T1595.002 - Vulnerability Scanning - MITRE ATT&CK

T1595.002 - Vulnerability Scanning

Sub-technique

Tattiche:
Reconnaissance

Piattaforme:
PRE

Rilevamento:
Not specified

Description:

Adversaries may scan victims for vulnerabilities that can be used during targeting. Vulnerability scans typically check if the configuration of a target host/application (ex: software and version) potentially aligns with the target of a specific exploit the adversary may seek to use.

These scans may also include more broad attempts to [Gather Victim Host Information](https://attack.mitre.org/techniques/T1592) that can be used to identify more commonly known, exploitable vulnerabilities. Vulnerability scans typically harvest running software and version numbers via server banners, listening ports, or other network artifacts.(Citation: OWASP Vuln Scanning) Information from these scans may reveal opportunities for other forms of reconnaissance (ex: [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593) or [Search Open Technical Databases](https://attack.mitre.org/techniques/T1596)), establishing operational resources (ex: [Develop Capabilities](https://attack.mitre.org/techniques/T1587) or [Obtain Capabilities](https://attack.mitre.org/techniques/T1588)), and/or initial access (ex: [Exploit Public-Facing Application](https://attack.mitre.org/techniques/T1190)).

Usato da Attori (13)

APT28
Nation-state

APT29
Nation-state

Volatile Cedar
Unknown

APT41
Nation-state

TeamTNT
Unknown

Earth Lusca
Unknown

Winter Vivern
Unknown

Dragonfly
Unknown

Aquatic Panda
Unknown

Sandworm Team
Unknown

Ember Bear
Unknown

Magic Hound
Unknown

Leviathan
Unknown

Metadata

MITRE ID:	T1595.002
STIX ID:	attack-pattern--5502c4e9-24ef-...
Piattaforme:	PRE
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00