EXPLORE
Sign In
← Back to Explore
T1595.003

Wordlist Scanning

Adversaries may iteratively probe infrastructure using brute-forcing and crawling techniques. While this technique employs similar methods to [Brute Force](https://attack.mitre.org/techniques/T1110), its goal is the identification of content and infrastructure rather than the discovery of valid credentials. Wordlists used in these scans may contain generic, commonly used names and file extensions or terms specific to a particular software. Adversaries may also create custom, target-specific word...

PRE
7
Detections
1
Sources
2
Threat Actors

BY SOURCE

7elastic

PROCEDURES (6)

Unusual2 detections

Auto-extracted: 2 detections for unusual

Authentication Monitoring1 detections

Auto-extracted: 1 detections for authentication monitoring

Network Connection Monitoring1 detections

Auto-extracted: 1 detections for network connection monitoring

General Monitoring1 detections

Auto-extracted: 1 detections for general monitoring

Suspicious1 detections

Auto-extracted: 1 detections for suspicious

Suspicious1 detections

Auto-extracted: 1 detections for suspicious

THREAT ACTORS (2)

APT41Volatile Cedar

DETECTIONS (7)

Kubernetes Potential Endpoint Permission Enumeration Attempt by Anonymous User Detected
elasticmedium
Potential Linux Hack Tool Launched
elasticmedium
Potential Spike in Web Server Error Logs
elasticlow
Web Server Discovery or Fuzzing Activity
elasticlow
Web Server Potential Command Injection Request
elasticlow
Web Server Potential Spike in Error Response Codes
elasticlow
Web Server Suspicious User Agent Requests
elasticlow