{
	"id": "d4d7a1bf-0555-4ca9-8930-8d3a778eabf8",
	"created_at": "2026-04-06T00:06:19.997224Z",
	"updated_at": "2026-04-10T13:12:31.892902Z",
	"deleted_at": null,
	"sha1_hash": "7ab21dc2ead123c17391d362ec190c5f914b40f2",
	"title": "CAPEC-569: Collect Data as Provided by Users (Version 3.9)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 38504,
	"plain_text": "CAPEC-569: Collect Data as Provided by Users (Version 3.9)\r\nArchived: 2026-04-05 15:30:45 UTC\r\n Description\r\nAn attacker leverages a tool, device, or program to obtain specific information as provided by a user of the target\r\nsystem. This information is often needed by the attacker to launch a follow-on attack. This attack is different than\r\nSocial Engineering as the adversary is not tricking or deceiving the user. Instead the adversary is putting a\r\nmechanism in place that captures the information that a user legitimately enters into a system. Deploying a\r\nkeylogger, performing a UAC prompt, or wrapping the Windows default credential provider are all examples of\r\nsuch interactions.\r\n Relationships\r\nThis table shows the other attack patterns and high level categories that are related to this attack pattern. These\r\nrelationships are defined as ChildOf and ParentOf, and give insight to similar items that may exist at higher and\r\nlower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to\r\nshow similar attack patterns that the user may want to explore.\r\nThis table shows the views that this attack pattern belongs to and top level categories within that view.\r\n Taxonomy Mappings\r\nCAPEC mappings to ATT\u0026CK techniques leverage an inheritance model to streamline and minimize direct\r\nCAPEC/ATT\u0026CK mappings. Inheritance of a mapping is indicated by text stating that the parent CAPEC has\r\nrelevant ATT\u0026CK mappings. Note that the ATT\u0026CK Enterprise Framework does not use an inheritance model as\r\npart of the mapping to CAPEC.\r\nRelevant to the ATT\u0026CK taxonomy mapping\r\nEntry ID Entry Name\r\n1056 Input Capture\r\n Content History\r\nSubmissions\r\nSubmission Date Submitter Organization\r\n2015-11-09\r\n(Version 2.7)\r\nCAPEC Content Team The MITRE Corporation\r\nhttps://capec.mitre.org/data/definitions/569.html\r\nPage 1 of 2\n\nModifications\r\nModification Date Modifier Organization\r\n2018-07-31\r\n(Version 2.12)\r\nCAPEC Content Team The MITRE Corporation\r\nUpdated References\r\n2019-09-30\r\n(Version 3.2)\r\nCAPEC Content Team The MITRE Corporation\r\nUpdated Related_Attack_Patterns\r\n2020-07-30\r\n(Version 3.3)\r\nCAPEC Content Team The MITRE Corporation\r\nUpdated Related_Attack_Patterns, Taxonomy_Mappings\r\n2021-06-24\r\n(Version 3.5)\r\nCAPEC Content Team The MITRE Corporation\r\nUpdated Related_Attack_Patterns, Taxonomy_Mappings\r\nMore information is available — Please select a different filter.\r\nSource: https://capec.mitre.org/data/definitions/569.html\r\nhttps://capec.mitre.org/data/definitions/569.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://capec.mitre.org/data/definitions/569.html"
	],
	"report_names": [
		"569.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775433979,
	"ts_updated_at": 1775826751,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/7ab21dc2ead123c17391d362ec190c5f914b40f2.pdf",
		"text": "https://archive.orkl.eu/7ab21dc2ead123c17391d362ec190c5f914b40f2.txt",
		"img": "https://archive.orkl.eu/7ab21dc2ead123c17391d362ec190c5f914b40f2.jpg"
	}
}