Credential Access (6 techniques)
MITRE ATLAS tactic
The adversary is trying to steal account names and passwords. Credential Access consists of techniques for stealing credentials like account names and passwords. Techniques used to get credentials include keylogging or credential dumping. Using legitimate credentials can give adversaries access to systems, make them harder to detect, and provide the opportunity to create more accounts to help achieve their goals.
Techniques
- AML.T0055 — Unsecured Credentials Maturity: realized
- AML.T0082 — RAG Credential Harvesting Maturity: demonstrated
- AML.T0083 — Credentials from AI Agent Configuration Maturity: demonstrated
- AML.T0090 — OS Credential Dumping Maturity: demonstrated
- AML.T0098 — AI Agent Tool Credential Harvesting Maturity: demonstrated
- AML.T0106 — Exploitation for Credential Access Maturity: demonstrated
AI red teaming training, taught by practitioners.
Hands-on courses on adversarial AI, prompt injection, and AI security operations.
View AI Security Courses