search
GitHubPsMapExec

Unsecured Credentials

https://attack.mitre.org/techniques/T1552/

ATT&CK ID: T1552arrow-up-right

Description

Adversaries may search compromised systems to find and obtain insecurely stored credentials. These credentials can be stored and/or misplaced in many locations on a system, including plaintext files (e.g. Bash History), operating system or application-specific repositories (e.g. Credentials in Registry), or other specialized files/artifacts (e.g. Private Keys).

hashtag
Sub Techniques

hashtag
T1552:001: Credentials in Files

Credentials In Fileschevron-right

hashtag
T1552:002: Credentials in Registry

Credentials in Registrychevron-right

hashtag
T1552:006: Group Policy preferences

Group Policy Preferenceschevron-right

Last updated