1. Information Disclosure
   1. CAPEC-129: Pointer Manipulation
   2. CAPEC-212: Functionality Misuse
      1. CAPEC-48: Passing Local Filenames to Functions That Expect a URL
      2. CAPEC-111: JSON Hijacking (aka JavaScript Hijacking)
      3. CAPEC-620: Drop Encryption Level
         1. CAPEC-606: Weakening of Cellular Encryption
   3. CAPEC-216: Communication Channel Manipulation
      1. CAPEC-12: Choosing Message Identifier
      2. CAPEC-217: Exploiting Incorrectly Configured SSL
   4. CAPEC-554: Functionality Bypass
      1. CAPEC-179: Calling Micro-Services Directly
      2. CAPEC-464: Evercookie
      3. CAPEC-465: Transparent Proxy Abuse
   5. CAPEC-117: Interception
      1. CAPEC-157: Sniffing Attacks
         1. CAPEC-57: Utilising REST's Trust in the System Resources to Obtain Sensitive Data
         2. CAPEC-65: Sniff Application Code
         3. CAPEC-158: Sniffing Network Traffic
         4. CAPEC-609: Cellular Traffic Intercept
      2. CAPEC-499: Android Intent Intercept
         1. CAPEC-501: Android Activity Hijack
      3. CAPEC-651: Eavesdropping
         1. CAPEC-508: Shoulder Surfing
         2. CAPEC-634: Probe Audio and Video Peripherals
   6. CAPEC-116: Excavation
      1. CAPEC-54: Query System for Information
         1. CAPEC-127: Directory Indexing
         2. CAPEC-95: WSDL Scanning
         3. CAPEC-215: Fuzzing for Application Mapping
         4. CAPEC-261: Fuzzing for Garnering Other Adjacent user/sensitive data
         5. CAPEC-462: Cross-Domain Search Timing
      2. CAPEC:150: Collect Data From Common Resource Locations
         1. CAPEC-143: Detect Unpublicised Web Pages
         2. CAPEC-144: Detect Unpublicised Web Services
         3. CAPEC-155: Screen Temporary Files for Sensitive Information
         4. CAPEC-406: Dumpster Diving
         5. CAPEC-637: Collect Data from Clipboard
         6. CAPEC-647: Collect Data from Registries
         7. CAPEC-648: Collect Data from Screen Capture
      3. CAPEC-545: Pull Data From System Resources
         1. CAPEC-498: Probe iOS Screenshots
         2. CAPEC-546: Incomplete Data Deletion in a Multi-Tenant Environment
         3. CAPEC-634: Probe Audio and Video Peripherals
         4. CAPEC-639: Probe System Files
      4. CAPEC-569: Collect Data as Provided by Users
         1. CAPEC-568: Capture Credentials via Keylogger
      5. CAPEC-675: Retrieve Data from Decommissioned Devices
   7. CAPEC-169: Footprinting
      1. CAPEC-292: Host Discovery
         1. CAPEC-285: ICMP Echo Request Ping
         2. CAPEC-294: ICMP Address Mask Request
         3. CAPEC-295: Timestamp Request
         4. CAPEC-296: ICMP Information Request
         5. CAPEC-297: TCP ACK Ping
         6. CAPEC-298: UDP Ping
         7. CAPEC-299: TCP SYN Ping
         8. CAPEC-612: WiFi MAC Address Tracking
         9. CAPEC-613: WiFi SSID Tracking
         10. CAPEC-618: Cellular Broadcast Message Request
         11. CAPEC-619: Signal Strength Tracking
      2. CAPEC-300: Port Scanning
         1. CAPEC-287: TCP SYN Scan
         2. CAPEC-301: TCP Connect Scan
         3. CAPEC-302: TCP FIN Scan
         4. CAPEC-303: TCP Xmas Scan
         5. CAPEC-304: TCP Null Scan
         6. CAPEC-305: TCP ACK Scan
         7. CAPEC-306: TCP Window Scan
         8. CAPEC-307: TCP RPC Scan
         9. CAPEC-308: UDP Scan
      3. CAPEC-309: Network Topology Mapping
         1. CAPEC-290: Enumerate Mail Exchange Records
         2. CAPEC-291: DNS Zone Transfers
         3. CAPEC-293: Traceroute Route Enumeration
         4. CAPEC-643: Identify Shared Files/Directories on System
      4. CAPEC-497: File Discovery
         1. CAPEC-149: Explore for Predictable Temporary File Names
      5. CAPEC-529: Malware-Directed Internal Reconnaissance
      6. CAPEC-573: Process Footprinting
      7. CAPEC-574: Services Footprinting
      8. CAPEC-575: Account Footprinting
      9. CAPEC-576: Group Permission Footprinting
      10. CAPEC-577: Owner Footprinting
      11. CAPEC-580: System Footprinting
          1. CAPEC-85: AJAX Footprinting
          2. CAPEC-581: Security Software Footprinting
      12. CAPEC-646: Peripheral Footprinting
   8. CAPEC-224: Fingerprinting
      1. CAPEC-312: Active OS Fingerprinting
         1. CAPEC-317: IP ID Sequencing Probe
         2. CAPEC-318: IP 'ID' Echoed Byte-Order Probe
         3. CAPEC-319: IP (DF) 'Don't Fragment Bit' Echoing Probe
         4. CAPEC-320: TCP Timestamp Probe
         5. CAPEC-321: TCP Sequence Number Probe
         6. CAPEC-322: TCP (ISN) Greatest Common Divisor Probe
         7. CAPEC-323: TCP (ISN) Counter Rate Probe
         8. CAPEC-324: TCP (ISN) Sequence Predictability Probe
         9. CAPEC-325: TCP Congestion Control Flag (ECN) Probe
         10. CAPEC-326: TCP Initial Window Size Probe
         11. CAPEC-327: TCP Options Probe
         12. CAPEC-328: TCP 'RST' Flag Checksum Probe
         13. CAPEC-329: ICMP Error Message Quoting Probe
         14. CAPEC-330: ICMP Error Message Echoing Integrity Probe
         15. CAPEC-331: ICMP IP Total Length Field Probe
         16. CAPEC-332: ICMP IP 'ID' Field Error Message Probe
      2. CAPEC-313: Passive OS Fingerprinting
      3. CAPEC-541: Application Fingerprinting
         1. CAPEC-170: Web Application Fingerprinting
         2. CAPEC-310: Scanning for Vulnerable Software
         3. CAPEC-472: Browser Fingerprinting
   9. CAPEC-11: Cause Web Server Misclassification
   10. CAPEC-192: Protocol Analysis
       1. CAPEC-97: Cryptanalysis
          1. CAPEC-463: Padding Oracle Crypto Attack
          2. CAPEC-608: Cryptanalysis of Cellular Encryption
   11. CAPEC-188: Reverse Engineering
       1. CAPEC-167: White Box Reverse Engineering
          1. CAPEC-37: Retrieve Embedded Sensitive Information
          2. CAPEC-190: Reverse Engineer an Executable to Expose Assumed Hidden Functionality
          3. CAPEC-191: Read Sensitive Constants Within an Executable
          4. CAPEC-204: Lifting Sensitive Data Embedded in Cache
       2. CAPEC-189: Black Box Reverse Engineering
          1. CAPEC-621: Analysis of Packet Timing and Sizes
          2. CAPEC-622: Electromagnetic Side-Channel Attack
          3. CAPEC-623: Compromising Emanations Attack
   12. CAPEC-410: Information Elicitation
       1. CAPEC-407: Pretexting
          1. CAPEC-383: Harvesting Information via API Event Monitoring
          2. CAPEC-412: Pretexting via Customer Service
          3. CAPEC-413: Pretexting via Tech Support
          4. CAPEC-414: Pretexting via Delivery Person
          5. CAPEC-415: Pretexting via Phone
2. Elevation of Privilege
   1. CAPEC-5: Blue Boxing
   2. CAPEC-21: Exploitation of Trusted Identifiers
      1. CAPEC-196: Session Credential Falsification through Forging
         1. CAPEC-226: Session Credential Falsification through Manipulation
         2. CAPEC-59: Session Credential Falsification through Prediction
      2. CAPEC-510: SaaS User Request Forgery
      3. CAPEC-593: Session Hijacking
         1. CAPEC-102: Session Sidejacking
         2. CAPEC-107: Cross Site Tracing
         3. CAPEC-60: Reusing Session IDs (aka Session Replay)
         4. CAPEC-61: Session Fixation
      4. CAPEC-62: Cross Site Request Forgery
         1. CAPEC-467: Cross Site Identification
   3. CAPEC-114: Authentication Abuse
      1. CAPEC-629: Unauthorized Use of Device Resources
      2. CAPEC-90: Reflection Attack in Authentication Protocol
   4. CAPEC-115: Authentication Bypass
      1. CAPEC-461: Web Services API Signature Forgery Leveraging Hash Function Extension Weakness
      2. CAPEC-480: Escaping Virtualization
         1. CAPEC-237: Escaping a Sandbox by Calling Code in Another Language
      3. CAPEC-664: Server Side Request Forgery
      4. CAPEC-668: Key Negotiation of Bluetooth Attack (KNOB)
      5. CAPEC-87: Forceful Browsing
   5. CAPEC-22: Exploiting Trust in Client
      1. CAPEC-202: Create Malicious Client
      2. CAPEC-207: Removing Important Client Functionality
         1. CAPEC-200: Removal of filters: Input filters, output filters, data masking
         2. CAPEC-208: Removing/short-circuiting 'Purse' logic: removing/mutating 'cash' decrements
      3. CAPEC-39: Manipulating Opaque Client-based Data Tokens
         1. CAPEC-31: Accessing/Intercepting/Modifying HTTP Cookies
      4. CAPEC-77: Manipulating User-Controlled Variables
         1. CAPEC-13: Subverting Environment Variable Values
         2. CAPEC-162: Manipulating Hidden Fields
   6. CAPEC-94: Adversary in the Middle (AiTM)
      1. CAPEC-219: XML Routing Detour Attacks
      2. CAPEC-384: Application API Message Manipulation via Man-in-the-Middle
         1. CAPEC-385: Transaction or Event Tampering via Application API Manipulation
         2. CAPEC-389: Content Spoofing Via Application API Manipulation
      3. CAPEC-386: Application API Navigation Remapping
         1. CAPEC-387: Navigation Remapping To Propagate Malicious Content
         2. CAPEC-388: Application API Button Hijacking
      4. CAPEC-466: Leveraging Active Adversary in the Middle Attacks to Bypass Same Origin Policy
      5. CAPEC-662: Adversary in the Browser (AiTB)
   7. CAPEC-122: Privilege Abuse
      1. CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
         1. CAPEC-58: Restful Privilege Elevation
         2. CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections
         3. CAPEC-680: Exploitation of Improperly Controlled Registers
         4. CAPEC-681: Exploitation of Improperly Controlled Hardware Security Identifiers
         5. CAPEC-36: Using Unpublished Interfaces
         6. CAPEC-121: Exploit Non-Production Interfaces
            1. CAPEC-661: Root/Jailbreak Detection Evasion via Debugging
      2. CAPEC-17: Using Malicious Files
         1. CAPEC-177: Create files with the same name as files protected with a higher classification
         2. CAPEC-263: Force Use of Corrupted Files
         3. CAPEC-562: Modify Shared File
         4. CAPEC-563: Add Malicious File to Shared Webroot
         5. CAPEC-642: Replace Binaries
         6. CAPEC-650: Upload a Web Shell to a Web Server
         7. CAPEC-35: Leveraging Executable Code in Non-Executable Files
      3. CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels
      4. CAPEC-221: Data Serialization External Entities Blowup
      5. CAPEC-503: WebView Exposure
   8. CAPEC-233: Privilege Escalation
      1. CAPEC-104: Cross Zone Scripting
      2. CAPEC-234: Hijacking a privileged process
      3. CAPEC-30: Hijacking a Privileged Thread of Execution
      4. CAPEC-68: Subvert Code-signing Facilities
      5. CAPEC-69: Target Programs with Elevated Privileges
   9. CAPEC-390: Bypassing Physical Security
      1. CAPEC-391: Bypassing Physical Locks
         1. CAPEC-392: Lock Bumping
         2. CAPEC-393: Lock Picking
         3. CAPEC-394: Using a Snap Gun Lock to Force a Lock
      2. CAPEC-395: Bypassing Electronic Locks and Access Controls
         1. CAPEC-397: Cloning Magnetic Strip Cards
         2. CAPEC-398: Magnetic Strip Card Brute Force Attacks
         3. CAPEC-399: Cloning RFID Cards or Chips
         4. CAPEC-400: RFID Chip Deactivation or Destruction
         5. CAPEC-626: Smudge Attack
   10. CAPEC-507: Physical Theft
   11. CAPEC-560: Use of Known Domain Credentials
       1. CAPEC-555: Remote Services with Stolen Credentials
       2. CAPEC-600: Credential Stuffing
       3. CAPEC-652: Use of Known Kerberos Credentials
          1. CAPEC-509: Kerberoasting
          2. CAPEC-645: Use of Captured Tickets (Pass The Ticket)
       4. CAPEC-653: Use of Known Windows Credentials
          1. CAPEC-561: Windows Admin Shares with Stolen Credentials
          2. CAPEC-644: Use of Captured Hashes (Pass The Hash)
   12. Password Abuse
       1. CAPEC-50: Password Recovery Exploitation
       2. CAPEC-16: Dictionary Based Password Attack
       3. CAPEC-49: Password Brute Forcing
          1. CAPEC-565: Password Spraying
       4. CAPEC-70 Try Common or Default Usernames and Passwords
       5. CAPEC-55: Rainbow Table Password Cracking
   13. Encryption Abuse
       1. CAPEC-112: Brute Force
       2. CAPEC-20: Encryption Brute Forcing
   14. CAPEC-549: Local Code Execution
       1. CAPEC-542: Targeted Malware
          1. CAPEC-550: Install New Service
          2. CAPEC-551: Modify Existing Service
          3. CAPEC-552: Install Rootkit
          4. CAPEC-556: Replace File Extension Handlers
          5. CAPEC-558: Replace Trusted Executable
          6. CAPEC-564: Run Software at Login
          7. CAPEC-579: Replace Winlogon Helper DLL
   15. CAPEC-248: Command Injection
       1. CAPEC-136 LDAP Injection
       2. CAPEC-66 SQL Injection
          1. CAPEC-7: Blind SQL Injection
          2. CAPEC-109: Object Relational Mapping Injection
          3. CAPEC-110: SQL Injection through SOAP Parameter Tampering
          4. CAPEC-108: Command Line Execution through SQL Injection
          5. CAPEC-470: Expanding Control over the Operating System from the Database
       3. CAPEC-88 OS Command Injection
       4. CAPEC-183 IMAP/SMTP Command Injection
       5. CAPEC-250 XML Injection
          1. CAPEC-83: XPath Injection
          2. CAPEC-84: XQuery Injection
          3. CAPEC-228: DTD Injection
       6. CAPEC-676 NoSQL Injection
       7. CAPEC-40 Manipulating Writeable Terminal Devices
       8. CAPEC-137: Parameter Injection
          1. CAPEC-6: Argument Injection
          2. CAPEC-15: Command Delimiters
             1. CAPEC-460: HTTP Parameter Pollution (HPP)
          3. CAPEC-134: Email Injection
          4. CAPEC-135: Format String Injection
          5. CAPEC-138: Reflection Injection
          6. CAPEC-182: Flash Injection
             1. CAPEC-174: Flash Parameter Injection
             2. CAPEC-178: Cross-Site Flashing
       9. CAPEC-175: Code Inclusion
          1. CAPEC-251: Local Code Inclusion
             1. CAPEC-252: PHP Local File Inclusion
             2. CAPEC-640: Inclusion of Code in Existing Process
             3. CAPEC-660: Root/Jailbreak Detection Evasion via Hooking
          2. CAPEC-253: Remote Code Inclusion
             1. CAPEC-101: Server Side Include (SSI) Injection
             2. CAPEC-193: PHP Remote File Inclusion
             3. CAPEC-500: WebView Injection
   16. CAPEC-242: Code Injection
       1. CAPEC-19: Embedding Scripts within Scripts
       2. CAPEC-23: File Content Injection
          1. CAPEC-44: Overflow Binary Resource File
       3. CAPEC-41: Using Meta-Characters in E-mail Headers to Inject Malicious Payloads
       4. CAPEC-63: Cross-site Scripting (XSS)
          1. CAPEC-588: DOM-Based XSS
             1. CAPEC-18: XSS Through Non-Script Elements
             2. CAPEC-32: XSS Through HTTP Query String
             3. CAPEC-86: XSS Through HTTP Headers
             4. CAPEC-198: XSS Targeting Error Pages
             5. CAPEC-199: XSS Using Alternate Syntax
             6. CAPEC-243: XSS Targeting HTML Attributes
             7. CAPEC-244: XSS Targeting URI Placeholders
             8. CAPEC-245: XSS Using Doubled Characters
             9. CAPEC-247: XSS Using Invalid Characters
          2. CAPEC-591: Reflected XSS
             1. CAPEC-18: XSS Through Non-Script Elements
             2. CAPEC-32: XSS Through HTTP Query String
             3. CAPEC-86: XSS Through HTTP Headers
             4. CAPEC-198: XSS Targeting Error Pages
             5. CAPEC-199: XSS Using Alternate Syntax
             6. CAPEC-243: XSS Targeting HTML Attributes
             7. CAPEC-244: XSS Targeting URI Placeholders
             8. CAPEC-245: XSS Using Doubled Characters
             9. CAPEC-247: XSS Using Invalid Characters
          3. CAPEC-592: Stored XSS
             1. CAPEC-18: XSS Through Non-Script Elements
             2. CAPEC-32: XSS Through HTTP Query String
             3. CAPEC-86: XSS Through HTTP Headers
             4. CAPEC-198: XSS Targeting Error Pages
             5. CAPEC-199: XSS Using Alternate Syntax
             6. CAPEC-243: XSS Targeting HTML Attributes
             7. CAPEC-244: XSS Targeting URI Placeholders
             8. CAPEC-245: XSS Using Doubled Characters
             9. CAPEC-247: XSS Using Invalid Characters
             10. CAPEC-209: XSS Using MIME Type Mismatch
       5. CAPEC-468: Generic Cross-Browser Cross-Domain Theft
   17. CAPEC-240: Resource Injection
       1. CAPEC-610: Cellular Data Injection
   18. CAPEC-586: Object Injection
3. Denial of Service
   1. CAPEC-125: Flooding
      1. CAPEC-482: TCP Flood
      2. CAPEC-486: UDP Flood
      3. CAPEC-487: ICMP Flood
      4. CAPEC-488: HTTP Flood
      5. CAPEC-489: SSL Flood
      6. CAPEC-490: Amplification
      7. CAPEC-528: XML Flood
         1. CAPEC-147: XML Ping of the Death
      8. CAPEC-666: BlueSmacking
   2. CAPEC-130: Excessive Allocation
      1. CAPEC-230: Serialized Data with Nested Payloads
         1. CAPEC-197: Exponential Data Expansion
         2. CAPEC-491: Quadratic Data Expansion
      2. CAPEC-231: Oversized Serialized Data Payloads
         1. CAPEC-201: Serialized Data External Linking
         2. CAPEC-229: Serialized Data Parameter Blowup
      3. CAPEC-492: Regular Expression Exponential Blowup
      4. CAPEC-493: SOAP Array Blowup
      5. CAPEC-494: TCP Fragmentation
      6. CAPEC-495: UDP Fragmentation
      7. CAPEC-496: ICMP Fragmentation
   3. CAPEC-131: Resource Leak Exposure
   4. CAPEC-227: Sustained Client Engagement
      1. CAPEC-469: HTTP DoS
   5. CAPEC-25: Forced Deadlock
   6. CAPEC-607: Obstruction
      1. CAPEC-547: Physical Destruction of Device or Component
      2. CAPEC-582: Route Disabling
         1. CAPEC-583: Disabling Network Hardware
         2. CAPEC-584: BGP Route Disabling
         3. CAPEC-585: DNS Domain Seizure
      3. CAPEC-601: Jamming
         1. CAPEC-559: Orbital Jamming
         2. CAPEC-604: Wi-Fi Jamming
         3. CAPEC-605: Cellular Jamming
      4. CAPEC-603: Blockage
         1. CAPEC-589: DNS Blocking
         2. CAPEC-590: IP Address Blocking
         3. CAPEC-96: Block Access to Libraries
   7. CAPEC-2: Inducing Account Lockout
4. Repudiation
   1. CAPEC-268: Audit Log Manipulation
      1. CAPEC-93: Log Injection-Tampering-Forging
      2. CAPEC-81: Web Logs Tampering
   2. CAPEC-571: Block Logging to Central Repository
   3. CAPEC-67: String Format Overflow in syslog()
   4. CAPEC-195: Principal Spoof
      1. CAPEC-587: Cross Frame Scripting (XFS)
      2. CAPEC-599: Terrestrial Jamming
5. Tampering
   1. CAPEC-123: Buffer Manipulation
      1. CAPEC-100: Overflow Buffers
         1. CAPEC-10: Buffer Overflow via Environment Variables
         2. CAPEC-14: Client-side Injection-induced Buffer Overflow
         3. CAPEC-24: Filter Failure through Buffer Overflow
         4. CAPEC-256: SOAP Array Overflow
         5. CAPEC-42: MIME Conversion
         6. CAPEC-44: Overflow Binary Resource File
         7. CAPEC-45: Buffer Overflow via Symbolic Links
         8. CAPEC-46: Overflow Variables and Tags
         9. CAPEC-47: Buffer Overflow via Parameter Expansion
         10. CAPEC-67: String Format Overflow in syslog()
         11. CAPEC-8: Buffer Overflow in an API Call
         12. CAPEC-9: Buffer Overflow in Local Command-Line Utilities
      2. CAPEC-540: Overread Buffers
   2. CAPEC-124: Shared Resource Manipulation
      1. CAPEC-26: Leveraging Race Conditions
      2. CAPEC-27: Leveraging Race Conditions via Symbolic Links
      3. CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
   3. CAPEC-129: Pointer Manipulation
   4. CAPEC-272: Protocol Manipulation
      1. CAPEC-90: Reflection Attack in Authentication Protocol
      2. CAPEC-220: Client-Server Protocol Manipulation
         1. CAPEC-5: Blue Boxing
         2. CAPEC-33: HTTP Request Smuggling
         3. CAPEC-34: HTTP Response Splitting
         4. CAPEC-105: HTTP Request Splitting
         5. CAPEC-273: HTTP Response Smuggling
         6. CAPEC-274: HTTP Verb Tampering
      3. CAPEC-276: Inter-Component Protocol Manipulation
         1. CAPEC-665: Exploitation of Thunderbolt Protection Flaws
      4. CAPEC-277: Data Interchange Protocol Manipulation
      5. CAPEC-278: Web Services Protocol Manipulation
         1. CAPEC-201: Serialized Data External Linking
         2. CAPEC-221: Data Serialization External Entities Blowup
         3. CAPEC-279: SOAP Manipulation
   5. CAPEC-153: Input Data Manipulation
      1. CAPEC-126: Path Traversal
         1. CAPEC-139: Relative Path Traversal
         2. CAPEC-597: Absolute Path Traversal
         3. CAPEC-76: Manipulating Web Input to File System Calls
      2. CAPEC-128: Integer Attacks
         1. CAPEC-92: Forced Integer Overflow
      3. CAPEC-267: Leverage Alternate Encoding
         1. CAPEC-120: Double Encoding
         2. CAPEC-3: Using Leading 'Ghost' Character Sequences to Bypass Input Filters
         3. CAPEC-4: Using Alternative IP Address Encodings
         4. CAPEC-43: Exploiting Multiple Input Interpretation Layers
         5. CAPEC-52: Embedding NULL Bytes
         6. CAPEC-53: Postfix, Null Terminate, and Backslash
         7. CAPEC-64: Using Slashes and URL Encoding Combined to Bypass Validation Logic
         8. CAPEC-71: Using Unicode Encoding to Bypass Validation Logic
         9. CAPEC-72: URL Encoding
         10. CAPEC-78: Using Escaped Slashes in Alternate Encoding
         11. CAPEC-79: Using Slashes in Alternate Encoding
         12. CAPEC-80: Using UTF-8 Encoding to Bypass Validation Logic
      4. CAPEC-28: Fuzzing
      5. CAPEC-33: HTTP Request Smuggling
      6. CAPEC-34: HTTP Response Splitting
      7. CAPEC-105: HTTP Request Splitting
      8. CAPEC-165: File Manipulation
         1. CAPEC-73: User Controlled Filename
         2. CAPEC-572: Artificially Inflate File Sizes
            1. CAPEC-655: Avoid Security Tool Identification by Adding Data
         3. CAPEC-635: Alternative Execution Due to Deceptive Filenames
            1. CAPEC-649: Adding a Space to a File Extension
         4. CAPEC-636: Hiding Malicious Data or Code within Files
            1. CAPEC-168: Windows ::DATA Alternate Data Stream
      9. CAPEC-74: Manipulating State
         1. CAPEC-140: Bypassing of Intermediate Forms in Multiple-Form Sets
         2. CAPEC-663: Exploitation of TransientInstruction Execution
      10. CAPEC-75: Manipulating Writeable Configuration Files
      11. CAPEC-113: Interface Manipulation
          1. CAPEC-133: Try All Common Switches
          2. CAPEC-160: Exploit Script-Based APIs
      12. CAPEC-176: Configuration/Environment Manipulation
          1. CAPEC-75: Manipulating Writeable Configuration Files
          2. CAPEC-203: Manipulate Registry Information
             1. CAPEC-51: Poison Web Service Registry
             2. CAPEC-270: Modification of Registry Run Keys
             3. CAPEC-478: Modification of Windows Service Configuration
          3. CAPEC-271: Schema Poisoning
             1. CAPEC-146: XML Schema Poisoning
          4. CAPEC-536: Data Injection During Configuration
          5. CAPEC-578: Disable Security Software
   6. CAPEC-161: Infrastructure Manipulation
      1. CAPEC-481: Contradictory Destinations inTraffic Routing Schemes
      2. CAPEC-166: Force the System to Reset Values
      3. CAPEC-141: Cache Poisoning
         1. CAPEC-51: Poison Web Service Registry
         2. CAPEC-142: DNS Cache Poisoning
      4. CAPEC-268: Audit Log Manipulation
         1. CAPEC-93: Log Injection-Tampering-Forging
         2. CAPEC-81: Web Logs Tampering
      5. CAPEC-571: Block Logging to Central Repository
   7. CAPEC-184: Software Integrity Attack
      1. CAPEC-185: Malicious Software Download
      2. CAPEC-186: Malicious Software Update
         1. CAPEC-187: Malicious Automated Software Update via Redirection
         2. CAPEC-533: Malicious Manual Software Update
         3. CAPEC-614: Rooting SIM Cards
         4. CAPEC-657: Malicious Automated Software Update via Spoofing
      3. CAPEC-663: Exploitation of Transient Instruction Execution
      4. CAPEC-669: Alteration of a Software Update
   8. CAPEC-438: Modification During Manufacture
      1. CAPEC-444: Development Alteration
         1. CAPEC-206: Signing Malicious Code
         2. CAPEC-443: Malicious Logic Inserted into Product Software by Authorized Developer
         3. CAPEC-445: Malicious Logic Insertion into Product Software via Configuration Management Manipulation
         4. CAPEC-446: Malicious Logic Insertion into Product Software via 3rd Party Component Dependency
         5. CAPEC-511: Infiltration of Software Development Environment
         6. CAPEC-516: Hardware Component Substitution During Baselining
         7. CAPEC-520: Counterfeit Hardware Component Inserted During Product Assembly
         8. CAPEC-532: Altered Installed BIOS
         9. CAPEC-537: Infiltration of Hardware Development Environment
         10. CAPEC-538: Open-Source Library Manipulation
         11. CAPEC-539: ASIC with Malicious Functionality
         12. CAPEC-670: Software Development Tools Maliciously Altered
         13. CAPEC-672: Malicious Code Implanted During Chip Programming
         14. CAPEC-673: Developer Signing Maliciously Altered Software
         15. CAPEC-678: System Build Data Maliciously Altered
      2. CAPEC-447: Design Alteration
         1. CAPEC-517: Documentation Alteration to Circumvent Dial-down
         2. CAPEC-518: Documentation Alteration to Produce Under-Performing Systems
         3. CAPEC-519: Documentation Alteration to Cause Errors in System Design
         4. CAPEC-521: Hardware Design Specifications are Altered
         5. CAPEC-671: Requirements for ASIC Functionality Maliciously Altered
         6. CAPEC-674: Design for FPGA Maliciously Altered
   9. CAPEC-440: Hardware Integrity Attack
      1. CAPEC-401: Physically Hacking Hardware
         1. CAPEC-402: Bypassing ATA Password Security
      2. CAPEC-534: Malicious Hardware Update
         1. CAPEC-531: Hardware Component Substitution
            1. CAPEC-530: Provide Counterfeit Component
            2. CAPEC-535: Malicious Gray Market Hardware
         2. CAPEC-677: Server Functionality Compromise
   10. CAPEC-439: Manipulation During Distribution
       1. CAPEC-522: Malicious Hardware Component Replacement
       2. CAPEC-523: Malicious Software Implanted
       3. CAPEC-524: Rogue Integration Procedures
   11. CAPEC-441: Malicious Logic Insertion
       1. CAPEC-442: Infected Software
          1. CAPEC-448: Embed Virus into DLL
       2. CAPEC-452: Infected Hardware
          1. CAPEC-638: Altered Component Firmware
       3. CAPEC-456: Infected Memory
          1. CAPEC-457: USB Memory Attacks
          2. CAPEC-458: Flash Memory Attacks
   12. CAPEC-548: Contaminate Resources
   13. CAPEC-594: Traffic Injection
       1. CAPEC-595: Connection Reset
          1. CAPEC-596: TCP RST Injection
   14. CAPEC-624: Hardware Fault Injection
       1. CAPEC-625: Mobile Device Fault Injection
6. Spoofing (CAPEC-156: Engage In Deceptive Interactions)
   1. CAPEC-148: Content Spoofing
      1. CAPEC-145: Checksum Spoofing
      2. CAPEC-218: Spoofing of UDDI/ebXML Messages
      3. CAPEC-502: Intent Spoof
      4. CAPEC-627: Counterfeit GPS Signals
         1. CAPEC-628: Carry-Off GPS Attack
   2. CAPEC-151: Identity Spoofing
      1. CAPEC-194: Fake the Source of Data
         1. CAPEC-275: DNS Rebinding
         2. CAPEC-543: Counterfeit Websites
         3. CAPEC-544: Counterfeit Organizations
         4. CAPEC-598: DNS Spoofing
         5. CAPEC-633: Token Impersonation
      2. CAPEC-195: Principal Spoof
         1. CAPEC-587: Cross Frame Scripting (XFS)
         2. CAPEC-599: Terrestrial Jamming
      3. CAPEC-473: Signature Spoof
         1. CAPEC-459: Creating a Rogue Certification Authority Certificate
         2. CAPEC-474: Signature Spoofing by Key Theft
         3. CAPEC-475: Signature Spoofing by Improper Validation
         4. CAPEC-476: Signature Spoofing by Misrepresentation
         5. CAPEC-477: Signature Spoofing by Mixing Signed and Unsigned Content
         6. CAPEC-479: Malicious Root Certificate
         7. CAPEC-485: Signature Spoofing by Key Recreation
      4. CAPEC-89: Pharming
      5. CAPEC-98: Phishing
         1. CAPEC-163: Spear Phishing
         2. CAPEC-164: Mobile Phishing
         3. CAPEC-656: Voice Phishing
   3. CAPEC-154: Resource Location Spoofing
      1. CAPEC-159: Redirect Access to Libraries
         1. CAPEC-132: Symlink Attack
         2. CAPEC-38: Leveraging/Manipulating Configuration File Search Paths
         3. CAPEC-471: Search Order Hijacking
         4. CAPEC-641: DLL Side-Loading
      2. CAPEC-141: Cache Poisoning
         1. CAPEC-51: Poison Web Service Registry
         2. CAPEC-142: DNS Cache Poisoning
      3. CAPEC-616: Establish Rogue Location
         1. CAPEC-505: Scheme Squatting
         2. CAPEC-611: BitSquatting
         3. CAPEC-615: Evil Twin Wi-Fi Attack
         4. CAPEC-617: Cellular Rogue Base Station
         5. CAPEC-630: TypoSquatting
         6. CAPEC-631: SoundSquatting
         7. CAPEC-632: Homograph Attack via Homoglyphs
         8. CAPEC-667: Bluetooth Impersonation AttackS (BIAS)
   4. CAPEC-173: Action Spoofing
      1. CAPEC-103: Clickjacking
         1. CAPEC-181: Flash File Overlay
         2. CAPEC-222: iFrame Overlay
      2. CAPEC-501: Android Activity Hijack
      3. CAPEC-504: Task Impersonation
         1. CAPEC-654: Credential Prompt Impersonation
      4. CAPEC-506: Tapjacking
   5. CAPEC-416: Manipulate Human Behavior
      1. CAPEC-407: Pretexting
         1. CAPEC-383: Harvesting Information via API Event Monitoring
         2. CAPEC-412: Pretexting via Customer Service
         3. CAPEC-413: Pretexting via Tech Support
         4. CAPEC-414: Pretexting via Delivery Person
         5. CAPEC-415: Pretexting via Phone
      2. CAPEC-417: Influence Perception
         1. CAPEC-418: Influence Perception of Reciprocation
         2. CAPEC-420: Influence Perception of Scarcity
         3. CAPEC-421: Influence Perception of Authority
         4. CAPEC-422: Influence Perception of Commitment and Consistency
         5. CAPEC-423: Influence Perception of Liking
         6. CAPEC-424: Influence Perception of Consensus or Social Proof
      3. CAPEC-425: Target Influence via Framing
      4. CAPEC-426: Influence via Incentives
      5. CAPEC-427: Influence via Psychological Principles
         1. CAPEC-428: Influence via Modes of Thinking
         2. CAPEC-429: Target Influence via Eye Cues
         3. CAPEC-433: Target Influence via The Human Buffer Overflow
         4. CAPEC-434: Target Influence via Interview and Interrogation
         5. CAPEC-435: Target Influence via Instant Rapport
   6. CAPEC-389: Content Spoofing Via Application API Manipulation
7. LICENSE The MITRE Corporation (MITRE) hereby grants you a non-exclusive, royalty-free license to use Common Attack Pattern Enumeration and Classification (CAPEC™) for research, development, and commercial purposes. Any copy you make for such purposes is authorized provided that you reproduce MITRE’s copyright designation and this license in any such copy. DISCLAIMERS ALL DOCUMENTS AND THE INFORMATION CONTAINED THEREIN ARE PROVIDED ON AN "AS IS" BASIS AND THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE MITRE CORPORATION, ITS BOARD OF TRUSTEES, OFFICERS, AGENTS, AND EMPLOYEES, DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
8. This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License. Brett Crawley