1. CAPEC-123: Buffer Manipulation
    1. CAPEC-100: Overflow Buffers
      1. CAPEC-10: Buffer Overflow via Environment Variables
      2. CAPEC-14: Client-side Injection-induced Buffer Overflow
      3. CAPEC-24: Filter Failure through Buffer Overflow
      4. CAPEC-256: SOAP Array Overflow
      5. CAPEC-42: MIME Conversion
      6. CAPEC-44: Overflow Binary Resource File
      7. CAPEC-45: Buffer Overflow via Symbolic Links
      8. CAPEC-46: Overflow Variables and Tags
      9. CAPEC-47: Buffer Overflow via Parameter Expansion
      10. CAPEC-67: String Format Overflow in syslog()
      11. CAPEC-8: Buffer Overflow in an API Call
      12. CAPEC-9: Buffer Overflow in Local Command-Line Utilities
    2. CAPEC-540: Overread Buffers
  2. CAPEC-124: Shared Resource Manipulation
    1. CAPEC-26: Leveraging Race Conditions
    2. CAPEC-27: Leveraging Race Conditions via Symbolic Links
    3. CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
  3. CAPEC-129: Pointer Manipulation
  4. CAPEC-272: Protocol Manipulation
    1. CAPEC-90: Reflection Attack in Authentication Protocol
    2. CAPEC-220: Client-Server Protocol Manipulation
      1. CAPEC-5: Blue Boxing
      2. CAPEC-33: HTTP Request Smuggling
      3. CAPEC-34: HTTP Response Splitting
      4. CAPEC-105: HTTP Request Splitting
      5. CAPEC-273: HTTP Response Smuggling
      6. CAPEC-274: HTTP Verb Tampering
    3. CAPEC-276: Inter-Component Protocol Manipulation
      1. CAPEC-665: Exploitation of Thunderbolt Protection Flaws
    4. CAPEC-277: Data Interchange Protocol Manipulation
    5. CAPEC-278: Web Services Protocol Manipulation
      1. CAPEC-201: Serialized Data External Linking
      2. CAPEC-221: Data Serialization External Entities Blowup
      3. CAPEC-279: SOAP Manipulation
  5. CAPEC-153: Input Data Manipulation
    1. CAPEC-126: Path Traversal
      1. CAPEC-139: Relative Path Traversal
      2. CAPEC-597: Absolute Path Traversal
      3. CAPEC-76: Manipulating Web Input to File System Calls
    2. CAPEC-128: Integer Attacks
      1. CAPEC-92: Forced Integer Overflow
    3. CAPEC-267: Leverage Alternate Encoding
      1. CAPEC-120: Double Encoding
      2. CAPEC-3: Using Leading 'Ghost' Character Sequences to Bypass Input Filters
      3. CAPEC-4: Using Alternative IP Address Encodings
      4. CAPEC-43: Exploiting Multiple Input Interpretation Layers
      5. CAPEC-52: Embedding NULL Bytes
      6. CAPEC-53: Postfix, Null Terminate, and Backslash
      7. CAPEC-64: Using Slashes and URL Encoding Combined to Bypass Validation Logic
      8. CAPEC-71: Using Unicode Encoding to Bypass Validation Logic
      9. CAPEC-72: URL Encoding
      10. CAPEC-78: Using Escaped Slashes in Alternate Encoding
      11. CAPEC-79: Using Slashes in Alternate Encoding
      12. CAPEC-80: Using UTF-8 Encoding to Bypass Validation Logic
    4. CAPEC-28: Fuzzing
    5. CAPEC-33: HTTP Request Smuggling
    6. CAPEC-34: HTTP Response Splitting
    7. CAPEC-105: HTTP Request Splitting
    8. CAPEC-165: File Manipulation
      1. CAPEC-73: User Controlled Filename
      2. CAPEC-572: Artificially Inflate File Sizes
        1. CAPEC-655: Avoid Security Tool Identification by Adding Data
      3. CAPEC-635: Alternative Execution Due to Deceptive Filenames
        1. CAPEC-649: Adding a Space to a File Extension
      4. CAPEC-636: Hiding Malicious Data or Code within Files
        1. CAPEC-168: Windows ::DATA Alternate Data Stream
    9. CAPEC-74: Manipulating State
      1. CAPEC-140: Bypassing of Intermediate Forms in Multiple-Form Sets
      2. CAPEC-663: Exploitation of TransientInstruction Execution
    10. CAPEC-75: Manipulating Writeable Configuration Files
    11. CAPEC-113: Interface Manipulation
      1. CAPEC-133: Try All Common Switches
      2. CAPEC-160: Exploit Script-Based APIs
    12. CAPEC-176: Configuration/Environment Manipulation
      1. CAPEC-75: Manipulating Writeable Configuration Files
      2. CAPEC-203: Manipulate Registry Information
        1. CAPEC-51: Poison Web Service Registry
        2. CAPEC-270: Modification of Registry Run Keys
        3. CAPEC-478: Modification of Windows Service Configuration
      3. CAPEC-271: Schema Poisoning
        1. CAPEC-146: XML Schema Poisoning
      4. CAPEC-536: Data Injection During Configuration
      5. CAPEC-578: Disable Security Software
  6. CAPEC-161: Infrastructure Manipulation
    1. CAPEC-481: Contradictory Destinations inTraffic Routing Schemes
    2. CAPEC-166: Force the System to Reset Values
    3. CAPEC-141: Cache Poisoning
      1. CAPEC-51: Poison Web Service Registry
      2. CAPEC-142: DNS Cache Poisoning
    4. CAPEC-268: Audit Log Manipulation
      1. CAPEC-93: Log Injection-Tampering-Forging
      2. CAPEC-81: Web Logs Tampering
    5. CAPEC-571: Block Logging to Central Repository
  7. CAPEC-184: Software Integrity Attack
    1. CAPEC-185: Malicious Software Download
    2. CAPEC-186: Malicious Software Update
      1. CAPEC-187: Malicious Automated Software Update via Redirection
      2. CAPEC-533: Malicious Manual Software Update
      3. CAPEC-614: Rooting SIM Cards
      4. CAPEC-657: Malicious Automated Software Update via Spoofing
    3. CAPEC-663: Exploitation of Transient Instruction Execution
    4. CAPEC-669: Alteration of a Software Update
  8. CAPEC-438: Modification During Manufacture
    1. CAPEC-444: Development Alteration
      1. CAPEC-206: Signing Malicious Code
      2. CAPEC-443: Malicious Logic Inserted into Product Software by Authorized Developer
      3. CAPEC-445: Malicious Logic Insertion into Product Software via Configuration Management Manipulation
      4. CAPEC-446: Malicious Logic Insertion into Product Software via 3rd Party Component Dependency
      5. CAPEC-511: Infiltration of Software Development Environment
      6. CAPEC-516: Hardware Component Substitution During Baselining
      7. CAPEC-520: Counterfeit Hardware Component Inserted During Product Assembly
      8. CAPEC-532: Altered Installed BIOS
      9. CAPEC-537: Infiltration of Hardware Development Environment
      10. CAPEC-538: Open-Source Library Manipulation
      11. CAPEC-539: ASIC with Malicious Functionality
      12. CAPEC-670: Software Development Tools Maliciously Altered
      13. CAPEC-672: Malicious Code Implanted During Chip Programming
      14. CAPEC-673: Developer Signing Maliciously Altered Software
      15. CAPEC-678: System Build Data Maliciously Altered
    2. CAPEC-447: Design Alteration
      1. CAPEC-517: Documentation Alteration to Circumvent Dial-down
      2. CAPEC-518: Documentation Alteration to Produce Under-Performing Systems
      3. CAPEC-519: Documentation Alteration to Cause Errors in System Design
      4. CAPEC-521: Hardware Design Specifications are Altered
      5. CAPEC-671: Requirements for ASIC Functionality Maliciously Altered
      6. CAPEC-674: Design for FPGA Maliciously Altered
  9. CAPEC-440: Hardware Integrity Attack
    1. CAPEC-401: Physically Hacking Hardware
      1. CAPEC-402: Bypassing ATA Password Security
    2. CAPEC-534: Malicious Hardware Update
      1. CAPEC-531: Hardware Component Substitution
        1. CAPEC-530: Provide Counterfeit Component
        2. CAPEC-535: Malicious Gray Market Hardware
      2. CAPEC-677: Server Functionality Compromise
  10. CAPEC-439: Manipulation During Distribution
    1. CAPEC-522: Malicious Hardware Component Replacement
    2. CAPEC-523: Malicious Software Implanted
    3. CAPEC-524: Rogue Integration Procedures
  11. CAPEC-441: Malicious Logic Insertion
    1. CAPEC-442: Infected Software
      1. CAPEC-448: Embed Virus into DLL
    2. CAPEC-452: Infected Hardware
      1. CAPEC-638: Altered Component Firmware
    3. CAPEC-456: Infected Memory
      1. CAPEC-457: USB Memory Attacks
      2. CAPEC-458: Flash Memory Attacks
  12. CAPEC-548: Contaminate Resources
  13. CAPEC-594: Traffic Injection
    1. CAPEC-595: Connection Reset
      1. CAPEC-596: TCP RST Injection
  14. CAPEC-624: Hardware Fault Injection
    1. CAPEC-625: Mobile Device Fault Injection
  15. LICENSE The MITRE Corporation (MITRE) hereby grants you a non-exclusive, royalty-free license to use Common Attack Pattern Enumeration and Classification (CAPEC™) for research, development, and commercial purposes. Any copy you make for such purposes is authorized provided that you reproduce MITRE’s copyright designation and this license in any such copy. DISCLAIMERS ALL DOCUMENTS AND THE INFORMATION CONTAINED THEREIN ARE PROVIDED ON AN "AS IS" BASIS AND THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE MITRE CORPORATION, ITS BOARD OF TRUSTEES, OFFICERS, AGENTS, AND EMPLOYEES, DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
  16. This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License. Brett Crawley