Note: the inference is not fully transitive in this release. This page is experimental and will change significantly in future releases.
Artifact Details: Credential
Object Properties
- name
- Credential
- identifier
- d3f:Credential
- see also
- http://dbpedia.org/page/Access_control
- definition
- A credential is a physical/tangible object, a piece of knowledge, or a facet of a person's physical being that enables an individual access to a given physical facility or computer-based information system. Typically, credentials can be something a person knows (such as a number or PIN), something they have (such as an access badge), something they are (such as a biometric feature), something they do (measurable behavioral patterns) or some combination of these items. This is known as multi-factor authentication. The typical credential is an access card or key-fob, and newer software can also turn users' smartphones into access devices.
- defined by
- https://en.wikipedia.org/wiki/Access_control#Credential
Parent Classes
graph LR; d3f:Credential --> |"rdfs:subClassOf" |d3f:DigitalArtifact; click d3f:Credential href "/dao/artifact/d3f:Credential"; click d3f:DigitalArtifact href "/dao/artifact/d3f:DigitalArtifact";
Inferred Relationships
Sub Classes:
filtered
Related Countermeasure Techniques:
graph LR; AuthenticationCacheInvalidation["Authentication Cache Invalidation"] --> | disables | Credential["Credential"]; class AuthenticationCacheInvalidation DefensiveTechniqueNode; class Credential ArtifactNode; click AuthenticationCacheInvalidation href "technique/d3f:AuthenticationCacheInvalidation"; click Credential href "dao/artifact/d3f:Credential";DecoySessionToken["Decoy Session Token"] --> | spoofs | AccessToken["Access Token"]; class DecoySessionToken DefensiveTechniqueNode; class AccessToken ArtifactNode; click DecoySessionToken href "technique/d3f:DecoySessionToken"; click AccessToken href "dao/artifact/d3f:AccessToken";DecoyUserCredential["Decoy User Credential"] --> | spoofs | Credential["Credential"]; class DecoyUserCredential DefensiveTechniqueNode; class Credential ArtifactNode; click DecoyUserCredential href "technique/d3f:DecoyUserCredential"; click Credential href "dao/artifact/d3f:Credential";One-timePassword["One-time Password"] --> | use-limits | Password["Password"]; class One-timePassword DefensiveTechniqueNode; class Password ArtifactNode; click One-timePassword href "technique/d3f:One-timePassword"; click Password href "dao/artifact/d3f:Password";StrongPasswordPolicy["Strong Password Policy"] --> | strengthens | Password["Password"]; class StrongPasswordPolicy DefensiveTechniqueNode; class Password ArtifactNode; click StrongPasswordPolicy href "technique/d3f:StrongPasswordPolicy"; click Password href "dao/artifact/d3f:Password";
Related Offensive Techniques:
graph LR; T1003008["/etc/passwd and /etc/shadow"] --> |accesses| Credential["Credential"]; class T1003008 OffensiveTechniqueNode; class Credential ArtifactNode; click T1003008 href "/offensive-technique/attack/T1003.008/"; click Credential href "dao/artifact/d3f:Credential";T1003008["/etc/passwd and /etc/shadow"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1003008 OffensiveTechniqueNode; class EncryptedCredential ArtifactNode; click T1003008 href "/offensive-technique/attack/T1003.008/"; click EncryptedCredential href "dao/artifact/d3f:EncryptedCredential";T1098001["Additional Azure Service Principal Credentials"] --> |creates| Credential["Credential"]; class T1098001 OffensiveTechniqueNode; class Credential ArtifactNode; click T1098001 href "/offensive-technique/attack/T1098.001/"; click Credential href "dao/artifact/d3f:Credential";T1550001["Application Access Token"] --> |uses| AccessToken["Access Token"]; class T1550001 OffensiveTechniqueNode; class AccessToken ArtifactNode; click T1550001 href "/offensive-technique/attack/T1550.001/"; click AccessToken href "dao/artifact/d3f:AccessToken";T1552003["Bash History"] --> |accesses| Credential["Credential"]; class T1552003 OffensiveTechniqueNode; class Credential ArtifactNode; click T1552003 href "/offensive-technique/attack/T1552.003/"; click Credential href "dao/artifact/d3f:Credential";T1003005["Cached Domain Credentials"] --> |accesses| Credential["Credential"]; class T1003005 OffensiveTechniqueNode; class Credential ArtifactNode; click T1003005 href "/offensive-technique/attack/T1003.005/"; click Credential href "dao/artifact/d3f:Credential";T1003005["Cached Domain Credentials"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1003005 OffensiveTechniqueNode; class EncryptedCredential ArtifactNode; click T1003005 href "/offensive-technique/attack/T1003.005/"; click EncryptedCredential href "dao/artifact/d3f:EncryptedCredential";T1552005["Cloud Instance Metadata API"] --> |accesses| Credential["Credential"]; class T1552005 OffensiveTechniqueNode; class Credential ArtifactNode; click T1552005 href "/offensive-technique/attack/T1552.005/"; click Credential href "dao/artifact/d3f:Credential";T1134002["Create Process with Token"] --> |copies| AccessToken["Access Token"]; class T1134002 OffensiveTechniqueNode; class AccessToken ArtifactNode; click T1134002 href "/offensive-technique/attack/T1134.002/"; click AccessToken href "dao/artifact/d3f:AccessToken";T1552001["Credentials in Files"] --> |accesses| Credential["Credential"]; class T1552001 OffensiveTechniqueNode; class Credential ArtifactNode; click T1552001 href "/offensive-technique/attack/T1552.001/"; click Credential href "dao/artifact/d3f:Credential";T1552002["Credentials in Registry"] --> |accesses| Credential["Credential"]; class T1552002 OffensiveTechniqueNode; class Credential ArtifactNode; click T1552002 href "/offensive-technique/attack/T1552.002/"; click Credential href "dao/artifact/d3f:Credential";T1003006["DCSync"] --> |accesses| Credential["Credential"]; class T1003006 OffensiveTechniqueNode; class Credential ArtifactNode; click T1003006 href "/offensive-technique/attack/T1003.006/"; click Credential href "dao/artifact/d3f:Credential";T1558001["Golden Ticket"] --> |forges| KerberosTicketGrantingTicket["Kerberos Ticket Granting Ticket"]; class T1558001 OffensiveTechniqueNode; class KerberosTicketGrantingTicket ArtifactNode; click T1558001 href "/offensive-technique/attack/T1558.001/"; click KerberosTicketGrantingTicket href "dao/artifact/d3f:KerberosTicketGrantingTicket";T1558001["Golden Ticket"] --> |may-access| KerberosTIcket["Kerberos TIcket"]; class T1558001 OffensiveTechniqueNode; class KerberosTIcket ArtifactNode; click T1558001 href "/offensive-technique/attack/T1558.001/"; click KerberosTIcket href "dao/artifact/d3f:KerberosTIcket";T1558001["Golden Ticket"] --> |may-create| KerberosTIcket["Kerberos TIcket"]; class T1558001 OffensiveTechniqueNode; class KerberosTIcket ArtifactNode; click T1558001 href "/offensive-technique/attack/T1558.001/"; click KerberosTIcket href "dao/artifact/d3f:KerberosTIcket";T1552006["Group Policy Preferences"] --> |accesses| Credential["Credential"]; class T1552006 OffensiveTechniqueNode; class Credential ArtifactNode; click T1552006 href "/offensive-technique/attack/T1552.006/"; click Credential href "dao/artifact/d3f:Credential";T1558003["Kerberoasting"] --> |may-access| KerberosTIcket["Kerberos TIcket"]; class T1558003 OffensiveTechniqueNode; class KerberosTIcket ArtifactNode; click T1558003 href "/offensive-technique/attack/T1558.003/"; click KerberosTIcket href "dao/artifact/d3f:KerberosTIcket";T1558003["Kerberoasting"] --> |may-create| KerberosTIcket["Kerberos TIcket"]; class T1558003 OffensiveTechniqueNode; class KerberosTIcket ArtifactNode; click T1558003 href "/offensive-technique/attack/T1558.003/"; click KerberosTIcket href "dao/artifact/d3f:KerberosTIcket";T1003004["LSA Secrets"] --> |accesses| Credential["Credential"]; class T1003004 OffensiveTechniqueNode; class Credential ArtifactNode; click T1003004 href "/offensive-technique/attack/T1003.004/"; click Credential href "dao/artifact/d3f:Credential";T1003001["LSASS Memory"] --> |accesses| Credential["Credential"]; class T1003001 OffensiveTechniqueNode; class Credential ArtifactNode; click T1003001 href "/offensive-technique/attack/T1003.001/"; click Credential href "dao/artifact/d3f:Credential";T1134003["Make and Impersonate Token"] --> |copies| AccessToken["Access Token"]; class T1134003 OffensiveTechniqueNode; class AccessToken ArtifactNode; click T1134003 href "/offensive-technique/attack/T1134.003/"; click AccessToken href "dao/artifact/d3f:AccessToken";T1003003["NTDS"] --> |accesses| Credential["Credential"]; class T1003003 OffensiveTechniqueNode; class Credential ArtifactNode; click T1003003 href "/offensive-technique/attack/T1003.003/"; click Credential href "dao/artifact/d3f:Credential";T1003003["NTDS"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1003003 OffensiveTechniqueNode; class EncryptedCredential ArtifactNode; click T1003003 href "/offensive-technique/attack/T1003.003/"; click EncryptedCredential href "dao/artifact/d3f:EncryptedCredential";T1003["OS Credential Dumping"] --> |accesses| Credential["Credential"]; class T1003 OffensiveTechniqueNode; class Credential ArtifactNode; click T1003 href "/offensive-technique/attack/T1003/"; click Credential href "dao/artifact/d3f:Credential";T1110002["Password Cracking"] --> |accesses| EncryptedCredential["Encrypted Credential"]; class T1110002 OffensiveTechniqueNode; class EncryptedCredential ArtifactNode; click T1110002 href "/offensive-technique/attack/T1110.002/"; click EncryptedCredential href "dao/artifact/d3f:EncryptedCredential";T1552004["Private Keys"] --> |accesses| Credential["Credential"]; class T1552004 OffensiveTechniqueNode; class Credential ArtifactNode; click T1552004 href "/offensive-technique/attack/T1552.004/"; click Credential href "dao/artifact/d3f:Credential";T1003007["Proc Filesystem"] --> |accesses| Credential["Credential"]; class T1003007 OffensiveTechniqueNode; class Credential ArtifactNode; click T1003007 href "/offensive-technique/attack/T1003.007/"; click Credential href "dao/artifact/d3f:Credential";T1003002["Security Account Manager"] --> |accesses| Credential["Credential"]; class T1003002 OffensiveTechniqueNode; class Credential ArtifactNode; click T1003002 href "/offensive-technique/attack/T1003.002/"; click Credential href "dao/artifact/d3f:Credential";T1558002["Silver Ticket"] --> |may-access| KerberosTIcket["Kerberos TIcket"]; class T1558002 OffensiveTechniqueNode; class KerberosTIcket ArtifactNode; click T1558002 href "/offensive-technique/attack/T1558.002/"; click KerberosTIcket href "dao/artifact/d3f:KerberosTIcket";T1558002["Silver Ticket"] --> |may-create| KerberosTIcket["Kerberos TIcket"]; class T1558002 OffensiveTechniqueNode; class KerberosTIcket ArtifactNode; click T1558002 href "/offensive-technique/attack/T1558.002/"; click KerberosTIcket href "dao/artifact/d3f:KerberosTIcket";T1528["Steal Application Access Token"] --> |accesses| AccessToken["Access Token"]; class T1528 OffensiveTechniqueNode; class AccessToken ArtifactNode; click T1528 href "/offensive-technique/attack/T1528/"; click AccessToken href "dao/artifact/d3f:AccessToken";T1539["Steal Web Session Cookie"] --> |accesses| SessionCookie["Session Cookie"]; class T1539 OffensiveTechniqueNode; class SessionCookie ArtifactNode; click T1539 href "/offensive-technique/attack/T1539/"; click SessionCookie href "dao/artifact/d3f:SessionCookie";T1558["Steal or Forge Kerberos Tickets"] --> |may-access| KerberosTIcket["Kerberos TIcket"]; class T1558 OffensiveTechniqueNode; class KerberosTIcket ArtifactNode; click T1558 href "/offensive-technique/attack/T1558/"; click KerberosTIcket href "dao/artifact/d3f:KerberosTIcket";T1558["Steal or Forge Kerberos Tickets"] --> |may-create| KerberosTIcket["Kerberos TIcket"]; class T1558 OffensiveTechniqueNode; class KerberosTIcket ArtifactNode; click T1558 href "/offensive-technique/attack/T1558/"; click KerberosTIcket href "dao/artifact/d3f:KerberosTIcket";T1134001["Token Impersonation/Theft"] --> |copies| AccessToken["Access Token"]; class T1134001 OffensiveTechniqueNode; class AccessToken ArtifactNode; click T1134001 href "/offensive-technique/attack/T1134.001/"; click AccessToken href "dao/artifact/d3f:AccessToken";T1552["Unsecured Credentials"] --> |accesses| Credential["Credential"]; class T1552 OffensiveTechniqueNode; class Credential ArtifactNode; click T1552 href "/offensive-technique/attack/T1552/"; click Credential href "dao/artifact/d3f:Credential";T1550004["Web Session Cookie"] --> |adds| SessionCookie["Session Cookie"]; class T1550004 OffensiveTechniqueNode; class SessionCookie ArtifactNode; click T1550004 href "/offensive-technique/attack/T1550.004/"; click SessionCookie href "dao/artifact/d3f:SessionCookie";