to
T1555.006
Cloud Secrets Management Stores
attribute.confidentiality.data_disclosure
None
related-to
T1557
Adversary-in-the-Middle
attribute.confidentiality.data_disclosure
None
related-to
T1567
Exfiltration Over Web Service
attribute.confidentiality.data_disclosure
None
related-to
T1567.001
Exfiltration to Code Repository
attribute.confidentiality.data_disclosure
None
related-to
T1567.002
Exfiltration to Cloud Storage
attribute.confidentiality.data_disclosure
None
related-to
T1567.003
Exfiltration to Text Storage Sites
attribute.confidentiality.data_disclosure
None
related-to
T1567.004
Exfiltration Over Webhook
attribute.confidentiality.data_disclosure
None
related-to
T1602
Data from Configuration Repository
attribute.confidentiality.data_disclosure
None
related-to
T1602.001
SNMP (MIB Dump)
attribute.confidentiality.data_disclosure
None
related-to
T1602.002
Network Device Configuration Dump
