Threats Library
Reusable threat definitions (causes on the left side of bow-tie diagrams).
Add Threat
Tags:
clear tags
9 threats — page 1 of 1
| Name | Category | Tags | Description | |
|---|---|---|---|---|
| OS Credential Dumping | Credential Access | Adversaries may attempt to dump credentials to obtain account login and credential material, normall… | Edit | |
| OS Credential Dumping: /etc/passwd and /etc/shadow | Credential Access | Adversaries may attempt to dump the contents of /etc/passwd and /etc/shadow to enable offline passwo… | Edit | |
| OS Credential Dumping: Cached Domain Credentials | Credential Access | Adversaries may attempt to access cached domain credentials used to allow authentication to occur in… | Edit | |
| OS Credential Dumping: DCSync | Credential Access | Adversaries may attempt to access credentials and other sensitive information by abusing a Windows D… | Edit | |
| OS Credential Dumping: LSA Secrets | Credential Access | Adversaries with SYSTEM access to a host may attempt to access Local Security Authority (LSA) secret… | Edit | |
| OS Credential Dumping: LSASS Memory | Credential Access | Adversaries may attempt to access credential material stored in the process memory of the Local Secu… | Edit | |
| OS Credential Dumping: NTDS | Credential Access | Adversaries may attempt to access or create a copy of the Active Directory domain database in order … | Edit | |
| OS Credential Dumping: Proc Filesystem | Credential Access | Adversaries may gather credentials from the proc filesystem or /proc. The proc filesystem is a pseud… | Edit | |
| OS Credential Dumping: Security Account Manager | Credential Access | Adversaries may attempt to extract credential material from the Security Account Manager (SAM) datab… | Edit |