CAPEC-569: Collect Data as Provided by Users (Version 3.9)
Archived: 2026-04-05 15:30:45 UTC
 Description
An attacker leverages a tool, device, or program to obtain specific information as provided by a user of the target
system. This information is often needed by the attacker to launch a follow-on attack. This attack is different than
Social Engineering as the adversary is not tricking or deceiving the user. Instead the adversary is putting a
mechanism in place that captures the information that a user legitimately enters into a system. Deploying a
keylogger, performing a UAC prompt, or wrapping the Windows default credential provider are all examples of
such interactions.
 Relationships
This table shows the other attack patterns and high level categories that are related to this attack pattern. These
relationships are defined as ChildOf and ParentOf, and give insight to similar items that may exist at higher and
lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to
show similar attack patterns that the user may want to explore.
This table shows the views that this attack pattern belongs to and top level categories within that view.
 Taxonomy Mappings
CAPEC mappings to ATT&CK techniques leverage an inheritance model to streamline and minimize direct
CAPEC/ATT&CK mappings. Inheritance of a mapping is indicated by text stating that the parent CAPEC has
relevant ATT&CK mappings. Note that the ATT&CK Enterprise Framework does not use an inheritance model as
part of the mapping to CAPEC.
Relevant to the ATT&CK taxonomy mapping
Entry ID Entry Name
1056 Input Capture
 Content History
Submissions
Submission Date Submitter Organization
2015-11-09
(Version 2.7)
CAPEC Content Team The MITRE Corporation
https://capec.mitre.org/data/definitions/569.html
Page 1 of 2

Modifications
Modification Date Modifier Organization
2018-07-31
(Version 2.12)
CAPEC Content Team The MITRE Corporation
Updated References
2019-09-30
(Version 3.2)
CAPEC Content Team The MITRE Corporation
Updated Related_Attack_Patterns
2020-07-30
(Version 3.3)
CAPEC Content Team The MITRE Corporation
Updated Related_Attack_Patterns, Taxonomy_Mappings
2021-06-24
(Version 3.5)
CAPEC Content Team The MITRE Corporation
Updated Related_Attack_Patterns, Taxonomy_Mappings
More information is available — Please select a different filter.
Source: https://capec.mitre.org/data/definitions/569.html
https://capec.mitre.org/data/definitions/569.html
Page 2 of 2