Application API Abuse

AWS Specific Technique

Sub-techniques (1)

ID	Name
AT1667.001	API Gateway

Application API Abuse refers to techniques that leverage vulnerabilities or misconfigurations in application APIs to gain unauthorized access and establish persistence within a target environment. This can include abusing authentication/authorization mechanisms, exploiting API design flaws, or misusing API functionality to achieve malicious objectives.

Technique Information

ID: AT1667

Aliases: AT1667

Sub-techniques:

AT1667.001

Tactics:

Persistence

Platforms:

IaaS
Amazon Web Services (AWS)

Created: 25 Feb 2025

Last Modified: 03 Jun 2025