Unsecured Credentials

Type: technique

Description: Adversaries may search compromised systems to find and obtain insecurely stored credentials. These credentials can be stored and/or misplaced in many locations on a system, including plaintext files (e.g. bash history), environment variables, operating system, or application-specific repositories (e.g. Credentials in Registry), or other specialized files/artifacts (e.g. private keys).

Version: 0.1.0

Created At: 2025-03-04 10:27:40 -0500

Last Modified At: 2025-03-04 10:27:40 -0500

External References

--> Credential Access (tactic): Exploiting improperly secured credentials to gain unauthorized access to systems or machine learning environments.
<-- RAG Credential Harvesting (technique): Sub-technique of
<-- Retrieval Tool Credential Harvesting (technique): Sub-technique of

MITRE ATLAS - AML.T0055

GenAI Attacks Matrix

Unsecured Credentials

External References

Related Objects

Related Frameworks