The MITRE Corporation
Accessing Functionality Not Properly Constrained by ACLs
Buffer Overflow via Environment Variables
Overflow Buffers
Server Side Include (SSI) Injection
Session Sidejacking
Clickjacking
Cross Zone Scripting
HTTP Request Splitting
Cross Site Tracing
Command Line Execution through SQL Injection
Object Relational Mapping Injection
Cause Web Server Misclassification
SQL Injection through SOAP Parameter Tampering
JSON Hijacking (aka JavaScript Hijacking)
Brute Force
Interface Manipulation
Authentication Abuse
Authentication Bypass
Excavation
Interception
Choosing Message Identifier
Double Encoding
Exploit Non-Production Interfaces
Privilege Abuse
Buffer Manipulation
Shared Resource Manipulation
Flooding
Path Traversal
Directory Indexing
Integer Attacks
Pointer Manipulation
Subverting Environment Variable Values
Excessive Allocation
Resource Leak Exposure
Symlink Attack
Try All Common Switches
Email Injection
Format String Injection
LDAP Injection
Parameter Injection
Reflection Injection
Relative Path Traversal
Client-side Injection-induced Buffer Overflow
Bypassing of Intermediate Forms in Multiple-Form Sets
Cache Poisoning
DNS Cache Poisoning
Detect Unpublicized Web Pages
Detect Unpublicized Web Services
Checksum Spoofing
XML Schema Poisoning
XML Ping of the Death
Content Spoofing
Explore for Predictable Temporary File Names
Command Delimiters
Collect Data from Common Resource Locations
Identity Spoofing
Input Data Manipulation
Resource Location Spoofing
Screen Temporary Files for Sensitive Information
Sniffing Attacks
Sniffing Network Traffic
Redirect Access to Libraries
Dictionary-based Password Attack
Exploit Script-Based APIs
Infrastructure Manipulation
Manipulating Hidden Fields
Spear Phishing
Mobile Phishing
File Manipulation
Force the System to Reset Values
White Box Reverse Engineering
Windows ::DATA Alternate Data Stream
Footprinting
Using Malicious Files
Web Application Fingerprinting
Action Spoofing
Flash Parameter Injection
Code Inclusion
Configuration/Environment Manipulation
Create files with the same name as files protected with a higher classification
Cross-Site Flashing
Calling Micro-Services Directly
XSS Targeting Non-Script Elements
Exploiting Incorrectly Configured Access Control Security Levels
Flash File Overlay
Flash Injection
IMAP/SMTP Command Injection
Software Integrity Attack
Malicious Software Download
Malicious Software Update
Malicious Automated Software Update via Redirection
Reverse Engineering
Black Box Reverse Engineering
Embedding Scripts within Scripts
Reverse Engineer an Executable to Expose Assumed Hidden Functionality
Read Sensitive Constants Within an Executable
Protocol Analysis
PHP Remote File Inclusion
Fake the Source of Data
Principal Spoof
Session Credential Falsification through Forging
Exponential Data Expansion
XSS Targeting Error Pages
XSS Using Alternate Syntax
Inducing Account Lockout
Encryption Brute Forcing
Removal of filters: Input filters, output filters, data masking
Serialized Data External Linking
Create Malicious Client
Manipulate Registry Information
Lifting Sensitive Data Embedded in Cache
Signing Malicious Code
Removing Important Client Functionality
Removing/short-circuiting 'Purse' logic: removing/mutating 'cash' decrements
XSS Using MIME Type Mismatch
Exploitation of Trusted Identifiers
Functionality Misuse
Fuzzing for application mapping
Communication Channel Manipulation
Exploiting Incorrectly Configured SSL/TLS
Spoofing of UDDI/ebXML Messages
XML Routing Detour Attacks
Exploiting Trust in Client
Client-Server Protocol Manipulation
Data Serialization External Entities Blowup
iFrame Overlay
Fingerprinting
Session Credential Falsification through Manipulation
Sustained Client Engagement
DTD Injection
Serialized Data Parameter Blowup
File Content Injection
Serialized Data with Nested Payloads
Oversized Serialized Data Payloads
Privilege Escalation
Hijacking a privileged process
Escaping a Sandbox by Calling Code in Another Language
Filter Failure through Buffer Overflow
Resource Injection
Code Injection
XSS Targeting HTML Attributes
XSS Targeting URI Placeholders
XSS Using Doubled Characters
XSS Using Invalid Characters
Command Injection
Forced Deadlock
XML Injection
Local Code Inclusion
PHP Local File Inclusion
Remote Code Inclusion
SOAP Array Overflow
Leveraging Race Conditions
Fuzzing for garnering other adjacent user/sensitive data
Force Use of Corrupted Files
Leverage Alternate Encoding
Audit Log Manipulation
Leveraging Race Conditions via Symbolic Links
Modification of Registry Run Keys
Schema Poisoning
Protocol Manipulation
HTTP Response Smuggling
HTTP Verb Tampering
DNS Rebinding
Inter-component Protocol Manipulation
Data Interchange Protocol Manipulation
Web Services Protocol Manipulation
SOAP Manipulation
Fuzzing
ICMP Echo Request Ping
TCP SYN Scan
Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
Enumerate Mail Exchange (MX) Records
DNS Zone Transfers
Host Discovery
Traceroute Route Enumeration
ICMP Address Mask Request
Timestamp Request
ICMP Information Request
TCP ACK Ping
UDP Ping
TCP SYN Ping
Using Leading 'Ghost' Character Sequences to Bypass Input Filters
Hijacking a Privileged Thread of Execution
Port Scanning
TCP Connect Scan
TCP FIN Scan
TCP Xmas Scan
TCP Null Scan
TCP ACK Scan
TCP Window Scan
TCP RPC Scan
UDP Scan
Network Topology Mapping
Accessing/Intercepting/Modifying HTTP Cookies
Scanning for Vulnerable Software
Active OS Fingerprinting
Passive OS Fingerprinting
IP ID Sequencing Probe
IP 'ID' Echoed Byte-Order Probe
IP (DF) 'Don't Fragment Bit' Echoing Probe
XSS Through HTTP Query Strings
TCP Timestamp Probe
TCP Sequence Number Probe
TCP (ISN) Greatest Common Divisor Probe
TCP (ISN) Counter Rate Probe
TCP (ISN) Sequence Predictability Probe
TCP Congestion Control Flag (ECN) Probe
TCP Initial Window Size Probe
TCP Options Probe
TCP 'RST' Flag Checksum Probe
ICMP Error Message Quoting Probe
HTTP Request Smuggling
ICMP Error Message Echoing Integrity Probe
ICMP IP Total Length Field Probe
ICMP IP 'ID' Field Error Message Probe
HTTP Response Splitting
Leverage Executable Code in Non-Executable Files
Using Unpublished Interfaces or Functionality
Retrieve Embedded Sensitive Data
Leveraging/Manipulating Configuration File Search Paths
Harvesting Information via API Event Monitoring
Application API Message Manipulation via Man-in-the-Middle
Transaction or Event Tampering via Application API Manipulation
Application API Navigation Remapping
Navigation Remapping To Propagate Malicious Content
Application API Button Hijacking
Content Spoofing Via Application API Manipulation
Manipulating Opaque Client-based Data Tokens
Bypassing Physical Security
Bypassing Physical Locks
Lock Bumping
Lock Picking
Using a Snap Gun Lock to Force a Lock
Bypassing Electronic Locks and Access Controls
Cloning Magnetic Strip Cards
Magnetic Strip Card Brute Force Attacks
Cloning RFID Cards or Chips
Using Alternative IP Address Encodings
Manipulating Writeable Terminal Devices
RFID Chip Deactivation or Destruction
Physically Hacking Hardware
Bypassing ATA Password Security
Dumpster Diving
Pretexting
Using Meta-characters in E-mail Headers to Inject Malicious Payloads
Information Elicitation
Pretexting via Customer Service
Pretexting via Tech Support
Pretexting via Delivery Person
Pretexting via Phone
Manipulate Human Behavior
Influence Perception
Influence Perception of Reciprocation
MIME Conversion
Influence Perception of Scarcity
Influence Perception of Authority
Influence Perception of Commitment and Consistency
Influence Perception of Liking
Influence Perception of Consensus or Social Proof
Target Influence via Framing
Influence via Incentives
Influence via Psychological Principles
Influence via Modes of Thinking
Target Influence via Eye Cues
Exploiting Multiple Input Interpretation Layers
Target Influence via The Human Buffer Overflow
Target Influence via Interview and Interrogation
Target Influence via Instant Rapport
Modification During Manufacture
Manipulation During Distribution
Overflow Binary Resource File
Hardware Integrity Attack
Malicious Logic Insertion
Infected Software
Malicious Logic Inserted Into Product by Authorized Developer
Development Alteration
Malicious Logic Insertion into Product Software via Configuration Management Manipulation
Malicious Logic Insertion into Product via Inclusion of Third-Party Component
Design Alteration
Embed Virus into DLL
Buffer Overflow via Symbolic Links
Infected Hardware
Infected Memory
USB Memory Attacks
Flash Memory Attacks
Creating a Rogue Certification Authority Certificate
Overflow Variables and Tags
HTTP Parameter Pollution (HPP)
Web Services API Signature Forgery Leveraging Hash Function Extension Weakness
Cross-Domain Search Timing
Padding Oracle Crypto Attack
Evercookie
Transparent Proxy Abuse
Leveraging Active Adversary in the Middle Attacks to Bypass Same Origin Policy
Cross Site Identification
Generic Cross-Browser Cross-Domain Theft
HTTP DoS
Buffer Overflow via Parameter Expansion
Expanding Control over the Operating System from the Database
Search Order Hijacking
Browser Fingerprinting
Signature Spoof
Signature Spoofing by Key Theft
Signature Spoofing by Improper Validation
Signature Spoofing by Misrepresentation
Signature Spoofing by Mixing Signed and Unsigned Content
Modification of Windows Service Configuration
Malicious Root Certificate
Passing Local Filenames to Functions That Expect a URL
Escaping Virtualization
Contradictory Destinations in Traffic Routing Schemes
TCP Flood
Signature Spoofing by Key Recreation
UDP Flood
ICMP Flood
HTTP Flood
SSL Flood
Password Brute Forcing
Amplification
Quadratic Data Expansion
Regular Expression Exponential Blowup
SOAP Array Blowup
TCP Fragmentation
UDP Fragmentation
ICMP Fragmentation
File Discovery
Probe iOS Screenshots
Android Intent Intercept
Blue Boxing
Password Recovery Exploitation
WebView Injection
Android Activity Hijack
Intent Spoof
WebView Exposure
Task Impersonation
Scheme Squatting
Tapjacking
Physical Theft
Shoulder Surfing
Kerberoasting
Poison Web Service Registry
SaaS User Request Forgery
Infiltration of Software Development Environment
Hardware Component Substitution During Baselining
Documentation Alteration to Circumvent Dial-down
Documentation Alteration to Produce Under-performing Systems
Documentation Alteration to Cause Errors in System Design
Embedding NULL Bytes
Counterfeit Hardware Component Inserted During Product Assembly
Hardware Design Specifications Are Altered
Malicious Hardware Component Replacement
Malicious Software Implanted
Rogue Integration Procedures
XML Flood
Malware-Directed Internal Reconnaissance
Postfix, Null Terminate, and Backslash
Provide Counterfeit Component
Hardware Component Substitution
Altered Installed BIOS
Malicious Manual Software Update
Malicious Hardware Update
Malicious Gray Market Hardware
Data Injected During Configuration
Infiltration of Hardware Development Environment
Open-Source Library Manipulation
ASIC With Malicious Functionality
Query System for Information
Overread Buffers
Application Fingerprinting
Targeted Malware
Counterfeit Websites
Counterfeit Organizations
Pull Data from System Resources
Incomplete Data Deletion in a Multi-Tenant Environment
Physical Destruction of Device or Component
Contaminate Resource
Local Execution of Code
Rainbow Table Password Cracking
Install New Service
Modify Existing Service
Install Rootkit 
Functionality Bypass
Remote Services with Stolen Credentials
Replace File Extension Handlers
Replace Trusted Executable
Orbital Jamming
Use of Known Domain Credentials
Windows Admin Shares with Stolen Credentials
Modify Shared File
Add Malicious File to Shared Webroot
Run Software at Logon
Password Spraying
Capture Credentials via Keylogger
Collect Data as Provided by Users
Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
Block Logging to Central Repository
Artificially Inflate File Sizes
Process Footprinting
Services Footprinting
Account Footprinting
Group Permission Footprinting
Owner Footprinting
Disable Security Software
Replace Winlogon Helper DLL
Restful Privilege Elevation
System Footprinting
Security Software Footprinting
Route Disabling
Disabling Network Hardware
BGP Route Disabling
DNS Domain Seizure
Object Injection
Cross Frame Scripting (XFS)
DOM-Based XSS
DNS Blocking
Session Credential Falsification through Prediction
IP Address Blocking
Reflected XSS
Stored XSS
Session Hijacking
Traffic Injection
Connection Reset
TCP RST Injection
Absolute Path Traversal
DNS Spoofing
Terrestrial Jamming
Argument Injection
Reusing Session IDs (aka Session Replay)
Credential Stuffing
Jamming
Blockage
Wi-Fi Jamming
Cellular Jamming
Weakening of Cellular Encryption
Obstruction
Cryptanalysis of Cellular Encryption
Cellular Traffic Intercept
Session Fixation
Cellular Data Injection
BitSquatting
WiFi MAC Address Tracking
WiFi SSID Tracking
Rooting SIM Cards
Evil Twin Wi-Fi Attack
Establish Rogue Location
Cellular Rogue Base Station
Cellular Broadcast Message Request
Signal Strength Tracking
Cross Site Request Forgery
Drop Encryption Level
Analysis of Packet Timing and Sizes
Electromagnetic Side-Channel Attack
Compromising Emanations Attack
Hardware Fault Injection
Mobile Device Fault Injection
Smudge Attack
Counterfeit GPS Signals
Carry-Off GPS Attack
Cross-Site Scripting (XSS)
TypoSquatting
SoundSquatting
Homograph Attack via Homoglyphs
Token Impersonation
Probe Audio and Video Peripherals
Alternative Execution Due to Deceptive Filenames
Hiding Malicious Data or Code within Files
Collect Data from Clipboard
Altered Component Firmware
Probe System Files
Using Slashes and URL Encoding Combined to Bypass Validation Logic
Inclusion of Code in Existing Process
DLL Side-Loading
Replace Binaries
Identify Shared Files/Directories on System
Use of Captured Hashes (Pass The Hash)
Use of Captured Tickets (Pass The Ticket)
Peripheral Footprinting
Collect Data from Registries
Collect Data from Screen Capture
Adding a Space to a File Extension
Sniff Application Code
Upload a Web Shell to a Web Server
Eavesdropping
Use of Known Kerberos Credentials
Use of Known Operating System Credentials
Credential Prompt Impersonation
Avoid Security Tool Identification by Adding Data
Voice Phishing
Malicious Automated Software Update via Spoofing
SQL Injection
Root/Jailbreak Detection Evasion via Hooking
Root/Jailbreak Detection Evasion via Debugging
Adversary in the Browser (AiTB)
Exploitation of Transient Instruction Execution
Server Side Request Forgery
Exploitation of Thunderbolt Protection Flaws
BlueSmacking
Bluetooth Impersonation AttackS (BIAS)
Key Negotiation of Bluetooth Attack (KNOB)
Alteration of a Software Update
String Format Overflow in syslog()
Software Development Tools Maliciously Altered
Requirements for ASIC Functionality Maliciously Altered
Malicious Code Implanted During Chip Programming
Developer Signing Maliciously Altered Software
Design for FPGA Maliciously Altered
Retrieve Data from Decommissioned Devices
NoSQL Injection
Server Motherboard Compromise
System Build Data Maliciously Altered
Exploitation of Improperly Configured or Implemented Memory Protections
Subvert Code-signing Facilities
Exploitation of Improperly Controlled Registers
Exploitation of Improperly Controlled Hardware Security Identifiers
Exploitation of Firmware or ROM Code with Unpatchable Vulnerabilities
Target Programs with Elevated Privileges
Metadata Spoofing
Spoof Open-Source Software Metadata
Spoof Version Control System Commit Metadata
StarJacking
System Location Discovery
Repo Jacking
Load Value Injection
DHCP Spoofing
Install Malicious Extension
Eavesdropping on a Monitor
Blind SQL Injection
Try Common or Default Usernames and Passwords
Network Boundary Bridging
Browser in the Middle (BiTM)
Exploiting Incorrect Chaining or Granularity of Hardware Debug Components
Using Unicode Encoding to Bypass Validation Logic
URL Encoding
User-Controlled Filename
Manipulating State
Manipulating Writeable Configuration Files
Manipulating Web Input to File System Calls
Manipulating User-Controlled Variables
Using Escaped Slashes in Alternate Encoding
Using Slashes in Alternate Encoding
Buffer Overflow in an API Call
Using UTF-8 Encoding to Bypass Validation Logic
Web Server Logs Tampering
XPath Injection
XQuery Injection
AJAX Footprinting
XSS Through HTTP Headers
Forceful Browsing
OS Command Injection
Pharming
Buffer Overflow in Local Command-Line Utilities
Reflection Attack in Authentication Protocol
Forced Integer Overflow
Log Injection-Tampering-Forging
Adversary in the Middle (AiTM)
WSDL Scanning
Block Access to Libraries
Cryptanalysis
Phishing