Dark Mode
Capec-529 Detail
Malware-Directed Internal Reconnaissance
Standard Software Likelihood: Medium Typical Severity: Medium
Parents: 169
Threats: T60 T65 T80 T258 T288 T291 T302 T334 T392 T407
Adversary uses malware or a similarly controlled application installed inside an organizational perimeter to gather information about the composition, configuration, and security mechanisms of a targeted application, system or network.
Not present
| External ID | Source | Link | Description |
|---|---|---|---|
| CAPEC-529 | capec | https://capec.mitre.org/data/definitions/529.html |
Not present
- The adversary must have internal, logical access to the target network and system.
- The adversary requires a variety of tools to collect information about the target. These include port/network scanners and tools to analyze responses from applications to determine version and configuration information. Footprinting a system adequately may also take a few days if the attacker wishes the footprinting attempt to go undetected.
| Medium |
|---|
| The adversary must be able to obtain or develop, as well as place malicious software inside the target network/system. |
| Confidentiality |
|---|
| Read Data |
Not present