Stuffing
MITRE ATT&CK™ Sub-technique T1110.004
Last updated
Was this helpful?
MITRE ATT&CK™ Sub-technique T1110.004
Last updated
Was this helpful?
When credentials are found (through or for instance), attackers can try to use them to obtain access on other accounts. This attacks can be powerful against organizations that use shared or common passwords.
This technique can be combined with when attackers try to operate transformations to the recovered passwords (i.e. numbers and special characters before or after, capital letters, l33tspeak, and so on). These new password lists can even be used in an additional process.
used for guessing can be used for stuffing and guessing.