CAPEC攻击模式浏览

Common Attack Pattern Enumeration and Classification（通用攻击模式枚举与分类）- 常见攻击模式的综合字典和分类

总攻击模式数

615

分类数

78

视图数

13

列表视图树型视图

CAPEC攻击模式列表共 615 条

CAPEC ID	名称	抽象级别	严重程度	状态	操作
CAPEC-229	Serialized Data Parameter Blowup	Detailed	High	Draft	查看详情
CAPEC-230	Serialized Data with Nested Payloads	Standard	High	Draft	查看详情
CAPEC-231	Oversized Serialized Data Payloads	Standard	High	Draft	查看详情
CAPEC-233	Privilege Escalation	Meta	-	Draft	查看详情
CAPEC-234	Hijacking a privileged process	Standard	Medium	Draft	查看详情
CAPEC-235	DEPRECATED: Implementing a callback to system routine (old AWT Queue)	Detailed	-	Deprecated	查看详情
CAPEC-236	DEPRECATED: Catching exception throw/signal from privileged block	Detailed	-	Deprecated	查看详情
CAPEC-237	Escaping a Sandbox by Calling Code in Another Language	Detailed	Very High	Draft	查看详情
CAPEC-238	DEPRECATED: Using URL/codebase / G.A.C. (code source) to convince sandbox of privilege	Detailed	-	Deprecated	查看详情
CAPEC-239	DEPRECATED: Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc.	Detailed	-	Deprecated	查看详情
CAPEC-240	Resource Injection	Meta	High	Stable	查看详情
CAPEC-241	DEPRECATED: Code Injection	Meta	-	Deprecated	查看详情
CAPEC-242	Code Injection	Meta	High	Stable	查看详情
CAPEC-243	XSS Targeting HTML Attributes	Detailed	Medium	Draft	查看详情
CAPEC-244	XSS Targeting URI Placeholders	Detailed	High	Draft	查看详情
CAPEC-245	XSS Using Doubled Characters	Detailed	Medium	Draft	查看详情
CAPEC-246	DEPRECATED: XSS Using Flash	Detailed	-	Deprecated	查看详情
CAPEC-247	XSS Using Invalid Characters	Detailed	Medium	Draft	查看详情
CAPEC-248	Command Injection	Meta	High	Stable	查看详情
CAPEC-249	DEPRECATED: Linux Terminal Injection	Standard	-	Deprecated	查看详情